-
Notifications
You must be signed in to change notification settings - Fork 41
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Too much recursion exception is being thrown when a string with 28 characters and more is entred. #58
Comments
I have not been able to reproduce this. I used: const pwordValidator = new passwordValidator();
pwordValidator.has().digits(10);
const pass = 'a very long password indeed. I dont know how many characters are these. Should be enough. 1234!'
console.log(pwordValidator.validate(pass)); Can you share what version of password-validator are you using and a reproducible code snippet? |
I have tried 5.1.1 and 5.1.2 versions and I got the same result.
};` |
Here is another code snippet that illustrates the recursive issue. return pwordValidator.validate(password); console.time('10 digits'); Output: `const isPasswordValid = (password) => { return pwordValidator.validate(password); console.time('20 digits'); Output: `const isPasswordValid = (password) => { return pwordValidator.validate(password); console.time('30 digits'); Output: `const isPasswordValid = (password) => { return pwordValidator.validate(password); console.time('40 digits'); Output: In nodejs, increment the digit criteria by 10 would increase the performance time significantly. |
Thanks for the snippet. I am able to reproduce this performance issue and trying to identify the reason behind it. RegExp in my understanding shouldn't be this slow. Feel free if you want to get involved in fixing this as well. |
My initial investigation indicates that it is a case of catastrophic backtracking. The issue is reproducible here. I feel a solution could be changing the pattern to something like this but I am not sure if it will cover all the cases. Also I feel this is an edge case because passwords are not usually this long. |
The same issue occurs when the symbols method has a big value.
|
Recursion exception is being thrown when a password with 28 characters long has been entered for validation.
Here is a snippet from my code:
const pwordValidator = new passwordValidator();
pwordValidator .has() .digits(Number(minimumNumericCharacters) || defaultMinimumNumericChars); pwordValidator.validate(password);
Here is the exception:
Uncaught (in promise) InternalError: too much recursion _process lib.js:13 digits lib.js:80 _isPasswordValidFor index.js:26 validate index.js:81 isPasswordValid UserAccounts.tsx:314
The text was updated successfully, but these errors were encountered: