Message322584
I suggest closing this as "wontfix".
This is a just an non-optimized regexp pattern leading to long run times. That these are possible is a well-known trait of backtracking regular expression engines in general, and ours in particular.
IMO this isn't a security issue since the root of the issue is the pattern. I don't see this as a bug or a significant performance issue either, and there is no concrete enhancement suggestion here.
For clarification, the given pattern is equivalent to:
pat = r'''^
(
\(?
[\w\d\-\.\\]{3,}
\|?
)+
[\w\d\-\.\\]{3,}
\)?
$''' |
|
Date |
User |
Action |
Args |
2018-07-28 18:36:11 | taleinat | set | recipients:
+ taleinat, ezio.melotti, mrabarnett, serhiy.storchaka, ghi5107 |
2018-07-28 18:36:11 | taleinat | set | messageid: <1532802971.29.0.56676864532.issue33113@psf.upfronthosting.co.za> |
2018-07-28 18:36:11 | taleinat | link | issue33113 messages |
2018-07-28 18:36:11 | taleinat | create | |
|