Originally reported by here:
download rust repo https://github.com/rust-lang/rust
I tested with revision de857bbcf02d192986efc380b4735d8c9bea85ac
enabled GENERIC_PASSWORD rule
started repository scan
Scan is failed with timeout error. Cause is slowparse-bstring.rs and slowparse-string.rs files
The issue with slowparse-bstring.rs is that there’s a single huge line (hundreds of Kb). It actually breaks syntax highlighting in Vim also (errors with "pattern uses more memory than maxmempattern").
This was reproduced with the generic password rule, but is likely an issue with the other rules too if the lines are long enough. The generic password regex is more general, so it's much less efficient. => On this ticket the generic password rule was optimized.
We should put a hard cap on line length we handle. Just break unreasonably long lines into shorter chunks to scan. => Deferred to SOTERIA-106