Bug 2014497 - Regex slows down different forms and creates too much recursion errors in the log
Summary: Regex slows down different forms and creates too much recursion errors in the...
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Dev Console
Version: 4.7
Hardware: All
OS: All
Target Milestone: ---
: 4.10.0
Assignee: Mohammed Saud
QA Contact: spathak@redhat.com
Depends On:
Blocks: 2027268
TreeView+ depends on / blocked
Reported: 2021-10-15 12:08 UTC by Christoph Jerolimov
Modified: 2022-03-10 16:20 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
* Before this update, the name input fields used a complex and recursive regular expression to validate user inputs. This regular expression made name detection very slow and often caused errors. This update resolves the issue by optimizing the regular expression and avoiding recursive matching. Now, name detection is fast and does not cause errors. (link:https://bugzilla.redhat.com/show_bug.cgi?id=2014497[BZ#2014497])
Clone Of:
Last Closed: 2022-03-10 16:20:08 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift console pull 10556 0 None open Bug 2014497: Optimize name validation regex for forms 2021-11-25 15:31:36 UTC
Red Hat Product Errata RHSA-2022:0056 0 None None None 2022-03-10 16:20:25 UTC

Description Christoph Jerolimov 2021-10-15 12:08:30 UTC
Description of problem:
The `nameRegex` and `nameValidationSchema` in packages/console-shared/src/utils/yup-validations.ts, often imported directly from '@console/shared' slows down different forms and produces too much recursion errors (in the browser log).

This an follow up on https://issues.redhat.com/browse/ODC-6320, https://issues.redhat.com/browse/ODC-6333 and merged PR https://github.com/openshift/console/pull/10013 which fixes this only for the samples import but this could happen in different code areas.

This fix doesn't solve the bad performance of the regex and esp. ignores all other code areas which uses this via the yup schema validation. 

The problem is for example reproducible when importing a Helm chart and enter "dotnet-" again and again as release name.

When entering (paste) this multiple times the form lags in Firefox and Chrome dramatically until the browser tabs doesn't react anymore (Chrome) or shows a warning (Firefox). Tested with a react production build.

The forms (formik or yup) catches the recursion error internally and logs the problem to the browser log. And it looks like formik/yup doesn't call this validation after it crashes once!! Which means after a slow form it crashs internally and then the pages reacts faster again.

Version-Release number of selected component (if applicable):
4.6 not tested
Reproducible at least since 4.7

How reproducible:

Steps to Reproduce:
1. Open developer console
2. Navigate to Add > Developer catalog > Helm charts
3. Select a helm chart, for example dotnet
4. Press install
5. Enter a long release name separated by dashes, for example copy and paste 'dotnet-' again and again

Actual results:
- When the release name grows the form gets slower and slower
- At some point your browser logs should show "InternalError: too much recursion"
- At some point your browser maybe warn you about the performance problem or crashs (show just a white page)

Expected results:
None of the issues above, the form should just perform well also with a long release name like "dotnet-dotnet-dotnet-dotnet-dotnet-..."

Additional info:
If we want backport this, we need to decide if we want backport https://github.com/openshift/console/pull/10013 first to all old versions. See https://github.com/openshift/console/pull/10076.

Comment 2 Christoph Jerolimov 2021-12-20 10:44:26 UTC
Verified on 4.10.0-0.nightly-2021-12-16-185411 with Chrome 96.0 on Fedora 35 and Safari 15.1 on macOS 12.0.

Comment 8 errata-xmlrpc 2022-03-10 16:20:08 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.