[New-bugs-announce] [issue11665] Regexp findall freezes

Viktor Ferenczi report at bugs.python.org
Thu Mar 24 23:29:03 CET 2011

New submission from Viktor Ferenczi <python at cx.hu>:

Finding all matches of a expression freezes:

fviktor at sirius:~$ python3.2
Python 3.2 (r32:88445, Mar  8 2011, 01:24:57) 
[GCC 4.4.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import re
>>> text = '\\   = 0) & (lag < 1000) & (registered = 1) & !computer & (autocolor = 0) &'
>>> rx = re.compile(r'(<(?:(?:[^<>]*)|(?:"[^"]*"))*>)')
>>> rx.findall(text)

It freezes at this point with 100% CPU load. So I pressed Ctrl-C to break it, which works:

^CTraceback (most recent call last):
  File "<stdin>", line 1, in <module>

It is freezing on Python 2.6.6 as well, so it seems to be an old issue just (re)discovered.

The regexp is ugly, I know. It can be written much simpler (r'(<.*?>|".*?")'), which is working fine. But this issue points out a possible vulnerability: DOS attack due to freezing a Python application utilizing an affected regexp to parse user input.

I wasn't able to narrow down it further, but this issue is also depending on the text parsed, not only on the regexp pattern itself.

components: Library (Lib)
files: regexp_freeze.py
messages: 132048
nosy: complex
priority: normal
severity: normal
status: open
title: Regexp findall freezes
type: crash
versions: Python 2.6, Python 3.2
Added file: http://bugs.python.org/file21382/regexp_freeze.py

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list