[master] b09229f3b ban: Disable auto capturing for regexen
Nils Goroll
nils.goroll at uplex.de
Sun Nov 30 16:18:04 UTC 2025
commit b09229f3b7b96911e8877a5de35437211dd473f5
Author: Nils Goroll <nils.goroll at uplex.de>
Date: Sun Nov 30 16:36:03 2025 +0100
ban: Disable auto capturing for regexen
For bans, we never use back references, so disable them when compiling.
This brings down ban execution time for complex bans substantially, a factor on
the order of 30 has been observed for a regular expression with 921 open
parentheses and 920 alternatives ('|').
diff --git a/bin/varnishd/cache/cache_ban_build.c b/bin/varnishd/cache/cache_ban_build.c
index b370c563d..f634d6424 100644
--- a/bin/varnishd/cache/cache_ban_build.c
+++ b/bin/varnishd/cache/cache_ban_build.c
@@ -193,7 +193,7 @@ ban_parse_regexp(struct ban_proto *bp, const char *a3)
size_t sz;
vre_t *re, *rex;
- re = VRE_compile(a3, 0, &errorcode, &erroroffset, 0);
+ re = VRE_compile(a3, VRE_NO_AUTO_CAPTURE, &errorcode, &erroroffset, 0);
if (re == NULL) {
AN(VSB_init(vsb, errbuf, sizeof errbuf));
AZ(VRE_error(vsb, errorcode));
diff --git a/include/vre.h b/include/vre.h
index 854e96058..fc58c234b 100644
--- a/include/vre.h
+++ b/include/vre.h
@@ -54,6 +54,7 @@ extern const int VRE_ERROR_NOMATCH;
/* And those to PCRE2 compilation options */
extern const unsigned VRE_CASELESS;
+extern const unsigned VRE_NO_AUTO_CAPTURE;
vre_t *VRE_compile(const char *, unsigned, int *, int *, unsigned);
vre_t *VRE_export(const vre_t *, size_t *);
diff --git a/lib/libvarnish/vre.c b/lib/libvarnish/vre.c
index 6d9b58bc1..02f4b91aa 100644
--- a/lib/libvarnish/vre.c
+++ b/lib/libvarnish/vre.c
@@ -66,6 +66,7 @@ struct vre {
const int VRE_ERROR_NOMATCH = PCRE2_ERROR_NOMATCH;
const unsigned VRE_CASELESS = PCRE2_CASELESS;
+const unsigned VRE_NO_AUTO_CAPTURE = PCRE2_NO_AUTO_CAPTURE;
vre_t *
VRE_compile(const char *pattern, unsigned options,
More information about the varnish-commit
mailing list