|WikiProject Computing / Security||(Rated C-class, Low-importance)|
- That's not very helpful, you know.
But really, this article looks much more like a how-to guide than an encyclopedia article.
- Gabrielkfl (talk) 01:06, 4 March 2011 (UTC)
Point out how some regular expression libraries allow the user to specify a timeout for the evaluation of the regex. For example, The .NET Framework 4.5 has that feature. — Preceding unsigned comment added by 220.127.116.11 (talk) 10:16, 22 March 2012 (UTC)
NFA vs. DFA
This article seems to assume all regex engines are NFA or hybrid NFA/DFA, but pure DFA engines do exists-- and they are not susceptible to this type of attack. Namely, non-GNU awk and non-gnu egrep use pure-DFA engines. --Lucas.Yamanishi (talk) 21:05, 30 March 2013 (UTC)
I think the article name is probably incorrect. “ReDoS” doesn't really seem to have a definition outside of this page, “Catastrophic Backtracking,” while it has fewer total results on a google search, at least seems to unambiguously mean this.