This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

classification
Title: Parser hanging on stacked { tokens
Type: crash Stage: resolved
Components: Parser Versions: Python 3.11, Python 3.10
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: anthonypjshaw, lys.nikolaou, pablogsal
Priority: normal Keywords: 3.10regression, patch

Created on 2022-02-10 03:00 by anthonypjshaw, last changed 2022-04-11 14:59 by admin. This issue is now closed.

Pull Requests
URL Status Linked Edit
PR 31241 merged pablogsal, 2022-02-10 03:14
PR 31242 merged pablogsal, 2022-02-10 03:39
Messages (4)
msg412972 - (view) Author: anthony shaw (anthonypjshaw) * (Python triager) Date: 2022-02-10 03:00 
Providing an (invalid) input to the parser causes an exponentially-slow DoS to the Python executable in 3.10.

e.g.

python3.10 -c "{{{{{{{{{{{{{{{{{{{{{:"

takes ~2 seconds

python3.10 -c "{{{{{{{{{{{{{{{{{{{{{{{{:"

takes ~22 seconds

Tested this all the way up to 
d{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{```{{{{{{{ef f():y

which took over an hour
msg412974 - (view) Author: Pablo Galindo Salgado (pablogsal) * (Python committer) Date: 2022-02-10 03:37 
New changeset b71dc71905ab674ccaa4a56230d17a28f61c325c by Pablo Galindo Salgado in branch 'main':
bpo-46707: Avoid potential exponential backtracking in some syntax errors (GH-31241)
https://github.com/python/cpython/commit/b71dc71905ab674ccaa4a56230d17a28f61c325c
msg412975 - (view) Author: Pablo Galindo Salgado (pablogsal) * (Python committer) Date: 2022-02-10 03:54 
New changeset 9b23f8f78fdb0d7eba016616ae7a97abbfc65aa6 by Pablo Galindo Salgado in branch '3.10':
[3.10] bpo-46707: Avoid potential exponential backtracking in some syntax errors (GH-31241). (GH-31242)
https://github.com/python/cpython/commit/9b23f8f78fdb0d7eba016616ae7a97abbfc65aa6
msg412976 - (view) Author: Pablo Galindo Salgado (pablogsal) * (Python committer) Date: 2022-02-10 03:55 
Thanks Anthony for the report!
History
Date User Action Args
2022-04-11 14:59:56adminsetgithub: 90863
2022-02-10 03:55:09pablogsalsetmessages: + msg412976
2022-02-10 03:54:55pablogsalsetmessages: + msg412975
2022-02-10 03:54:55pablogsalsetstatus: open -> closed
resolution: fixed
stage: patch review -> resolved
2022-02-10 03:39:11pablogsalsetpull_requests: + pull_request29412
2022-02-10 03:37:26pablogsalsetmessages: + msg412974
2022-02-10 03:14:46pablogsalsetkeywords: + patch
stage: patch review
pull_requests: + pull_request29411
2022-02-10 03:01:02anthonypjshawsetversions: + Python 3.10, Python 3.11
2022-02-10 03:00:43anthonypjshawcreate