ReDoS: fix potential bad mistake caught by QL-for-QL

2026-04-28 10:15:14 +02:00 · 2023-03-22 10:16:23 +01:00
parent b071d3557e
commit 3d9bbd7824
1 changed files with 5 additions and 3 deletions
--- a/shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll
+++ b/shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll
@@ -390,9 +390,11 @@ module Make<RegexTreeViewSig TreeImpl> {
      getStartTuple(pivot, succ) = getARelevantStateTuple(pivot, succ)
    } or
    Step(TTrace prev, StateTuple nextTuple) {
-      exists(StateTuple prevTuple, State pivot, State succ |
-        prev = Nil(pivot, succ) and
-        prevTuple = getStartTuple(pivot, succ)
+      exists(StateTuple prevTuple |
+        exists(State pivot, State succ |
+          prev = Nil(pivot, succ) and
+          prevTuple = getStartTuple(pivot, succ)
+        )
        or
        prev = Step(_, prevTuple)
      |