Developing a new library for accessing to the Microsoft Azure Service Bus (event hubs, queues, topics / subscriptions) based on AMQP (and AMQP .Net Lite library) I came across a bug in the code of the regular expression in the .Net Micro Framework.

The bug occurred by chance, when I had a "connection string" in which there was the "SharedAccessSignature" field that has a value when we use the AMQP connection with CBS (Claim Based Security); for example when we publish to a "publisher" endpoint in the event hubs with a SAS-based security token.

In this case, the above field has a quite long value. Following the "connection string" I came across :

To extract all the fields from the connection string, I wrote the following code :

   1: Regex regex = new Regex("([^=;]+)=([^;]+)");

   2:  

   3: IDictionary connectionStringParams = new Hashtable();

   4:  

   5: MatchCollection matches = regex.Matches(connectionString);

   6: foreach (Match match in matches)

   7: {

   8:     connectionStringParamsmatch.Groups[1].Value = match.Groups[2].Value;

   9: }

On second iteration extracting the "SharedAccessSignature" field I came across an OutOfRangeException ... due to what ?

The screenshot shows that the field "Length" of the match has a negative value of -80. Why ?

Well, the value of the "SharedAccessSignature" field (the SAS token) has a length equal to 208 and doing a simple subtraction 128-208 is exactly equal to -80.

Probably in the .Net Micro Framework, a variable of the type "signed byte" is used to hold such a value that causes an obvious overflow; the maximum length of a value in a match was probably set at 128.

I suggest you avoid matching with values longer than 128 characters waiting the team to fix the bug