[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Tim Peters
report at bugs.python.org
Thu May 16 19:39:47 CEST 2013
Tim Peters added the comment:
Wildcard matching can easily be done in worst-case linear time, but not with regexps. doctest.py's internal _ellipsis_match() shows one way to do it (doctest can use "..." as a wildcard marker).
----------
nosy: +tim_one
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17980>
_______________________________________
More information about the Python-bugs-list
mailing list