Yeah, that's grammar/syntax which I agree is pretty neat.

The vocabulary isn't that large but it's quite large and that combined with its arbitrariness (i.e. everything is one character, so can't be differentiated/remembered that way and the characters often don't obviously relate to their subjects and so on - makes memorising hard) which makes it difficult.

And it genuinely is complex when you get into back/forward references and have to worry about greediness and that kinda stuff. That's a genuine headfuck.

I'm only half sure what you're on about with that middle paragraph. :S

 

Most times when people worry about greediness, they should actually be using lazy quantifiers, or a negative character class.

 

(If I was designing regex from scratch, I'd either make lazy the default, or have no default, so that people had to learn there are three different modes, and when each is appropriate.)

 

If you're using back references a lot, you're likely getting into the territory where a simple parser is likely the better choice (probably using a number of smaller, more basic regexes).

I am both a lazy quantifier AND a negative character class.

I am also putting off performance reviews. God the tedium! :(

sigh, yes I know I wasn't paying attention where I chopped up the code and I was generalising broadly, :-(( sorry I wasn't up to PB standard, but I didn't have time to write a dissertation :-P

 

PS have you considered a career as a QSA ? :-)

 

I still stand by regexbuddy it does a nice job of validating regex against different regex flavours.

Hey I assumed you were new but you know about PB and his standards. WHO ARE YOU?!?!?!!?

Also, if you are new, tea?

(Registered: 20 Mar 2007)

I'm not new, I are extreme olds, I even remember teh pcf forum on delphi.

 

I also know your not called LUCY either Xen,

 

I'll only partake of tea if it's at least Assam and nice and strong.
otherwise you can keep your dishwater ;-)

 

Guessed who I am yet ????

A QSA job means I spend more of my time getting frustrated by badly written software than I already do.
At least with development, I get to try and fix the problem some of the time. :P


I've never bothered using any regex software, because I know what I'm doing so it'd just get in the way (and look hideous; dunno why people doing regex syntax highlighting pick such horrible colours schemes).

I'm sure RegexBuddy does do a good job with the different flavours, since it's written by the guy that runs regular-expressions.info (which has a comprehensive reference of what they each support), but being required to pay €30 for proprietary software isn't that great. :/

(I know there are free equivalents, but no idea how they actually compare.)

HOW THE FUCK DO YOU KNOW ALL THESE THINGS ABOUT ME!?!??!!?!?

ARE YOU WATCHING ME NOW?!?!?!!?!! MY HAIR IS A MESS, HANG ON. OK, HOW'S THAT?!??!!!?!!?!?

Assam is an interesting choice. Too earthy and malty for me, I prefer the zesty zing of Ceylon and the like. A very respectable choice though.

I do not know who you are. Give us a clue!

But as a QSA you'd get to be picky all day and get paid lots and lots and lots I thought you'd like that.

 

At 3am when your seeing double a bit of syntax highlighting regardless of the colours makes life a lot easier, especially when your stuck with fixing a bitch of a SIEM collector plugin.

 

it is a bit steep but the others are an order of magnitude less helpful.

 

 

 

 

 

 

 

 

 

edit ------ heres that clue for Xen-------

I works in Security
I don't live south of London or north of Birmingham.

 

<natural paranoia>
can say any more teh fears they hurt
</natural paranoia>

Hmmm. Are you James Bond?

no Drew, I'm more likely to be moneypenny :-)

 

It is I, Marie.

Aha!

I remember you.

<pours a nice strong cup of assam>

<takes nice cup of assam>
ahhhhh, thank you.. you make good tea.

Thank you.

And you make good... secure things.

I don't like being picky. I just have standards, unlike 99.9% of the world. :(

Syntax highlighting would be nice at times, if it was integrated into the IDE I use. Not enough of a benefit to use a separate app for it though.
(And I will get it added to the IDE I use, one of these days.)

Thank you :-), I do try to endeavour to make mostly insecure things slightly more secure than they were before I got there.

 

The easiest way I found is to break the fingers of all the users, they don't do it again for at least a couple of months.
That and the hospital bills are usually less than the cost of the equipment :-P

I know you have standards, very commendable they are too.

 

Oh I always thought you enjoyed correcting people (no John) if you don't thats very sad, life must be intolerable|frustrating|irritating for you.