Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1rkG1b-00BW2a-J6 for pgsql-hackers@arkaria.postgresql.org; Wed, 13 Mar 2024 04:15:32 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1rkG1Z-009nlg-Nv for pgsql-hackers@arkaria.postgresql.org; Wed, 13 Mar 2024 04:15:30 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1rkG1Z-009nl3-EP for pgsql-hackers@lists.postgresql.org; Wed, 13 Mar 2024 04:15:29 +0000 Received: from sss.pgh.pa.us ([68.162.161.243]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1rkG1R-004EAB-QU for pgsql-hackers@postgresql.org; Wed, 13 Mar 2024 04:15:28 +0000 Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1]) by sss.pgh.pa.us (8.15.2/8.15.2) with ESMTP id 42D4FIh21977674; Wed, 13 Mar 2024 00:15:18 -0400 From: Tom Lane To: Andrew Dunstan cc: Jeff Davis , Alvaro Herrera , pgsql-hackers@postgresql.org Subject: Re: perl: unsafe empty pattern behavior In-reply-to: References: <202403121753.lw7u5b5fjsjw@alvherre.pgsql> <2385813054ce4e4b3e5998600da2ce95b9509dc7.camel@j-davis.com> <1941562.1710284344@sss.pgh.pa.us> Comments: In-reply-to Andrew Dunstan message dated "Wed, 13 Mar 2024 00:04:49 -0400" MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <1977672.1710303318.1@sss.pgh.pa.us> Content-Transfer-Encoding: quoted-printable Date: Wed, 13 Mar 2024 00:15:18 -0400 Message-ID: <1977673.1710303318@sss.pgh.pa.us> List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk Andrew Dunstan writes: > On 2024-03-12 Tu 18:59, Tom Lane wrote: >> I wonder whether perlcritic has sufficiently deep understanding of >> Perl code that it could find these hazards. > Yeah, that was my thought too. I'd start with ProhibitComplexRegexes.pm = > as a template. Oooh. Taking a quick look at the source code: https://metacpan.org/dist/Perl-Critic/source/lib/Perl/Critic/Policy/Regula= rExpressions/ProhibitComplexRegexes.pm it seems like it'd be pretty trivial to convert that from "complain if regex contains more than N characters" to "complain if regex contains zero characters". regards, tom lane