[Python-Dev] IDLE colorizer
MRAB
python at mrabarnett.plus.com
Mon Apr 2 14:32:17 EDT 2018
On 2018-04-02 05:43, Guido van Rossum wrote:
> My question for you: how on earth did you find this?! Speaking of a
> needle in a haystack. Did you run some kind of analysis program that
> looks for regexprs? (We've received some good reports from someone who
> did that looking for possible DoS attacks.)
>
The thread was about string prefixes.
Terry Reedy wrote "IDLE's colorizer does its parsing with a giant regex."
I wondered: "How bad could it be?" (It's smaller now that the IGNORECASE
flag can have a local scope.)
It wasn't hard to find because it was in a file called "colorizer.py" in
a folder called "idlelib".
> On Sun, Apr 1, 2018 at 6:49 PM, MRAB <python at mrabarnett.plus.com
> <mailto:python at mrabarnett.plus.com>> wrote:
>
> A thread on python-ideas is talking about the prefixes of string
> literals, and the regex used in IDLE.
>
> Line 25 of Lib\idlelib\colorizer.py is:
>
> stringprefix = r"(?i:\br|u|f|fr|rf|b|br|rb)?"
>
> which looks slightly wrong to me.
>
> The \b will apply only to the first choice.
>
> Shouldn't it be more like:
>
> stringprefix = r"(?:\b(?i:r|u|f|fr|rf|b|br|rb))?"
>
> ?
>
More information about the Python-Dev
mailing list