Message189405
The recommendation for anyone using regular expressions on hostile input is to (a) don't do that. (b) use a better regexp without this possible behavior and (c) use something like re2 (there's a Python binding at https://github.com/axiak/pyre2) which is a regular expression engine that this cannot happen to.
fixing this within python requires a complete rewrite and replacement of the re module with one that uses a different approach. see the other work on the MRAB regex module and discussion surrounding that. that is a non trivial task and it is fixing other more important things (unicode correctness!) than this...
Given that, I don't actually expect this issue to ever be fixed.
IMNSHO: People shouldn't abuse regexes and get themselves into this situation in the first place. ;)
discussion should really happen on python-ideas. |
|
Date |
User |
Action |
Args |
2013-05-16 20:27:53 | gregory.p.smith | set | recipients:
+ gregory.p.smith, aaronsw, terry.reedy, josiahcarlson, mark.dickinson, pitrou, rsc, timehorse, schmir, mrabarnett, yarkot, witten |
2013-05-16 20:27:53 | gregory.p.smith | set | messageid: <1368736073.89.0.757133461743.issue1662581@psf.upfronthosting.co.za> |
2013-05-16 20:27:53 | gregory.p.smith | link | issue1662581 messages |
2013-05-16 20:27:53 | gregory.p.smith | create | |
|