Performance enhancement of the GENERIC_PASSWORD rule

Description

Originally reported by here:

  1. download rust repo https://github.com/rust-lang/rust

  2. I tested with revision de857bbcf02d192986efc380b4735d8c9bea85ac

  3. enabled GENERIC_PASSWORD rule

  4. started repository scan

  5. Scan is failed with timeout error. Cause is slowparse-bstring.rs and slowparse-string.rs files

The issue with slowparse-bstring.rs is that there’s a single huge line (hundreds of Kb). It actually breaks syntax highlighting in Vim also (errors with "pattern uses more memory than maxmempattern").

This was reproduced with the generic password rule, but is likely an issue with the other rules too if the lines are long enough. The generic password regex is more general, so it's much less efficient. => On this ticket the generic password rule was optimized.

We should put a hard cap on line length we handle. Just break unreasonably long lines into shorter chunks to scan. => Deferred to SOTERIA-106

Environment

None

Assignee

Alexey Remnev

Reporter

George V @Mohami

Sprint

None

Labels

None

Github URL

None

Priority

Medium
Configure