Talk:ReDoS
This article is rated B-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||
|
just look how it is written! thats not wiki standard! — Preceding unsigned comment added by 79.201.163.93 (talk • contribs) 09:43, 19 July 2010
- That's not very helpful, you know.
But really, this article looks much more like a how-to guide than an encyclopedia article.
- Gabrielkfl (talk) 01:06, 4 March 2011 (UTC)
Point out how some regular expression libraries allow the user to specify a timeout for the evaluation of the regex. For example, The .NET Framework 4.5 has that feature. — Preceding unsigned comment added by 76.102.37.19 (talk) 10:16, 22 March 2012 (UTC)
NFA vs. DFA
[edit]This article seems to assume all regex engines are NFA or hybrid NFA/DFA, but pure DFA engines do exists-- and they are not susceptible to this type of attack. Namely, non-GNU awk and non-gnu egrep use pure-DFA engines.[1] --Lucas.Yamanishi (talk) 21:05, 30 March 2013 (UTC)
References
- ^ Friedl, Jeffrey E. F. (2006). Andy Oram (ed.). Mastering Regular Expressions (3rd ed.). 1005 Gravenstein Highway North, Sebastopol, CA 95472: O'Reilly Media, Inc. pp. 145–147. ISBN 978-0-596-52812-6.
{{cite book}}
: CS1 maint: location (link)
Article Name
[edit]I think the article name is probably incorrect. “ReDoS” doesn't really seem to have a definition outside of this page, “Catastrophic Backtracking,” while it has fewer total results on a google search, at least seems to unambiguously mean this. PiAndWhippedCream (talk) 19:32, 1 April 2014 (UTC)
Java class name regexp
[edit]The regular expression ^(([a-z])+.)+[A-Z]([a-z])+$
is just wrong for Java class names – it matches e.g. java-lang+String
, not just e.g.
java.lang.String
. If you correct it to ^(([a-z])+\.)+[A-Z]([a-z])+$
, it won't produce any backtracking. (Though it is right, the regexp is still found in the wrong way on the linked page, with a warning linking to this page. I'll try to see how to correct that.) -- Paul Ebermann (talk) 17:22, 23 June 2017 (UTC)
Optimization
[edit]It look to me that the example regular expressions could be optimized. Do any implementations optimize such regular expressions? If so, which ones? --Zzo38 (talk) 01:30, 23 November 2019 (UTC)