You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The question about resolving the ReDos requests a change from ^(PATTERN+)*$ to ^PATTERN+$, but that is not entirely correct.
The correct option would be: ^(PATTERN+)$ because it keeps the capture group that part of the software could rely on.
Compare these:
>>> re.match(r'^([a-z]+)*$', 'zzz').groups()[0]
'zzz'
>>> re.match(r'^([a-z]+)$', 'zzz').groups()[0]
'zzz'
>>> re.match(r'^[a-z]+$', 'zzz').groups()[0]
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
IndexError: tuple index out of range
(I realise just now that this might not be the correct place to file this. I was checking the developing-secure-software-lfd121 content. If I'm in the wrong place, I am sorry.)
The text was updated successfully, but these errors were encountered:
The question about resolving the ReDos requests a change from
^(PATTERN+)*$to^PATTERN+$, but that is not entirely correct.The correct option would be:
^(PATTERN+)$because it keeps the capture group that part of the software could rely on.Compare these:
(I realise just now that this might not be the correct place to file this. I was checking the
developing-secure-software-lfd121content. If I'm in the wrong place, I am sorry.)The text was updated successfully, but these errors were encountered: