[svet_0]

So now an unreasonable user input will crash my server instead of slowing it down by 50ms. Great DoS mitigation!

[Ukv]

In addition to omnicognate's point, calling `int` on user input would generally already expect a possible ValueError.

[omnicognate]

Your server crashes if a request fails?

[xani_]

it does with this change where it didn't before. At the very best you're still restarting the whole process instead of just wasting a bit of time

[progval]

You should always catch ValueError when using int() on user input, because that input may not be a valid number.

[mattnewton]

I should also check to see if the length is reasonable, no? But the whole point of the issue is that nobody finds that practical.

[fuckstick]

Who uses a process per request for serving Python apps? That must be very uncommon. Even if you use a worker pool that isn’t going to restart a whole process just because of an errant exception in a request handler.

Also as noted if your whole process crashes because of errant input to int() you are beyond fucked in other ways.

[aYsY4dDQ2NrcNzA]

Then don’t upgrade Python in your container?

[aidenn0]

There are inputs that can slow it down by hours. Maybe the set the limit too low. Maybe they should have instead merged the PR that improves the speed by a huge amount. They didn't.