My first thought was something along the lines of a “zip bomb”. For every “M” in the input string, it’d use more than a KiB of memory. But still, it’d take a string of millions of "M"s to exhaust memory on even a low-end modern server. Still probably not a good idea to expose to untrusted input on a public networked server, though. And it could easily peg a CPU core for a good while. Very good leveraged target for DDOSing.
My first thought was something along the lines of a “zip bomb”. For every “M” in the input string, it’d use more than a KiB of memory. But still, it’d take a string of millions of "M"s to exhaust memory on even a low-end modern server. Still probably not a good idea to expose to untrusted input on a public networked server, though. And it could easily peg a CPU core for a good while. Very good leveraged target for DDOSing.