more useful options | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
> My question is whether this is safe to do or not
I'm not sure if you ask if your code or if foreign regexes "are safe". In the latter case, there are three issues I'm aware of
the first two cases might be solved by introspection/blacklisting regex-ops first, the latter probably only by experimenting with a hard limit on runtime. NB: it's even possible to "hide" a BEGIN block inside a regex, we had this discussion about 10 years ago, I'll update a link. ° Edit: We had regularly similar discussions over the years, you might want to Super Search the archives.
Cheers Rolf
updates°) here --> Re: Vulnerabilities when editing untrusted code... (Komodo) ²) more at regex-explosive-quantifiers In reply to Re: Is it safe to use external strings for regexes?
by LanX
|
|