[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Python-Dev] IDLE colorizer

On 2018-04-02 05:43, Guido van Rossum wrote:
> My question for you: how on earth did you find this?! Speaking of a 
> needle in a haystack. Did you run some kind of analysis program that 
> looks for regexprs? (We've received some good reports from someone who 
> did that looking for possible DoS attacks.)
The thread was about string prefixes.

Terry Reedy wrote "IDLE's colorizer does its parsing with a giant regex."

I wondered: "How bad could it be?" (It's smaller now that the IGNORECASE 
flag can have a local scope.)

It wasn't hard to find because it was in a file called "colorizer.py" in 
a folder called "idlelib".

> On Sun, Apr 1, 2018 at 6:49 PM, MRAB <python at mrabarnett.plus.com 
> <mailto:python at mrabarnett.plus.com>> wrote:
>     A thread on python-ideas is talking about the prefixes of string
>     literals, and the regex used in IDLE.
>     Line 25 of Lib\idlelib\colorizer.py is:
>     ? ? stringprefix = r"(?i:\br|u|f|fr|rf|b|br|rb)?"
>     which looks slightly wrong to me.
>     The \b will apply only to the first choice.
>     Shouldn't it be more like:
>     ? ? stringprefix = r"(?:\b(?i:r|u|f|fr|rf|b|br|rb))?"
>     ?