ReDoS (Regular Expression Denial of Service) Anti-Pattern

Severity: High

Summary

Poorly written regex patterns take extremely long to evaluate malicious input, causing applications to hang and consume 100% CPU from a single request. Caused by catastrophic backtracking in patterns with nested quantifiers ((a+)+) or overlapping alternations.

The Anti-Pattern

The anti-pattern is regex with exponential-time complexity for input validation. Small input length increases cause exponential computation time growth.

BAD Code Example

// VULNERABLE: Nested quantifiers cause catastrophic backtracking.