Pattern is not a valid PCRE regular expression
Issue ID: v3-semantic-pattern-incorrect-pcre
Description
One or more strings in your API define a pattern that is not a valid Perl Compatible Regular Expressions (PCRE) and does not conform to the PCRE library.
The OpenAPI Specification defines the pattern format as ECMA Script. 42Crunch API Security Platform uses the pattern format PCRE1 compiled with the PCRE_JAVASCRIPT_COMPAT option which uses ECMA Script syntax for constructs where ECMA Script and PCRE would be different, such as the support of \U and \u for unicode.
For more details, see PCRE - Perl Compatible Regular Expressions.
Example
The following is an example of how this type of risk could look in your API definition:
{
"post": {
"description": "Creates a new pet in the store",
"operationId": "addPet",
"requestBody": {
"description": "Pet to add to the store",
"required": true,
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/NewPet"
}
}
}
}
},
// ...
"NewPet": {
"type": "object",
"description": "JSON defining a Pet object",
"additionalProperties": false,
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"pattern": "^[a-Z]{3,10}$",
"minLength": 3
}
}
}
}Remediation
Make sure that all regular expression in your API are valid PCRE regular expressions.
{
"post": {
"description": "Creates a new pet in the store",
"operationId": "addPet",
"requestBody": {
"description": "Pet to add to the store",
"required": true,
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/NewPet"
}
}
}
}
},
// ...
"NewPet": {
"type": "object",
"description": "JSON defining a Pet object",
"additionalProperties": false,
"required": [
"name"
],
"properties": {
"name": {
"type": "string",
"pattern": "^[a-z]{3,10}$",
"minLength": 3,
"maxLength": 10
}
}
}
}