Hacker News new | ask | show | jobs
by Hackbraten 495 days ago
Speaking of "disheartening": your fellow devs who wrote the Pylance extension decided to mount a ReDoS attack against anyone who opens it in a debugger. I merely tried to investigate an issue that I had. [0] [1]

Being on the receiving end of a deliberate ReDOS attack feels more than disheartening. This is not shedding a good light on the VS Code development team as a whole. This is a despicable act.

[0]: https://darmstadt.social/system/media_attachments/files/112/...

[1]: https://darmstadt.social/system/media_attachments/files/112/...
1 comments
Varriount 495 days ago
I get what a regular expression like that does, but what leads to it being executed?
link
Hackbraten 495 days ago
No idea. All I know is whenever I try to execute the module in e.g. VS Code's debugger, it somehow triggers the attack and enters a de-facto-endless 100%-CPU-load loop.
link
DonHopkins 495 days ago
Now you have two problems!

https://blog.codinghorror.com/regular-expressions-now-you-ha...

link