hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

support \f and \v in the \s class

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2020-11-02 10:36:11 +01:00
parent 68fe03060d
commit 2dd8b6ffef
3 changed files with 19 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
javascript/ql/src/Performance/ReDoS.ql
View File

@@ -327,8 +327,12 @@ private module CharacterClasses {
char = "0123456789".charAt(_)
or
cc.getValue() = "s" and
// TODO: also supposed to match \f and vertical tab (\x0B).
char = [" ", "\t", "\r", "\n"]
(
char = [" ", "\t", "\r", "\n", "\\u000c", "\\u000b"]
or
exists(RegExpConstant constant | constant.getValue().charAt(_) = char) and
char.regexpMatch("\\u000b|\\u000c") // \v|\f (vertical tab | form feed)
)
or
cc.getValue() = "w" and
char = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_".charAt(_)

3
javascript/ql/test/query-tests/Performance/ReDoS/ReDoS.expected
View File

@@ -97,3 +97,6 @@
| tst.js:137:15:137:21 | (\\w\|G)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of 'G'. |
| tst.js:143:15:143:22 | (\\d\|\\w)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '0'. |
| tst.js:146:15:146:21 | (\\d\|5)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '5'. |
| tst.js:149:15:149:24 | (\\s\|[\\f])* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '\u000c'. |
| tst.js:152:15:152:28 | (\\s\|[\\v]\|\\\\v)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '\u000b'. |
| tst.js:155:15:155:24 | (\\f\|[\\f])* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '\u000c'. |

11
javascript/ql/test/query-tests/Performance/ReDoS/tst.js
View File

@@ -143,4 +143,13 @@ var good11 = /((\s|\d)*)"/;
var bad31 = /((\d|\w)*)"/;
// NOT GOOD
var bad32 = /((\d|5)*)"/;
var bad32 = /((\d|5)*)"/;
// NOT GOOD
var bad33 = /((\s|[\f])*)"/;
// NOT GOOD
var bad34 = /((\s|[\v]|\\v)*)"/;
// NOT GOOD
var bad35 = /((\f|[\f])*)"/;