Upgrade to Pro — share decks privately, control downloads, hide ads and more …

正規表現再入門/introduction-to-regex

Ca17a082a30f4cbfed1d0a6dacbe3af2?s=47 shin1x1
November 03, 2016
Programming
5
12k

 正規表現再入門/introduction-to-regex

2016/11/03 PHPカンファレンス2016

Ca17a082a30f4cbfed1d0a6dacbe3af2?s=128

shin1x1

November 03, 2016
Tweet

More Decks by shin1x1

See All by shin1x1
Ca17a082a30f4cbfed1d0a6dacbe3af2?s=48 shin1x1
0
910
Ca17a082a30f4cbfed1d0a6dacbe3af2?s=48 shin1x1
3
2.7k
Ca17a082a30f4cbfed1d0a6dacbe3af2?s=48 shin1x1
0
1.8k
Ca17a082a30f4cbfed1d0a6dacbe3af2?s=48 shin1x1
2
3.6k
Ca17a082a30f4cbfed1d0a6dacbe3af2?s=48 shin1x1
1
4.4k
Ca17a082a30f4cbfed1d0a6dacbe3af2?s=48 shin1x1
5
4.7k
Ca17a082a30f4cbfed1d0a6dacbe3af2?s=48 shin1x1
23
4.7k
Ca17a082a30f4cbfed1d0a6dacbe3af2?s=48 shin1x1
4
1.1k
Ca17a082a30f4cbfed1d0a6dacbe3af2?s=48 shin1x1
5
8.9k

Other Decks in Programming

See All in Programming
8e8410eb785755ae2cb485f85dbab6e8?s=48 hiroga
0
270
A0abebaaa72697006085b05fabefa1f6?s=48 ura0ka
0
150
52cc8a838bf44a589d2572833b2dd1b9?s=48 palkan
1
130
De4cef85165e8a063b5e40fe1f24daa4?s=48 cocoeyes02
5
2.5k
D83b3739651001461f48763639b90b50?s=48 mazipan
0
150
F5ad19f79685973f5e93124e55ef4d15?s=48 kumasan3
0
260
E6311847f4fe11546a24eec9e7a403a5?s=48 startjapan
4
490
1d5ca7d8f17f15de4272e1ec7ef7abac?s=48 watilde
0
840
0ed10d1154c696886ca483fe827cb299?s=48 thatjeffsmith
0
350
07fe43bbec550b3230b3a7f9a81de7cc?s=48 nishigori
2
1.5k
De266761b955b2636e454a1bc7a99ed4?s=48 masayaaoyama
1
530
Bfc42a2fb137897db919bac632c83085?s=48 teruhisafukumoto
1
340

Featured

See All Featured
64827b31aef81498662e8af4bd6d5157?s=48 jonrohan
1020
390k
F68cb25ae3e5c2106997454b13b7737d?s=48 brad_frost
158
6.6k
39488f9d172ab92fd352f2cd7b73258d?s=48 mza
81
4.2k
Af6a12710770ad9a7cfd08c97efd40d3?s=48 pedronauck
653
110k
D36d2c1821af9249b69ff7f5ed60529b?s=48 tammielis
238
23k
B47b288784fda77a94aeb234ca743c24?s=48 keavy
108
15k
C1daf20e5c49ff910745198ef9869ac2?s=48 hatefulcrawdad
255
17k
48c098b6579220a67a6ba949be6e4b5a?s=48 revolveconf
202
9.8k
7c8469ee8c9e594c65c59b919626c08d?s=48 scottboms
252
11k
1177e050db6bafe62885362edf6e3537?s=48 lauravandoore
12
1.9k
C7393b7ba7ec9c8890dd77d209fbb3c9?s=48 maltzj
503
37k
3d4519fd34b76fb265fc0237f3792bd4?s=48 danielanewman
204
20k

Transcript

  1. ɹ!shin1x1 2016//03 PHPΧϯϑΝϨϯε ਖ਼نදݱ࠶ೖ໳

  2. ৄࡉਖ਼نදݱ ਖ਼نදݱٕज़ೖ໳

  3. D .BTBTIJ4IJOCBSB!TIJOY "HFOEB w1)1ͷਖ਼نදݱ wϚονϯά wόοΫτϥοΫ w3F%P4

  4. 1)1ͷਖ਼نදݱ

  5. 1)1ͷਖ਼نදݱ D .BTBTIJ4IJOCBSB!TIJOY w1$3&
 QSFHܥ w104*9ਖ਼نදݱ
 FSFHܥʢ1)1Ͱඇਪ঑ɺͰഇࢭʣ wَं
 NC@FSFHܥ

  6. 1)1ͷਖ਼نදݱ D .BTBTIJ4IJOCBSB!TIJOY w1$3&
 QSFHܥ w104*9ਖ਼نදݱ
 FSFHܥʢ1)1Ͱඇਪ঑ɺͰഇࢭʣ wَं
 NC@FSFHܥ

  7. ਖ਼نදݱͷओͳར༻༻్ D .BTBTIJ4IJOCBSB!TIJOY wจࣈྻ͕Ϛον͢Δ͔Ͳ͏͔ͷ൑ผ wจࣈྻ͔ΒϚονͨ͠Օॴͷऔಘ wจࣈྻͷϚονͨ͠ՕॴΛஔ׵ wϚονͨ͠ՕॴͰจࣈྻΛ෼ׂ

  8. ਖ਼نදݱͷओͳར༻༻్ D .BTBTIJ4IJOCBSB!TIJOY wϚον͢Δ͔Ͳ͏͔ͷ൑ผ wϚονͨ͠Օॴͷऔಘ
 QSFH@NBUDI QSFH@NBUDI@BMM QSFH@HSFQ  wϚονͨ͠Օॴͷஔ׵


    QSFH@SFQMBDF QSFH@pMUFS  wϚονͨ͠ՕॴͰจࣈྻΛ෼ׂ
 QSFH@TQMJU

  9. Ϛονϯά

  10. Ϛονϯάͷಛ௃ D .BTBTIJ4IJOCBSB!TIJOY wਖ਼نදݱ͸ؤுΓ԰ w࠷ॳʹϚονͨ͠΋ͷ͕༏ઌ wඪ४ͷྔࢦఆࢠ͸ཉுΓʢHSFFEZʣ

  11. Ϛονϯάͷಛ௃ D .BTBTIJ4IJOCBSB!TIJOY wਖ਼نදݱ͸ؤுΓ԰ w࠷ॳʹϚονͨ͠΋ͷ͕༏ઌ wඪ४ͷྔࢦఆࢠ͸ཉுΓʢHSFFEZʣ ࠷௕࠷ࠨϚονϯά

  12. ਖ਼نදݱ͸ؤுΓ԰ D .BTBTIJ4IJOCBSB!TIJOY wϚον͢Δ·ͰऔΓಘΔશͯͷύλʔϯΛࢼߦ
 Ϛον͢Ε͹ऴྃ wऔΓಘΔશͯͷύλʔϯ͕Ϛον͠ͳ͍
 Ϛονࣦഊ wϚονࣦഊͷ৔߹ɺॲཧྔ͕๲େʹͳΔՄೳੑ

  13. B aE 

  14. B aE  aE ΛͰϚον

  15. B aE  ͱB͸Ϛον͠ͳ͍

  16. B aE  aE ΛͰϚον όοΫτϥοΫ

  17. B aE  ͱ͸Ϛον͠ͳ͍

  18. B aE  จࣈྻΛਐΊͯ
 aE ΛͰϚον

  19. B aE  ͱB͸Ϛον͠ͳ͍

  20. B aE  จࣈྻΛਐΊΔͱ
 aE ͕Ϛον͢Δ΋ͷ͕ແ͍ Ϛονࣦഊ

  21. ࠷ॳʹϚονͨ͠΋ͷ͕༏ઌ D .BTBTIJ4IJOCBSB!TIJOY wจࣈྻ಺Ͱ࠷΋ࠨʹ͋ΔϚον͕༏ઌ
 ʢ࠷ॳʹϚονͨ͠Օॴʣ wਖ਼نදݱʢબ୒ʣͷฒͼͰ͸ͳ͍

  22. 1FO1JOFBQQMF"QQMF1FO

  23. 1FO1JOFBQQMF"QQMF1FO ?1FO Ϛον͢Δ

  24. 1FO1JOFBQQMF"QQMF1FO 1FO 1FO1JOFBQQMF"QQMF1FO

  25. 1FO1JOFBQQMF"QQMF1FO 1FO จࣈྻͷࠨଆͰϚονͨ͠΋ͷ͕༏ઌ ʢ্ͷύλʔϯͰऴྃʣ 1FO1JOFBQQMF"QQMF1FO

  26. 1FO1JOFBQQMF"QQMF1FO "QQMFc1FO

  27. 1FO1JOFBQQMF"QQMF1FO "QQMFc1FO 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO

  28. 1FO1JOFBQQMF"QQMF1FO "QQMFc1FO 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO จࣈྻͷࠨଆͰϚονͨ͠΋ͷ͕༏ઌ

  29. ඪ४ͷྔࢦఆࢠ͸ཉுΓ D .BTBTIJ4IJOCBSB!TIJOY wඪ४ͷྔࢦఆࢠ͸ɺ࠷௕ʹϚον wσϑΥϧτͰ͸࠷େྔࢦఆࢠͱͯ͠ಈ͘

  30. ྔࢦఆࢠ D .BTBTIJ4IJOCBSB!TIJOY w௚લͷύλʔϯͷ܁Γฦ͠Λࣔ͢ w ɺ ɺ ɺ\O N^ wB

    ͳΒʮBʯʮBBCʯʮDBBBBCʯͳͲʹϚον

  31. 1FO1JOFBQQMF"QQMF1FO 1 O ճҎ্

  32. 1FO1JOFBQQMF"QQMF1FO 1 O 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO

  33. 1FO1JOFBQQMF"QQMF1FO 1 O ඪ४ͷྔࢦఆࢠ͸࠷௕ͰϚον

  34. 1FO1JOFBQQMF"QQMF1FO 1 O ճҎ্

  35. 1FO1JOFBQQMF"QQMF1FO 1 O ΋͘͠͸ճ 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO

  36. 1FO1JOFBQQMF"QQMF1FO 1 O ΋͘͠͸ճ 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO

  37. 1\ ^O ճҎ্ճҎԼ 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO

  38. 1\ ^O 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO 1FO1JOFBQQMF"QQMF1FO ճҎ্ճҎԼ

  39. ྔࢦఆࢠͷϚονϯάύλʔϯ D .BTBTIJ4IJOCBSB!TIJOY w࠷େྔࢦఆࢠʢσϑΥϧτʣ w࠷খྔࢦఆࢠ wઈର࠷େྔࢦఆࢠ

  40. ࠷େྔࢦఆࢠ D .BTBTIJ4IJOCBSB!TIJOY wྔࢦఆࢠσϑΥϧτͷಈ͖ w   \O N^ w࠷௕ʹϚονɺཉுΓͳϚον

  41. ࠷খྔࢦఆࢠ D .BTBTIJ4IJOCBSB!TIJOY wྔࢦఆࢠʹ Λ෇͚ͯࢦఆ w ɺ ɺ ɺ\O N^

     w࠷খͷϚονɺ߇͑ΊͳϚον

  42. 1FO1JOFBQQMF"QQMF1FO 1 O ࠷௕ͰϚον

  43. 1FO1JOFBQQMF"QQMF1FO 1 O ࠷୹ͰϚον

  44. GPPBOECBS GPPΛϚον͍ͨ͠

  45. ࠷େྔࢦఆࢠ GPPBOECBS  

  46. <?>  Ҏ֎ͷ܁Γฦ͠ GPPBOECBS

  47.   ࠷খྔࢦఆࢠ GPPBOECBS

  48. ࠷େྔࢦఆࢠͱ࠷খྔࢦఆࢠ D .BTBTIJ4IJOCBSB!TIJOY w࠷େྔࢦఆࢠ࠷௕Ұக͔Βࢼߦ͍ͯ͘͠ w࠷খྔࢦఆࢠ࠷୹Ұக͔Βࢼߦ͍ͯ͘͠ wϚον͠ͳ͍৔߹ͲͪΒ΋ಉ͡ࢼߦΛߦ͏

  49. ઈର࠷େྔࢦఆࢠ D .BTBTIJ4IJOCBSB!TIJOY wྔࢦఆࢠʹ Λ෇͚ͯࢦఆ w ɺ ɺ ɺ\O N^

     wڧཉͳϚονɺఘΊͳ͍Ϛον

  50. 1FO1JOFBQQMF"QQMF1FO 1 O Ϛονࣦഊ

  51. όοΫτϥοΫ

  52. όοΫτϥοΫ D .BTBTIJ4IJOCBSB!TIJOY wϚον͕ࣦഊͨ͠৔߹ʹ
 લͷਖ਼نදݱʹ໭ΓɺผͷϚονΛߦ͏ wਖ਼͍͠ղΛಘΔ·ͰՄೳͳ૊Έ߹ΘͤΛ
 ޮ཰తʹࢼ͍ͯ͘͠ https://ja.wikipedia.org/wiki/όοΫτϥοΩϯά

  53. 1FO1JOFBQQMF"QQMF1FO 1 O Ϛον͢Δ

  54. 1FO1JOFBQQMF"QQMF1FO 1 O Ϛον͢Δ

  55. 1FO1JOFBQQMF"QQMF1FO 1 O Oͱߦ຤ͳͷͰ Ϛον͠ͳ͍

  56. 1FO1JOFBQQMF"QQMF1FO 1 O จࣈ୹ͯ͘͠Ϛον όοΫτϥοΫ

  57. 1FO1JOFBQQMF"QQMF1FO 1 O Ϛον੒ޭ

  58. 1FO1JOFBQQMF"QQMF1FO 1 O Ϛον͢Δ

  59. 1FO1JOFBQQMF"QQMF1FO 1 O Ϛον͢Δ Ϛονͨ͠ൣғΛΞτϛοΫʹѻ͏

  60. 1FO1JOFBQQMF"QQMF1FO 1 O Oͱߦ຤ͳͷͰ Ϛον͠ͳ͍

  61. 1FO1JOFBQQMF"QQMF1FO 1 O  ͰϚονͨ͠Օॴͷ࠶୳ࠪ͸ߦΘͣɺ ਖ਼نදݱΛ1͔ΒϚον͠௚͢

  62. 1FO1JOFBQQMF"QQMF1FO 1 O Ϛον͢Δ Ϛονͨ͠ൣғΛΞτϛοΫʹѻ͏

  63. 1FO1JOFBQQMF"QQMF1FO 1 O Oͱߦ຤ͳͷͰ Ϛον͠ͳ͍

  64. 1FO1JOFBQQMF"QQMF1FO 1 O  ͰϚονͨ͠Օॴͷ࠶୳ࠪ͸ߦΘͣɺ ਖ਼نදݱΛ1͔ΒϚον͠௚͢

  65. 1FO1JOFBQQMF"QQMF1FO 1 O Ϛον͢Δ Ϛονͨ͠ൣғΛΞτϛοΫʹѻ͏

  66. 1FO1JOFBQQMF"QQMF1FO 1 O Oͱߦ຤ͳͷͰ Ϛον͠ͳ͍

  67. 1FO1JOFBQQMF"QQMF1FO 1 O Ϛονࣦഊ

  68. ઈର࠷େྔࢦఆࢠ D .BTBTIJ4IJOCBSB!TIJOY wҰ౓Ϛονϯάͨ͠ൣғΛΞτϛοΫʹѻ͍ɺ
 όοΫτϥοΫͰख์͞ͳ͍ wΞτϛοΫάϧʔϓͰ΋ಉ༷ͷޮՌ
   Ͱ΋ಉ༷ͷޮՌ wόοΫτϥοΫൃੜ਺Λ཈͑Δ

  69. SFHVMBSFYQSFTTJPOT D .BTBTIJ4IJOCBSB!TIJOY https://regex101.com/

  70. None

  71. όοΫτϥοΫʹΑΔ %P4

  72. http://stackstatus.net/post/147710624694/outage-postmortem-july-20-2016

  73. w4UBDL0WFSqPXͰ෼ؒΞΫηεෆೳ wจࣈྻલޙͷۭനΛ࡟আ͢Δਖ਼نදݱ w?<aTaVD> c<aTaVD>  w ͷۭന ຤ඌ͸ۭനҎ֎

  74. ݕূ D .BTBTIJ4IJOCBSB!TIJOY wQSFH@SFQMBDF  1)1 w୯७Խͯ͠ɺaT ͱaT Ͱݕূ w/ݸͷۭന

    `B`ʹରͯ͠ॲཧ

  75. /TQBDFT B 1)1 1)1  NT NT   NT

    NT    NT NT    NT  NT QSFH@SFQMBDF aT 

  76. /TQBDFT B 1)1 1)1  NT NT   NT

    NT   NT NT    NT
 aT ൺ  NT aT ൺ QSFH@SFQMBDF aT 

  77. ରԠࡦ D .BTBTIJ4IJOCBSB!TIJOY wઈର࠷େྔࢦఆࢠͰόοΫτϥοΫΛ཈੍ wจࣈྻ௕ΛόϦσʔγϣϯͰ੍ݶ wਖ਼نදݱΛ࢖Θͳ͍
 4UBDL0WFSqPXͰͷରԠ
 จࣈྻؔ਺Ͱஔ׵͑

  78. 3F%P4

  79. 3F%P4 D .BTBTIJ4IJOCBSB!TIJOY wਖ਼نදݱΛѱ༻ͨ͠%P4 w೥͔Β໰୊ఏى͞Ε͍ͯͨ wϚον͠ͳ͍ύλʔϯͰ߈ܸ https://www.checkmarx.com/wp-content/uploads/2015/03/ReDoS-Attacks.pdf

  80. https://www.checkmarx.com/wp-content/uploads/2015/03/ReDoS-Attacks.pdf

  81. &WJM3FHFY1BUUFSOT D .BTBTIJ4IJOCBSB!TIJOY w B  w <B[";>  w

    BcBB  w BcB  w  B \Y^cGPSY

  82. BBBBBBBBBBBBBBBBBBB9  B 

  83.  TUFQT ࢀߟ յ໓తͳόοΫτϥοΫ  B  BBBBBBBBBBBBBBBBBBB9

  84. &WJM3FHFY1BUUFSOT D .BTBTIJ4IJOCBSB!TIJOY wΘ͔ͣจࣈͷจࣈྻͰ΋
 ૊Έ߹Θͤരൃ͕ى͜Δ wྔࢦఆࢠͷೖΕࢠɺબ୒ͱྔࢦఆࢠͷೖΕࢠ

  85. 1)1Ͱ࣮ߦ D .BTBTIJ4IJOCBSB!TIJOY preg_match('/(a+)+$/', 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaX'); 1)1 1)1 QSFH@NBUDI NT NT

    ଎͍ʂʂʂ

  86. όοΫτϥοΫ੍ݶ D .BTBTIJ4IJOCBSB!TIJOY wઃఆʹΑΔόοΫτϥοΫ੍ݶ
 QDSFCBDLUSBDL@MJNJUʢσϑΥϧτ͸  ʣ w্ݶʹୡ͢ΔͱΤϥʔͰऴྃ wQSFH@NBUDI ͷ໭Γ஋͕GBMTF


    ΤϥʔΛࣔ͢ wQSFH@MBTU@FSSPS ͰΤϥʔίʔυऔಘ

  87. 1)1Ͱ࣮ߦ D .BTBTIJ4IJOCBSB!TIJOY <?php
 preg_match('/(a+)+$/', 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaX', $m);
 
 $error =

    preg_last_error();
 if ($error === PREG_BACKTRACK_LIMIT_ERROR) {
 echo 'backtrack limit error', PHP_EOL;
 } else if ($error > 0) {
 echo 'other error', PHP_EOL;
 } $ php redos.php backtrack limit error

  88. 1)1Ͱ࣮ߦʢ੍ݶ֎͠ʣ D .BTBTIJ4IJOCBSB!TIJOY ini_set('pcre.backtrack_limit', 10000000000); preg_match('/(a+)+$/', 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaX'); 1)1 1)1 QSFH@NBUDI

     NT  NT ͕͔͔࣌ؒΔ

  89. $47ͷύʔε D .BTBTIJ4IJOCBSB!TIJOY wਖ਼نදݱͰ࣮૷ w1P$ͳ$47Λύʔε͢Δͱ
 4FHNFOUBUJPO'BVMUʢ1)1ʣ wHPPECZDTWͰॻ͖௚ͯ͠ରԠ

  90. ·ͱΊ

  91. ·ͱΊ D .BTBTIJ4IJOCBSB!TIJOY wϚονϯάͷྲྀΕ wύϑΥʔϚϯε΁ͷӨڹ wਖ਼نදݱΛ͋͑ͯ࢖Θͳ͍બ୒ࢶ

  92. ࢀߟ D .BTBTIJ4IJOCBSB!TIJOY w4UBDL&YDIBOHF͕߈ܸ͞Εͨ3F%P4ͷޮՌcZPIHBLJTCMPH
 IUUQTCMPHPIHBLJOFUTUBDLFYDIBOHFSFEPTBUUBDL w3F%P4ͷճආcZPIHBLJTCMPH
 IUUQTCMPHPIHBLJOFUBWPJEJOHSFEPT

  93. D .BTBTIJ4IJOCBSB!TIJOY !TIJOY !TIJOY D .BTBTIJ4IJOCBSB!TIJOY