Tal Einat <[email protected]> added the comment:
I suggest closing this as "wontfix".
This is a just an non-optimized regexp pattern leading to long run times. That
these are possible is a well-known trait of backtracking regular expression
engines in general, and ours in particular.
IMO this isn't a security issue since the root of the issue is the pattern. I
don't see this as a bug or a significant performance issue either, and there is
no concrete enhancement suggestion here.
For clarification, the given pattern is equivalent to:
pat = r'''^
(
\(?
[\w\d\-\.\\]{3,}
\|?
)+
[\w\d\-\.\\]{3,}
\)?
$'''
----------
nosy: +taleinat
_______________________________________
Python tracker <[email protected]>
<https://bugs.python.org/issue33113>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
