Message189405
| Author | gregory.p.smith |
|---|---|
| Recipients | aaronsw, gregory.p.smith, josiahcarlson, mark.dickinson, mrabarnett, pitrou, rsc, schmir, terry.reedy, timehorse, witten, yarkot |
| Date | 2013-05-16.20:27:53 |
| SpamBayes Score | -1.0 |
| Marked as misclassified | Yes |
| Message-id | <1368736073.89.0.757133461743.issue1662581@psf.upfronthosting.co.za> |
| In-reply-to |
| Content | |
|---|---|
The recommendation for anyone using regular expressions on hostile input is to (a) don't do that. (b) use a better regexp without this possible behavior and (c) use something like re2 (there's a Python binding at https://github.com/axiak/pyre2) which is a regular expression engine that this cannot happen to. fixing this within python requires a complete rewrite and replacement of the re module with one that uses a different approach. see the other work on the MRAB regex module and discussion surrounding that. that is a non trivial task and it is fixing other more important things (unicode correctness!) than this... Given that, I don't actually expect this issue to ever be fixed. IMNSHO: People shouldn't abuse regexes and get themselves into this situation in the first place. ;) discussion should really happen on python-ideas. |
|
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2013-05-16 20:27:53 | gregory.p.smith | set | recipients: + gregory.p.smith, aaronsw, terry.reedy, josiahcarlson, mark.dickinson, pitrou, rsc, timehorse, schmir, mrabarnett, yarkot, witten |
| 2013-05-16 20:27:53 | gregory.p.smith | set | messageid: <1368736073.89.0.757133461743.issue1662581@psf.upfronthosting.co.za> |
| 2013-05-16 20:27:53 | gregory.p.smith | link | issue1662581 messages |
| 2013-05-16 20:27:53 | gregory.p.smith | create | |