New submission from anthony shaw <[email protected]>:
Providing an (invalid) input to the parser causes an exponentially-slow DoS to
the Python executable in 3.10.
e.g.
python3.10 -c "{{{{{{{{{{{{{{{{{{{{{:"
takes ~2 seconds
python3.10 -c "{{{{{{{{{{{{{{{{{{{{{{{{:"
takes ~22 seconds
Tested this all the way up to
d{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{```{{{{{{{ef f():y
which took over an hour
----------
components: Parser
keywords: 3.10regression
messages: 412972
nosy: anthonypjshaw, lys.nikolaou, pablogsal
priority: normal
severity: normal
status: open
title: Parser hanging on stacked { tokens
type: crash
_______________________________________
Python tracker <[email protected]>
<https://bugs.python.org/issue46707>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
