=~ and rescue

Discussion in 'Ruby' started by Patrick Gundlach, Oct 19, 2003.

  1. Dear Ruby-Hackers,

    i'd like to catch a malformed regular expression like this:

    %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
    #!/usr/bin/ruby

    begin
    "abcd" =~ /*foo*/
    rescue StandardError
    puts "error"
    end
    %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


    The above does not work (-:4: invalid regular expression; there's no
    previous pattern, to which '*' would define cardinality at 1: /*foo*/)

    How do I catch this correctly?

    Patrick
    --
    pg <at> levana .de
     
    Patrick Gundlach, Oct 19, 2003
    #1
    1. Advertising

  2. In article <>, Patrick Gundlach wrote:
    > Dear Ruby-Hackers,
    >
    > i'd like to catch a malformed regular expression like this:
    > "abcd" =~ /*foo*/
    > rescue StandardError
    > puts "error"
    > end


    Why would you want to do that? Its an error that can be caught
    at compile-time, so why let it go until run-time? You can fool
    it into missing the error like this, if you want -

    regexString = "*foo*"
    begin
    "abcd" =~ /#{regexString}/
    rescue RegexpError
    puts "Oops"
    end

    ....but I don't see what this gains.
     
    Jason Williams, Oct 19, 2003
    #2
    1. Advertising

  3. Hi,

    > Why would you want to do that? Its an error that can be caught
    > at compile-time, so why let it go until run-time?


    Because I want to let a user create a regexp and use it in /../.


    > You can fool it into missing the error like this, if you want -


    [....]

    great!

    Thank you very much.

    BTW: Is there something like a generic Error that can be used with
    rescue?

    Like

    begin
    something bad
    rescue anyerror
    recover
    end

    Patrick
     
    Patrick Gundlach, Oct 19, 2003
    #3
  4. ansering my own post...

    > BTW: Is there something like a generic Error that can be used with
    > rescue?


    > Like
    >
    > begin
    > something bad
    > rescue anyerror
    > recover
    > end


    I guess it is just rescue without any parameter?

    Patrick
     
    Patrick Gundlach, Oct 19, 2003
    #4
  5. Patrick Gundlach

    henon Guest

    Patrick Gundlach wrote:

    [...]

    >
    > BTW: Is there something like a generic Error that can be used with
    > rescue?


    the superclass of all exceptions is Exception.

    so:

    begin
    ...
    rescue Exception
    end

    will definitely catch any exceptions thrown between begin and end.

    >
    > Patrick


    -- henon
     
    henon, Oct 19, 2003
    #5
  6. Patrick Gundlach

    henon Guest

    Patrick Gundlach wrote:
    [...]

    > I guess it is just rescue without any parameter?


    No, that rescues just StandardError
    >
    > Patrick


    also, if you get regexp input from your users be aware of the fact,
    that a regexp may execute ruby code:

    this is a regexp that prints Hello World!

    /#{puts 'Hello World!'}/

    cheers,
    - henon
     
    henon, Oct 19, 2003
    #6
  7. regexp

    Hi,

    henon <> writes:

    > No, that rescues just StandardError


    good to know. Next time I should read the pickaxe more carefully.

    > also, if you get regexp input from your users be aware of the fact,
    > that a regexp may execute ruby code:
    >
    > this is a regexp that prints Hello World!
    >
    > /#{puts 'Hello World!'}/


    Oh no! Is there any simple way to circumvent this? Or do I have to
    analyze (strip #{...} from) the regexp?

    Thank you for the important hint.

    Patrick
     
    Patrick Gundlach, Oct 19, 2003
    #7
  8. "Patrick Gundlach" <> schrieb im
    Newsbeitrag news:...
    > Hi,
    >
    > > Why would you want to do that? Its an error that can be caught
    > > at compile-time, so why let it go until run-time?

    >
    > Because I want to let a user create a regexp and use it in /../.


    But then I'd use Regexp.new:

    user_regexp = get_input()

    begin
    rx = Regexp.new( user_regexp, user_set_flags )
    rescue RegexpError => e
    user_feedback( e )
    end

    Regards

    robert
     
    Robert Klemme, Oct 19, 2003
    #8
  9. regexp

    Hello again,

    henon <> writes:

    > also, if you get regexp input from your users be aware of the fact,
    > that a regexp may execute ruby code:
    >
    > this is a regexp that prints Hello World!
    >
    > /#{puts 'Hello World!'}/


    But not in this case:

    --------------------------------------------------
    #!/usr/bin/ruby

    malcode="#" + "{ puts 'hallo' }"

    puts malcode # prints #{ puts 'hallo' }

    "foo" =~ /#{malcode}/ # does not print anything
    --------------------------------------------------

    Am I safe using the last line?

    Patrick
     
    Patrick Gundlach, Oct 19, 2003
    #9
  10. Hello Robert,


    "Robert Klemme" <> writes:
    > But then I'd use Regexp.new:
    >
    > user_regexp = get_input()
    >
    > begin
    > rx = Regexp.new( user_regexp, user_set_flags )
    > rescue RegexpError => e
    > user_feedback( e )
    > end


    I now have

    begin
    do_something if mystring =~ user_regexp
    rescue ....
    user_feedback ...
    end

    what is the advantage of Regexp.new over my approach?

    Patrick
    --
    You are your own rainbow!
     
    Patrick Gundlach, Oct 19, 2003
    #10
  11. "Patrick Gundlach" <> schrieb im
    Newsbeitrag news:...
    > Hello Robert,
    >
    >
    > "Robert Klemme" <> writes:
    > > But then I'd use Regexp.new:
    > >
    > > user_regexp = get_input()
    > >
    > > begin
    > > rx = Regexp.new( user_regexp, user_set_flags )
    > > rescue RegexpError => e
    > > user_feedback( e )
    > > end

    >
    > I now have
    >
    > begin
    > do_something if mystring =~ user_regexp
    > rescue ....
    > user_feedback ...
    > end
    >
    > what is the advantage of Regexp.new over my approach?


    irb(main):003:0> "foo" =~ "fo+"
    (irb):3: warning: string =~ string will be obsolete; use explicit regexp
    => 0
    irb(main):004:0>

    IOW, "mystring =~ user_regexp" is not a regexp match if "user_regexp" is
    not a regexp string and in future versions it will be only a string match
    regardless what kind of string is there in user_regexp.

    Regexp.new() is simply the directest way to create a regexp from a string
    and also it's faster:

    09:23:49 [ruby]: ruby rx-eval.rb
    user system total real
    eval 2.125000 0.000000 2.125000 ( 2.133000)
    direct 1.515000 0.015000 1.530000 ( 1.558000)
    09:24:14 [ruby]: cat rx-eval.rb

    require 'Benchmark'
    include Benchmark

    REP = 100000
    expr = "fo+"
    eval_expr = "/#{expr}/"

    bm do |run|
    run.report( "eval" ) do
    for i in 0...REP
    eval eval_expr
    end
    end

    run.report( "direct" ) do
    for i in 0...REP
    Regexp.new expr
    end
    end

    end
    09:24:34 [ruby]:

    Cheers

    robert
     
    Robert Klemme, Oct 20, 2003
    #11
  12. Hello Robert,


    "Robert Klemme" <> writes:

    > IOW, "mystring =~ user_regexp" is not a regexp match if "user_regexp" is
    > not a regexp string and in future versions it will be only a string match
    > regardless what kind of string is there in user_regexp.


    OK, thank you for then enlightenment.
    >
    > Regexp.new() is simply the directest way to create a regexp from a string
    > and also it's faster:


    That is interesting, too! And I didn't know of Benchmark yet. Thanks
    again.

    Patrick

    --
    You are your own rainbow!
     
    Patrick Gundlach, Oct 20, 2003
    #12
  13. Re: regexp

    Hi again,

    does anybody have an insight of this?

    >> also, if you get regexp input from your users be aware of the fact,
    >> that a regexp may execute ruby code:
    >>
    >> this is a regexp that prints Hello World!
    >>
    >> /#{puts 'Hello World!'}/

    >
    > But not in this case:
    >
    > --------------------------------------------------
    > #!/usr/bin/ruby
    >
    > malcode="#" + "{ puts 'hallo' }"
    >
    > puts malcode # prints #{ puts 'hallo' }
    >
    > "foo" =~ /#{malcode}/ # does not print anything
    > --------------------------------------------------
    >
    > Am I safe using the last line?



    Patrick
     
    Patrick Gundlach, Oct 22, 2003
    #13
  14. Re: regexp

    "Robert Klemme" <> writes:

    > For further aspects of Ruby security see also Object#taint and $SAFE:
    > http://www.rubycentral.com/book/taint.html
    >

    OK, thanks. I had problems in the beginning with SAFE, because I
    needed this "secure regexp" (SAFE=4?) and file access. But then I
    read about SAFE being thread local. I still have to try it out.

    Patrick
    --
    You are your own rainbow!
     
    Patrick Gundlach, Oct 23, 2003
    #14
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mark Probert

    TCPSocket and rescue

    Mark Probert, Sep 4, 2003, in forum: Ruby
    Replies:
    2
    Views:
    118
    Mark Probert
    Sep 5, 2003
  2. Zouplaz
    Replies:
    5
    Views:
    521
    Juan Matias
    Jul 4, 2007
  3. Prasad Pednekar
    Replies:
    3
    Views:
    128
    Prasad Pednekar
    Jan 16, 2008
  4. matt neuburg
    Replies:
    7
    Views:
    109
    matt neuburg
    May 8, 2008
  5. Misiek Sz

    raise and rescue

    Misiek Sz, Jun 13, 2008, in forum: Ruby
    Replies:
    10
    Views:
    193
    Avdi Grimm
    Jun 14, 2008
Loading...

Share This Page