Added timeout to avoid blocking regexes

This commit is contained in:
Xavier Mertens 2018-11-02 15:49:06 +01:00
parent 9bfb7a5fb6
commit 9e7ca84581

View file

@ -18,6 +18,7 @@ Xavier Mertens <xavier@rootshell.be>
import time import time
import os import os
import re import re
import signal
from pubsublogger import publisher from pubsublogger import publisher
#from bin.packages import Paste #from bin.packages import Paste
@ -26,6 +27,14 @@ from pubsublogger import publisher
from packages import Paste from packages import Paste
from Helper import Process from Helper import Process
class TimeoutException(Exception):
pass
def timeout_handler(signum, frame):
raise TimeoutException
signal.signal(signal.SIGALRM, timeout_handler)
# Change the path to your preferred one # Change the path to your preferred one
regexConfig = 'packages/regex.cfg' regexConfig = 'packages/regex.cfg'
@ -84,14 +93,21 @@ def search_regex(paste):
for r in regexes: for r in regexes:
(tag,pattern) = r.split('||') (tag,pattern) = r.split('||')
if re.findall(pattern, content, re.MULTILINE|re.IGNORECASE): signal.alarm(max_execution_time)
publisher.warning('Regex match: {} ({})'.format(pattern, tag)) try:
# Sanitize tag to make it easy to read if re.findall(pattern, content, re.MULTILINE|re.IGNORECASE):
tag = tag.strip().lower().replace(' ','-') publisher.warning('Regex match: {} ({})'.format(pattern, tag))
print('regex {} found'.format(tag)) # Sanitize tag to make it easy to read
msg = 'infoleak:automatic-detection="regex-{}";{}'.format(tag, message) tag = tag.strip().lower().replace(' ','-')
p.populate_set_out(msg, 'Tags') print('regex {} found'.format(tag))
find = True msg = 'infoleak:automatic-detection="regex-{}";{}'.format(tag, message)
p.populate_set_out(msg, 'Tags')
find = True
except TimeoutException:
print ("{0} processing timeout".format(paste.p_path))
continue
else:
signal.alarm(0)
if find: if find:
#Send to duplicate #Send to duplicate
@ -115,6 +131,7 @@ if __name__ == '__main__':
# Setup the I/O queues # Setup the I/O queues
p = Process(config_section) p = Process(config_section)
max_execution_time = p.config.getint(config_section, "max_execution_time")
# Sent to the logging a description of the module # Sent to the logging a description of the module
publisher.info("Run Regex module ") publisher.info("Run Regex module ")