Theo Van Dinter wrote:
On Tue, Feb 14, 2006 at 05:37:56PM -0500, Daryl C. W. O'Shea wrote:
Should we be wrapping full rules in alarms (using M::SA::Timeout) to
prevent this?
To note, it's not just full rules. Any regular expression can be caught in
backtrack hell, though it's unlikely for header and uri, body and rawbody can
definitely have the problem too.
I forgot about rawbody. I didn't think (and may very well be mistaken)
that body would be worth the overhead -- people seem to do this most
often with full and rawbody rules.
Daryl
