Hi,
> Thanks for your comment, do you have any fix for it?
Security vendors (LAC Co.Ltd and Mitsui Bussan Secure Directions, Inc.)
suggest /(^|\W)[cC]lass\W/, so I'm personally using naive implementation
of this pattern: Pattern.compile(".*(^|\\W)[cC]lass\\W.*") .
But I'm not IT-security proofessional, so I can't say that this works
perfect, sorry.
Regards,
Nobuhiro
2014-06-01 15:40 GMT+09:00 Hideki Yamane <henr...@debian.or.jp>:
> Hi,
>
> On Sun, 1 Jun 2014 15:03:20 +0900
> Nobuhiro Ban <ban.nobuh...@gmail.com> wrote:
>> It's very strange regexp. Because we know (P1|.*|P2) == .* .
>> This pattern will match to words other than "class", eg. "fooClass".
>>
>> I think this patch will cause a regression.
>
> Thanks for your comment, do you have any fix for it?
>
>
> --
> Regards,
>
> Hideki Yamane henrich @ debian.or.jp/org
> http://wiki.debian.org/HidekiYamane
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
