Amongst other potential dangers, there's a "denial of service" attack trivially possible with a short regex that fails to match, but fails to match in exponentially countable ways. See Jeffrey Friedl's "Mastering Regular Expressions" for a discussion of this.

Solution: make sure you have a timeout alarm set.

-- Randal L. Schwartz, Perl hacker