Re^3: safe untrusted regexp

I didn't say it directly but now I will. A regexp on perl's recursive regexp engine can cause it to run out of C stack which then triggers a segfault. That aborts your program. There are patches to perl for versions lie 5.8.4+ (or similar) to either mitigate this or completely work around it. This problem is completely gone in 5.9.4. You could upgrade to that immediately if you wished. It was just released yesterday.

⠤⠤ ⠙⠊⠕⠞⠁⠇⠑⠧⠊

Comment on Re^3: safe untrusted regexp

Replies are listed 'Best First'.
Re^4: safe untrusted regexp by jettero (Monsignor) on Aug 16, 2006 at 16:50 UTC
Could you give an example of a regexp that would chew up all the memory on a machine? I'm utterly fascinated by this, as I was unaware you could cause recursion in a regexp. Or does it have to be like a gig of "(((((((((((((((((((((" to do it? The examples I'm seeing seem to use (??{ to build lambdas into the regs. I suspect that wouldn't apply if they were compiled at runtime -- ie, without use re eval.	[reply]
Re^5: safe untrusted regexp by ikegami (Patriarch) on Aug 16, 2006 at 17:27 UTC
Not all of the memory on the machine, all of the C stack. It's a fixed-size piece of memory reserved for the the storage of the parameters and the local variables of C functions. Perl's guts and functions called via XS make use of this stack. See the thread What perl operations will consume C stack space? and particularly hv's reply.	[reply]