Regex ReDos test answer is incomplete/incorrect

The question about resolving the ReDos requests a change from `^(PATTERN+)*$` to `^PATTERN+$`, but that is not entirely correct.

The correct option would be: `^(PATTERN+)$` because it keeps the capture group that part of the software could rely on.

Compare these:
```
>>> re.match(r'^([a-z]+)*$', 'zzz').groups()[0]
'zzz'

>>> re.match(r'^([a-z]+)$', 'zzz').groups()[0]
'zzz'

>>> re.match(r'^[a-z]+$', 'zzz').groups()[0]
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
IndexError: tuple index out of range
```

_(I realise just now that this might not be the correct place to file this. I was checking the `developing-secure-software-lfd121` content. If I'm in the wrong place, I am sorry.)_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Regex ReDos test answer is incomplete/incorrect #127

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Regex ReDos test answer is incomplete/incorrect #127

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions