

Regexes: Now you have 2^N problems. - samwho
http://devblog.getinvisiblehand.com/regexes_now_you_have_n_problems

======
mcpherrinm
While the point of this article is about using gdb to debug a running Ruby
process, surely a useful tip, the exponential regex engine is a fairly major
player too.

"Complexity Attacks" against web services aren't unknown, where you can bring
a server to its knees with a well-chosen string. Search engines in blogs,
wikis, and the like are a good target, since they are running user's regular
expressions. But you should make sure your own regexes don't backtrack much
either.

Or, use a linear matching engine, like re2. For more information about the
complexity of matching a regex, Russ Cox's page is a classic:
[http://swtch.com/~rsc/regexp/regexp1.html](http://swtch.com/~rsc/regexp/regexp1.html)

