Skip to content

refactor: create 944120 .ra file#4508

Merged
fzipi merged 1 commit into
mainfrom
regex-assembly/944120
Mar 3, 2026
Merged

refactor: create 944120 .ra file#4508
fzipi merged 1 commit into
mainfrom
regex-assembly/944120

Conversation

@fzipi
Copy link
Copy Markdown
Member

@fzipi fzipi commented Mar 2, 2026

what

  • create regex-assembly file for rule 944120 (Java serialization RCE, CVE-2015-4852)
  • add "generated from" comment block to the rule
  • toolchain trie-optimized the flat alternation of 11 class/method names

why

  • improve maintainability by using regex-assembly format
  • the flat list of Java deserialization class names is easier to read and update in .ra format

refs

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 2, 2026

📊 Quantitative test results for language: eng, year: 2023, size: 10K, paranoia level: 1:
🚀 Quantitative testing did not detect new false positives

@fzipi fzipi mentioned this pull request Mar 2, 2026
Open
25 tasks
Xhoenix
Xhoenix reviewed Mar 3, 2026
View reviewed changes
Comment thread rules/REQUEST-944-APPLICATION-ATTACK-JAVA.conf
Xhoenix
Xhoenix approved these changes Mar 3, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@Xhoenix Xhoenix left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@fzipi fzipi added this pull request to the merge queue Mar 3, 2026
Merged via the queue into main with commit e329156 Mar 3, 2026
8 checks passed
@fzipi fzipi deleted the regex-assembly/944120 branch March 3, 2026 14:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Xhoenix Xhoenix Xhoenix approved these changes

Assignees

No one assigned

Labels

🧙 regex-assembly release:refactor

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fzipi @Xhoenix