Re^3: Complex regular subexpression recursion limit

It's a bug because the regexp engine isn't recursive anymore. Limiting quantifier size for "efficiency and safety" reasons makes as much sense stopping the following loop:

for (1 .. 34000) { print $_ }
[download]

after it printed 32766.

Note that the "deep recursion" you are referring to is a warning, perl won't stop the recursion. But the Complex regular subexpression recursion limit makes perl just say "oh well, I had enough - I'll just pretend it doesn't match". That's wrong. It may even be exploitable.

Comment on Re^3: Complex regular subexpression recursion limit Download Code

Replies are listed 'Best First'.
Re^4: Complex regular subexpression recursion limit by JadeNB (Chaplain) on Dec 03, 2009 at 17:58 UTC
Limiting quantifier size for "efficiency and safety" reasons makes as much sense stopping the following loop I wasn't proposing a limit on quantifier size, just observing that it's already present (and speculating on why). Note that the "deep recursion" you are referring to is a warning, perl won't stop the recursion. But the Complex regular subexpression recursion limit makes perl just say "oh well, I had enough - I'll just pretend it doesn't match". That's wrong. It may even be exploitable. Obviously I didn't read the perldiag page very well, despite linking to it. :-) Now I understand the difference—thanks. (Mainly I missed the fact that the regular expression match fails with a `warn`ing, rather than `die`ing, because I didn't actually run the code myself.)	[reply] [d/l] [select]
Re^5: Complex regular subexpression recursion limit by ikegami (Patriarch) on Dec 03, 2009 at 18:27 UTC
Mainly I missed the fact that the regular expression match fails with a warning, rather than dieing I missed that too, so it wasn't part of my reasoning	[reply]