hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 05:05:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: update ReDoS.expected

Browse Source
This commit is contained in:
Arthur Baars
2022-03-01 11:22:58 +01:00
parent 61fa3ba314
commit b2745d44f2
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ruby/ql/test/query-tests/security/cwe-1333-exponential-redos/ReDoS.expected
View File

@@ -20,6 +20,7 @@
| tst.rb:74:10:74:17 | (b\|a?b)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of 'b'. |
| tst.rb:77:10:77:17 | (a\|aa?)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of 'a'. |
| tst.rb:83:10:83:16 | (.\|\\n)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '\\n'. |
| tst.rb:89:21:89:28 | (a\|aa?)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of 'a'. |
| tst.rb:95:11:95:24 | ([\\S\\s]\|[^a])* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '`'. |
| tst.rb:101:11:101:19 | (.\|[^a])* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '`'. |
| tst.rb:107:11:107:19 | (b\|[^a])* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of 'b'. |

2
ruby/ql/test/query-tests/security/cwe-1333-exponential-redos/tst.rb
View File

@@ -85,7 +85,7 @@ bad16 = /(.|\n)*!/m
# GOOD
good8 = /([\w.]+)*/
# BAD - we don't yet parse regexps constructed from strings
# NOT GOOD
bad17 = Regexp.new '(a|aa?)*b'
# GOOD - not used as regexp