[Python-ideas] Updated PEP 428 (pathlib)
Devin Jeanpierre
jeanpierreda at gmail.com
Wed Mar 6 17:31:21 CET 2013
On Sun, Mar 3, 2013 at 9:12 AM, Charles-François Natali
<cf.natali at gmail.com> wrote:
> Yes, I meant glob() (fnmatch() implementations can also be subject to
> DoS through stack exhaustion, but Python's implementation is based on
> regex).
I don't know about stack exhaustion, but Python's regular expression
implementation is agonizingly slow in the worst case, and fnmatch
inherits this.
>>> fnmatch.fnmatch('a'*50, '*a*'*50) # weird how the pattern/string order is reversed from re.match
That will take about 200 years to complete with CPython. Maybe a
little less, if you're running a particularly fast computer. ;)
Is that the sort of DoS issue you are looking for?
-- Devin
More information about the Python-ideas
mailing list