hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 09:15:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rust: Applying suggestions to documentation

Browse Source
This commit is contained in:
Simon Friis Vindum
2025-03-10 16:30:52 +01:00
parent 5c83644360
commit b48fd99913
2 changed files with 11 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
rust/ql/src/queries/security/CWE-020/RegexInjection.qhelp
View File

@@ -6,8 +6,8 @@
<overview>
<p>
Constructing a regular expression with unsanitized user input can be dangerous.
A malicious user may be able to modify the meaning of the expression causing it
to match unexpected strings and to construct large regular expressions by using
A malicious user may be able to modify the meaning of the expression, causing it
to match unexpected strings and construct large regular expressions by using
counted repetitions.
</p>
</overview>
@@ -22,13 +22,13 @@ escape meta-characters that have special meaning.
<p>
If purposefully supporting user supplied regular expressions, then use <a
href="https://docs.rs/regex/latest/regex/struct.RegexBuilder.html#method.size_limit">RegexBuilder::size_limit</a>
to limit the pattern size such that it is no larger than necessary.
to limit the pattern size so that it is no larger than necessary.
</p>
</recommendation>
<example>
<p>
The following example construct a regular expressions from the user input
The following example constructs a regular expressions from the user input
<code>key</code> without escaping it first.
</p>
@@ -41,8 +41,8 @@ malicious user might inject the regular expression <code>".*^|key"</code> and
unexpectedly cause strings such as <code>"key=secret"</code> to match.
</p>
<p>
If user input is used to construct a regular expression it should be escaped
first. This ensures that the user cannot insert characters that have special
If user input is used to construct a regular expression, it should be escaped
first. This ensures that the malicious users cannot insert characters that have special
meanings in regular expressions.
</p>
<sample src="RegexInjectionGood.rs" />
@@ -50,7 +50,7 @@ meanings in regular expressions.
<references>
<li>
<code>regex</code> crate documentation: <a href="https://docs.rs/regex/latest/regex/index.html#untrusted-patterns">Untrusted patterns</a>
<code>regex</code> crate documentation: <a href="https://docs.rs/regex/latest/regex/index.html#untrusted-patterns">Untrusted patterns</a>.
</li>
</references>
</qhelp>

5
rust/ql/src/queries/security/CWE-020/RegexInjection.ql
View File

@@ -1,6 +1,9 @@
/**
* @name Regular expression injection
* @description
* @description User input should not be used in regular expressions without first being
* escaped, otherwise a malicious user may be able to inject an expression that
* could modify the meaning of the expression, causing it to match unexpected
* strings.
* @kind path-problem
* @problem.severity error
* @security-severity 7.8