Hacker News new | past | comments | ask | show | jobs | submit login

There are other bugs in the engine. PCRE has had several, I have no reason to believe any other engine is not similarly vulnerable. In a security context, a regex engine is best viewed as a virtual machine. Most virtual machines are not secure in the face of hostile code.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: