Crackfortran regular expression could use improvement

[charris]

In crackfortran.py line 938.

nameargspattern = re.compile(
    r'\s*(?P<name>\b[\w$]+\b)\s*(@\(@\s*(?P<args>[\w\s,]*)\s*@\)@|)\s*((result(\s*@\(@\s*(?P<result>\b[\w$]+\b)\s*@\)@|))|(bind\s*@\(@\s*(?P<bind>.*)\s*@\)@))*\s*\Z', re.I)

This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '@)@bind@(@'.
CodeQL

[molsonkiko]

I have my eye on this one. I've looped in a regex wizard I know and hopefully I'll be able to make it better.

[charris]

That would be great.

[molsonkiko]

It occurs to me that probably the issue is the .* in (bind\s*@\(@\s*(?P<bind>.*)\s*@\)@).

I have essentially no knowledge of FORTRAN, so I feel pretty far out of my depth here, but I assume what's going on here is that the .* can reach forward arbitrarily far, including through subsequent @)@bind@(@. Probably there's some sort of negative lookahead that could be done here to prevent this problem.

[molsonkiko]

Note for myself, and anyone else who's interested - looks like the source code that was used to flag regexes is probably here.