hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Swift: Add more test cases exploring the timeout.

Browse Source
This commit is contained in:
Geoffrey White
2023-06-20 15:27:51 +01:00
parent 9f58d961f2
commit c501fa5289
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
swift/ql/test/library-tests/regex/redos_variants.swift
View File

@@ -380,7 +380,12 @@ func myRegexpVariantsTests(myUrl: URL) throws {
// BAD
// TODO: QL evaluation times out (for test, at 5 minutes)
// times out:
// _ = try Regex(#"(\w*foobarbaz\w*foobarbaz\w*foobarbaz\w*foobarbaz\s*foobarbaz\d*foobarbaz\w*)+-"#).firstMatch(in: tainted) // $ redos-vulnerable=
// a simpler regex that times out:
// _ = try Regex(#"(\w*foobarfoobarfoobarfoobarfoobarfoobarfoobarfoobar)+"#).firstMatch(in: tainted) // $ redos-vulnerable=
// a simpler regerx that doesn't time out but is slow to evaluate:
// _ = try Regex(#"(\w*foobarfoobarfoobar)+"#).firstMatch(in: tainted) // $ redos-vulnerable=
// BAD (but cannot currently construct a prefix)
// attack string: "aa" + "b" x lots + "!"