Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
ModSecurity 2.5

You're reading from   ModSecurity 2.5 Prevent web application hacking with this easy to use guide

Arrow left icon
Product type Paperback
Published in Nov 2009
Publisher Packt
ISBN-13 9781847194749
Length 280 pages
Edition 1st Edition
Arrow right icon
Toc

Table of Contents (17) Chapters Close

ModSecurity 2.5
Credits
About the Author
About the Reviewers
1. Preface
1. Installation and Configuration FREE CHAPTER 2. Writing Rules 3. Performance 4. Audit Logging 5. Virtual Patching 6. Blocking Common Attacks 7. Chroot Jails 8. REMO 9. Protecting a Web Application Directives and Variables Regular Expressions Index

Lazy quantifiers


By default, regex engines will try to match as much as possible when applying a regex. If you matched The number is \d+ against the string The number is 108, then the entire string would match, as \d+ would be "greedy" and try to match as much as possible (hence matching \d+ against the entire number 108 and not just the first digit).

Sometimes you want to match as little as possible, and that is where lazy quantifiers come in. A lazy quantifier will cause the regex engine to only include the minimum text possible so that a match can be achieved. You make a quantifier lazy by putting a question mark after it. So for example to make the plus quantifier lazy, you write it as +?. The lazy version of our regex would thus be The number is \d+? and when matched against The number is 108, the resulting match would be The number is 1, as the lazy version of \d+ would be satisfied with a single digit, since that achieves the requirement of the plus quantifier of "one or more".

The following table lists the lazy quantifiers that are available for use.

Quantifier

Description

+?

Lazy plus.

*?

Lazy star.

??

Lazy question mark.

{min,max}?

Lazy range.

So when are lazy quantifiers needed? One example is if you're trying to extract the first HTML tag from the string This is <b>an example</b> of using bold text. If you use the regex <.+> then the resulting match will be <b>an example</b>, since the regex engine tries to be greedy and match as much as possible. In this case that causes it to keep trying to match after encountering the first > character, and when it finds the second >, it concludes that it has matched as much as it can and returns the match.

The solution in this case is to use the lazy version of the plus quantifier, which turns the regex into <.+?>. This will stop as soon as the first match is found, and so will return <b>, which is exactly what we wanted.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image