I would like to deploy a web application with a Postgresql backend that allows a user to both add a record containing arbitrary text, and to search that text column with an arbitrary regular expression.
My question is, is the app subject to a regex denial of service attack? I would have presumed so but I have been unable produce any problems when testing using the "evil" regexs described in the Wikipedia article on the subject: https://en.wikipedia.org/wiki/ReDoS Is there something in the way Postgresql implements its RE engine that makes it immune to this attack? Thanks for any enlightenment...
