July 21, 2008
1:33 p.m.
On Sun, Jul 20, 2008 at 10:45:39PM +0200, Victor Stinner wrote:
Hum... how can I say it? It's trivial to crash _sre :-) So I blacklisted _sre.compile() in my fuzzer.
We should certainly try to fix those issues, then; people usually assume the re module is safe for use inside a sandbox and probably aren't careful enough to block importing of the _sre module. --amk