[issue33113] Query performance is very low and can even lead to denial of service
Tal Einat
report at bugs.python.org
Sat Jul 28 14:36:11 EDT 2018
Tal Einat <taleinat at gmail.com> added the comment:
I suggest closing this as "wontfix".
This is a just an non-optimized regexp pattern leading to long run times. That these are possible is a well-known trait of backtracking regular expression engines in general, and ours in particular.
IMO this isn't a security issue since the root of the issue is the pattern. I don't see this as a bug or a significant performance issue either, and there is no concrete enhancement suggestion here.
For clarification, the given pattern is equivalent to:
pat = r'''^
(
\(?
[\w\d\-\.\\]{3,}
\|?
)+
[\w\d\-\.\\]{3,}
\)?
$'''
----------
nosy: +taleinat
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue33113>
_______________________________________
More information about the Python-bugs-list
mailing list