Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2008-July/081481.html below:

[Python-Dev] Fuzzing bugs: most bugs are closed

• Previous message: [Python-Dev] Fuzzing bugs: most bugs are closed
• Next message: [Python-Dev] Fuzzing bugs: most bugs are closed
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

yOn Mon, Jul 21, 2008 at 03:53:18PM +0000, Antoine Pitrou wrote:
> The underscore at the beginning of _sre clearly indicates that the module is 
> not recommended for direct consumption, IMO. Even the functions that don't 
> themselves start with an underscore...

Sure, but if someone is trying to break in or DoS your application
server, they don't care if the module starts with an underscore or
not.

To answer Victor's original question: the parser & compiler that turn
a regex into bytecode is written in Python.  I can't think of a way to
prevent other Python modules from importing _sre or accessing the
compile() function; if nothing else, code could always do 'import re ;
re.sre_compile._sre.compile(...)'.

--amk

• Previous message: [Python-Dev] Fuzzing bugs: most bugs are closed
• Next message: [Python-Dev] Fuzzing bugs: most bugs are closed
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4