+ 3
Exploit in Java regex implementation?
See https://code.sololearn.com/cVRUy2BwauK8#java class Playground { public static void main(String[ ] args) { System.out.println("/a/a/".replaceAll("/", "/")); System.out.println("a/a/a".replaceAll("/", "/")); System.out.println("/a/a/a".replaceAll("/", "")); System.out.println("/a/a/a".replaceAll("/", "/")); } } This program generates the following output: /a/a/ a/a/a aaa ..\Playground\ The first 3 are expected; the last one is not.
1 Answer
+ 2
Huh. That's weird - thinking about it in my head and later running it in my ide, the last one is /a/a/a.
I tried searching it up on Sololearn, but I didn't see much of about this issue.
Here are some tests I tried out:
System.out.println("/a/a/a/".replaceAll("/", "/")); // outputs ..\Playground\/
System.out.println("/a/a/a//".replaceAll("/", "/")); // outputs ..\Playground\//
System.out.println("/a/a/a/a".replaceAll("/", "/")); // outputs ..\Playground\
System.out.println("/a/a/ab".replaceAll("/", "/")); // outputs ..\Playground\
System.out.println("\\a\\a\\a".replaceAll("\\\\", "\\\\")); // outputs \a\a\a
/* Apparently, no matter how many backslashes you put, code playground doesn't make the same mistake it does with the forward slash??? */
System.out.println("-a-a-a".replaceAll("-", "-")); // outputs -a-a-a
/* Compiler seems to make only this mistake with forward slashes. Okay.
This link here about how online compilers work could say something about this issue, but so far I got nothing: https://www.quora.com/How-do-online-compilers-compilr-com-work
Perhaps it's just a small bug that nobody noticed yet? My only guess is that the code used to interpret the Java code misinterprets the forward slash in this regex specific case and has an internal error that we're not told about.