hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f106e064fa5db45bd11dd0885bab92d53d6d9829
codeql/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/regexplib/misc.js
Erik Krogh Kristensen 2e4c2df67e move the JS ReDoS test to a more appropriate folder
2022-06-23 14:36:25 +02:00

174 lines
9.5 KiB
JavaScript
Raw Blame History

/^\d{3}\s?\d{3}$/g;
/^([a-zA-Z0-9@*#]{8,15})$/g;
/^(?=.*\d).{4,8}$/g;
/^[a-zA-Z]+(([\'\,\.\- ][a-zA-Z ])?[a-zA-Z]*)*$/g;
/((\(\d{3}\) ?)|(\d{3}-))?\d{3}-\d{4}/g;
/^\D?(\d{3})\D?\D?(\d{3})\D?(\d{4})$/g;
/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?!.*\s).{4,8}$/g;
/^([0-1])*$/g;
/,(?!(?<=(?:^|,)\s*\x22(?:[^\x22]|\x22\x22|\\\x22)*,)(?:[^\x22]|\x22\x22|\\\x22)*\x22\s*(?:,|$))/g;
/\u00AE/g;
/^[A-Za-z]{6}[0-9LMNPQRSTUV]{2}[A-Za-z]{1}[0-9LMNPQRSTUV]{2}[A-Za-z]{1}[0-9LMNPQRSTUV]{3}[A -Za-z]{1}$/g;
/[:]{1}[-~+o]?[)>]+/g;
/^\d{5}(-\d{4})?$/g;
/^([a-z0-9]{32})$/g;
/^(([a-zA-Z]:|\\)\\)?(((\.)|(\.\.)|([^\\/:\*\?"\|<>\. ](([^\\/:\*\?"\|<>\. ])|([^\\/:\*\?"\|<>]*[^\\/:\*\?"\|<>\. ]))?))\\)*[^\\/:\*\?"\|<>\. ](([^\\/:\*\?"\|<>\. ])|([^\\/:\*\?"\|<>]*[^\\/:\*\?"\|<>\. ]))?$/g;
/\u00A3/g;
/\u2122/g;
/^[{|\(]?[0-9a-fA-F]{8}[-]?([0-9a-fA-F]{4}[-]?){3}[0-9a-fA-F]{12}[\)|}]?$/g;
/\u221E/g;
/\u00A5/g;
/^(([\w][\w\-\.]*)\.)?([\w][\w\-]+)(\.([\w][\w\.]*))?$/g;
/^(eth[0-9]$)|(^eth[0-9]:[1-9]$)/g;
/^((Fred|Wilma)\s+Flintstone|(Barney|Betty)\s+Rubble)$/g;
/^(([a-zA-Z]:|\\)\\)?(((\.)|(\.\.)|([^\\/:\*\?"\|<>\. ](([^\\/:\*\?"\|<>\. ])|([^\\/:\*\?"\|<>]*[^\\/:\*\?"\|<>\. ]))?))\\)*[^\\/:\*\?"\|<>\. ](([^\\/:\*\?"\|<>\. ])|([^\\/:\*\?"\|<>]*[^\\/:\*\?"\|<>\. ]))?$/g;
/\u00A3/g;
/^([a-z0-9]{32})$/g;
/[:]{1}[-~+o]?[)>]+/g;
/^\d{5}(-\d{4})?$/g;
/\u2122/g;
/\u20AC/g;
/^[1-9]{1}[0-9]{3} ?[A-Z]{2}$/g;
/\u00A5/g;
/^[{|\(]?[0-9a-fA-F]{8}[-]?([0-9a-fA-F]{4}[-]?){3}[0-9a-fA-F]{12}[\)|}]?$/g;
/\u221E/g;
/^\d{5}$/g;
/^[A-Za-z]{6}[0-9]{2}[A-Za-z]{1}[0-9]{2}[A-Za-z]{1}[0-9]{3}[A-Za-z]{1}$/g;
/^07([\d]{3})[(\D\s)]?[\d]{3}[(\D\s)]?[\d]{3}$/g;
/^\d{5}-\d{4}$/g;
/^([0-9]{2})?(\([0-9]{2})\)([0-9]{3}|[0-9]{4})-[0-9]{4}$/g;
/^[A-Za-z]{2}[0-9]{6}[A-Za-z]{1}$/g;
/^([\(]{1}[0-9]{3}[\)]{1}[ |\-]{0,1}|^[0-9]{3}[\-| ])?[0-9]{3}(\-| ){1}[0-9]{4}$/g;
/^07([\d]{3})[(\D\s)]?[\d]{3}[(\D\s)]?[\d]{3}$/g;
/^[A-Za-z]{6}[0-9]{2}[A-Za-z]{1}[0-9]{2}[A-Za-z]{1}[0-9]{3}[A-Za-z]{1}$/g;
/^\d{5}$/g;
/^[A-Za-z]{2}[0-9]{6}[A-Za-z]{1}$/g;
/^([0-9]{2})?(\([0-9]{2})\)([0-9]{3}|[0-9]{4})-[0-9]{4}$/g;
/^\d{5}-\d{4}$/g;
/[^a-zA-Z \-]|( )|(\-\-)|(^\s*$)/g;
/(^([1-3]{1}[0-9]{0,}(\.[0-9]{1})?|0(\.[0-9]{1})?|[4]{1}[0-9]{0,}(\.[0]{1})?|5(\.[5]{1}))$)/g;
/^[0-9]{4}\s{0,2}[a-zA-z]{2}$/g;
/(?<Sedol>[B-Db-dF-Hf-hJ-Nj-nP-Tp-tV-Xv-xYyZz\d]{6}\d)/g;
/^([a-zA-Z.\s']{1,50})$/g;
/^([a-zA-Z0-9!@#$%^&*()-_=+;:'"|~`<>?/{}]{1,5})$/g;
/<[iI][mM][gG]([^>]*[^/>])/g;
/\d{2}.?\d{3}.?\d{3}\/?\d{4}-?\d{2}/g;
/^[0-9]{2}[-][0-9]{2}[-][0-9]{2}$/g;
/^\(?082|083|084|072\)?[\s-]?[\d]{3}[\s-]?[\d]{4}$/g;
/^([0-9A-Za-z@.]{1,255})$/g;
/^((A(((H[MX])|(M(P|SN))|(X((D[ACH])|(M[DS]))?)))?)|(K7(A)?)|(D(H[DLM])?))(\d{3,4})[ABD-G][CHJK-NPQT-Y][Q-TV][1-4][B-E]$/g;
/^\(?[\d]{3}\)?[\s-]?[\d]{3}[\s-]?[\d]{4}$/g;
/^[A-Z]{2}[0-9]{6}[A-DFM]{1}$/g;
/^0[1-6]{1}(([0-9]{2}){4})|((\s[0-9]{2}){4})|((-[0-9]{2}){4})$/g;
/^(user=([a-z0-9]+,)*(([a-z0-9]+){1});)?(group=([a-z0-9]+,)*(([a-z0-9]+){1});)?(level=[0-9]+;)?$/g;
/^([A-HJ-TP-Z]{1}\d{4}[A-Z]{3}|[a-z]{1}\d{4}[a-hj-tp-z]{3})$/g;
/^[a-zA-Z0-9\s.\-_']+$/g;
/\(([0-9]{2}|0{1}((x|[0-9]){2}[0-9]{2}))\)\s*[0-9]{3,4}[- ]*[0-9]{4}/g;
/(^0[78][2347][0-9]{7})/g;
/^([a-zA-Z0-9][-a-zA-Z0-9]*[a-zA-Z0-9]\.)+([a-zA-Z0-9]{3,5})$/g;
/^(((25[0-5]|2[0-4][0-9]|19[0-1]|19[3-9]|18[0-9]|17[0-1]|17[3-9]|1[3-6][0-9]|12[8-9]|12[0-6]|1[0-1][0-9]|1[1-9]|[2-9][0-9]|[0-9])\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9]))|(192\.(25[0-5]|2[0-4][0-9]|16[0-7]|169|1[0-5][0-9]|1[7-9][0-9]|[1-9][0-9]|[0-9]))|(172\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|1[0-5]|3[2-9]|[4-9][0-9]|[0-9])))\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])$/g;
/(^\(\)$|^\(((\([0-9]+,(\((\([0-9]+,[0-9]+,[0-9]+\),)*(\([0-9]+,[0-9]+,[0-9]+\)){1}\))+\),)*(\([0-9]+,(\((\([0-9]+,[0-9]+,[0-9]+\),)*(\([0-9]+,[0-9]+,[0-9]+\)){1}\))+\)){1}\)))$/g;
/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{4,8}$/g;
/^\d{5}$|^\d{5}-\d{4}$/g;
/^[a-zA-Z]\w{3,14}$/g;
/^[a-zA-Z0-9]+$/g;
/^[a-zA-Z]+$/g;
/(AUX|PRN|NUL|COM\d|LPT\d)+\s*$/g;
/^[a-zA-Z]{1,2}[0-9][0-9A-Za-z]{0,1} {0,1}[0-9][A-Za-z]{2}$/g;
/\d{4}-?\d{4}-?\d{4}-?\d{4}/g;
/^(\/w|\/W|[^<>+?$%{}&])+$/g;
/([0-1][0-9]|2[0-3]):[0-5][0-9]/g;
/([A-Z&#228;&#246;&#252;0-9\/][^a-z\:\,\(\)]*[A-Z&#228;&#246;&#252;0-9])($|[\.\:\,\;\)\-\ \+]|s\b)/g;
/^[\u0081-\uFFFF]{1,}$/g;
/^\s*(((\d*\.?\d*[0-9]+\d*)|([0-9]+\d*\.\d*) )\s*[xX]\s*){2}((\d*\.?\d*[0-9]+\d*)|([0-9]+\d*\.\d*))\s*$/g;
/\p{IsBasicLatin}/g;
/([2-9JQKA]|10)([\u2660\u2663\u2665\u2666])/g;
/^[a-zA-Z_][a-zA-Z0-9_]*$/g;
/^(?n:(?!-[\d\,]*K) (?!-((\d{1,3},)*((([3-9]\d\d|2[89]\d|27[4-9])\xB0C)|(((4[6-9]|[5-9]\d)\d)\xB0F)))) -?\d{1,3}(,\d{3})*(\xB0[CF]|K) )$/g;
/^[+]447\d{9}$/g;
/[1-2][0|9][0-9]{2}[0-1][0-9][0-3][0-9][-][0-9]{4}/g;
/^(([a-z])+.)+[A-Z]([a-z])+$/g;
/(?-i:\b\p{Lu}+\b)/g;
/^(\d{5}((|-)-\d{4})?)|([A-Za-z]\d[A-Za-z][\s\.\-]?(|-)\d[A-Za-z]\d)|[A-Za-z]{1,2}\d{1,2}[A-Za-z]? \d[A-Za-z]{2}$/g;
/(.*\.([wW][mM][aA])|([mM][pP][3])$)/g;
/\p{Sm}/g;
/(at\s)(?<fullClassName>.+)(\.)(?<methodName>[^\.]*)(\()(?<parameters>[^\)]*)(\))((\sin\s)(?<fileName>.+)(:line )(?<lineNumber>[\d]*))?/g;
/(?-i:\b\p{Ll}+\b)/g;
/^((4\d{3})|(5[1-5]\d{2}))(-?|\040?)(\d{4}(-?|\040?)){3}|^(3[4,7]\d{2})(-?|\040?)\d{6}(-?|\040?)\d{5}/g;
/^(?i:(?=[MDCLXVI])((M{0,3})((C[DM])|(D?C{0,3}))?((X[LC])|(L?XX{0,2})|L)?((I[VX])|(V?(II{0,2}))|V)?))$/g;
/^\d{5}(-\d{3})?$/g;
/^\d{2}(\x2e)(\d{3})(-\d{3})?$/g;
/(("|')[a-z0-9\/\.\?\=\&]*(\.htm|\.asp|\.php|\.jsp)[a-z0-9\/\.\?\=\&]*("|'))|(href=*?[a-z0-9\/\.\?\=\&"']*)/g;
/^<a\s+href\s*=\s*"http:\/\/([^"]*)"([^>]*)>(.*?(?=<\/a>))<\/a>$/g;
/^([ \u00c0-\u01ffa-zA-Z'])+$/g;
/(^\d{5}-\d{3}|^\d{2}.\d{3}-\d{3}|\d{8})/g;
/^(\d{5}-\d{4}|\d{5})$/g;
/^(ac|AC|al|AL|am|AM|ap|AP|ba|BA|ce|CE|df|DF|es|ES|go|GO|ma|MA|mg|MG|ms|MS|mt|MT|pa|PA|pb|PB|pe|PE|pi|PI|pr|PR|rj|RJ|rn|RN|ro|RO|rr|RR|rs|RS|sc|SC|se|SE|sp|SP|to|TO)$/g;
/^([0-1]([\s-./\\])?)?(\(?[2-9]\d{2}\)?|[2-9]\d{3})([\s-./\\])?(\d{3}([\s-./\\])?\d{4}|[a-zA-Z0-9]{7})$/g;
/[^abc]/g;
/\({1}[0-9]{3}\){1}\-{1}[0-9]{3}\-{1}[0-9]{4}/g;
/^([0-1]([\s-./\\])?)?(\(?[2-9]\d{2}\)?|[2-9]\d{3})([\s-./\\])?([0-9]{3}([\s-./\\])?[0-9]{4}|[a-zA-Z0-9]{7}|([0-9]{3}[-][a-zA-Z0-9]{4}))/g;
/^([A-Za-z]\d[A-Za-z][-]?\d[A-Za-z]\d)/g;
/(\s*\(?0\d{4}\)?\s*\d{6}\s*)|(\s*\(?0\d{3}\)?\s*\d{3}\s*\d{4}\s*)/g;
/(([01][\.\- +]\(\d{3}\)[\.\- +]?)|([01][\.\- +]\d{3}[\.\- +])|(\(\d{3}\) ?)|(\d{3}[- \.]))?\d{3}[- \.]\d{4}/g;
/(^.+\|+[A-Za-z])/g;
/^\d{3,3}\.\d{0,2}$|^E\d{3,3}\.\d{0,2}$/g;
/{.*}/g;
/^(\{|\[|\().+(\}|\]|\)).+$/g;
/(^[A-ZÀ-Ü]{1}[a-zà-ü']+\s[a-zA-Zà-üÀ-Ü]+((([\s\.'])|([a-zà-ü']+))|[a-zà-ü']+[a-zA-Zà-üÀ-Ü']+))/g;
/(NOT)?(\s*\(*)\s*(\w+)\s*(=|<>|<|>|LIKE|IN)\s*(\(([^\)]*)\)|'([^']*)'|(-?\d*\.?\d+))(\s*\)*\s*)(AND|OR)?/g;
/^(.|\n){0,16}$/g;
/\p{N}/g;
/^[a-zA-Z0-9]{1,20}$/g;
/(?s)(?:\e\[(?:(\d+);?)*([A-Za-z])(.*?))(?=\e\[|\z)/g;
/^[^#]([^ ]+ ){6}[^ ]+$/g;
/^[AaWaKkNn][a-zA-Z]?[0-9][a-zA-Z]{1,3}$/g;
/^[a-z]+[0-9]*[a-z]+$/g;
/^([a-zA-Z.\s']{1,50})$/g;
/^([a-zA-Z0-9!@#$%^&*()-_=+;:'"|~`<>?/{}]{1,5})$/g;
/<[iI][mM][gG]([^>]*[^/>])/g;
/(?<Sedol>[B-Db-dF-Hf-hJ-Nj-nP-Tp-tV-Xv-xYyZz\d]{6}\d)/g;
/[^a-zA-Z \-]|( )|(\-\-)|(^\s*$)/g;
/(^([1-3]{1}[0-9]{0,}(\.[0-9]{1})?|0(\.[0-9]{1})?|[4]{1}[0-9]{0,}(\.[0]{1})?|5(\.[5]{1}))$)/g;
/^[0-9]{4}\s{0,2}[a-zA-z]{2}$/g;
/\d{2}.?\d{3}.?\d{3}\/?\d{4}-?\d{2}/g;
/^\(?[\d]{3}\)?[\s-]?[\d]{3}[\s-]?[\d]{4}$/g;
/^[A-Z1-9]{5}-[A-Z1-9]{5}-[A-Z1-9]{5}-[A-Z1-9]{5}-[A-Z1-9]{5}$/g;
/^(\+[1-9][0-9]*(\([0-9]*\)|-[0-9]*-))?[0]?[1-9][0-9\- ]*$/g;
/^((A(((H[MX])|(M(P|SN))|(X((D[ACH])|(M[DS]))?)))?)|(K7(A)?)|(D(H[DLM])?))(\d{3,4})[ABD-G][CHJK-NPQT-Y][Q-TV][1-4][B-E]$/g;
/^[0-9]{2}[-][0-9]{2}[-][0-9]{2}$/g;
/^\(?082|083|084|072\)?[\s-]?[\d]{3}[\s-]?[\d]{4}$/g;
/(\{\\f\d*)\\([^;]+;)/g;
/^(\/w|\/W|[^<>+?$%{}&])+$/g;
/^\(\d{1,2}(\s\d{1,2}){1,2}\)\s(\d{1,2}(\s\d{1,2}){1,2})((-(\d{1,4})){0,1})$/g;
/(("|')[a-z0-9\/\.\?\=\&]*(\.htm|\.asp|\.php|\.jsp)[a-z0-9\/\.\?\=\&]*("|'))|(href=*?[a-z0-9\/\.\?\=\&"']*)/g;
/^<a\s+href\s*=\s*"http:\/\/([^"]*)"([^>]*)>(.*?(?=<\/a>))<\/a>$/g;
/^[0-9A-Za-z_ ]+(.[jJ][pP][gG]|.[gG][iI][fF])$/g;
/^(?(^00000(|-0000))|(\d{5}(|-\d{4})))$/g;
/\w?<\s?\/?[^\s>]+(\s+[^"'=]+(=("[^"]*")|('[^\']*')|([^\s"'>]*))?)*\s*\/?>/g;
/^([A-PR-UWYZ0-9][A-HK-Y0-9][AEHMNPRTVXY0-9]?[ABEHMNPRVWXY0-9]? {1,2}[0-9][ABD-HJLN-UW-Z]{2}|GIR 0AA)$/g;
/^([ \u00c0-\u01ffa-zA-Z'])+$/g;
/[^abc]/g;
/\({1}[0-9]{3}\){1}\-{1}[0-9]{3}\-{1}[0-9]{4}/g;
/^([0-1]([\s-./\\])?)?(\(?[2-9]\d{2}\)?|[2-9]\d{3})([\s-./\\])?([0-9]{3}([\s-./\\])?[0-9]{4}|[a-zA-Z0-9]{7}|([0-9]{3}[-][a-zA-Z0-9]{4}))/g;
/^([0-1]([\s-./\\])?)?(\(?[2-9]\d{2}\)?|[2-9]\d{3})([\s-./\\])?(\d{3}([\s-./\\])?\d{4}|[a-zA-Z0-9]{7})$/g;
/(^\d{5}-\d{3}|^\d{2}.\d{3}-\d{3}|\d{8})/g;
/^(\d{5}-\d{4}|\d{5})$/g;
/^(ac|AC|al|AL|am|AM|ap|AP|ba|BA|ce|CE|df|DF|es|ES|go|GO|ma|MA|mg|MG|ms|MS|mt|MT|pa|PA|pb|PB|pe|PE|pi|PI|pr|PR|rj|RJ|rn|RN|ro|RO|rr|RR|rs|RS|sc|SC|se|SE|sp|SP|to|TO)$/g;
/^(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])$/g;
/[A-Z][a-z]+/g;
/@{2}((\S)+)@{2}/g;
/^[a-zA-Z_][a-zA-Z0-9_]*$/g;
/^\s*(((\d*\.?\d*[0-9]+\d*)|([0-9]+\d*\.\d*) )\s*[xX]\s*){2}((\d*\.?\d*[0-9]+\d*)|([0-9]+\d*\.\d*))\s*$/g;
/^((([sS][r-tR-Tx-zX-Z])\s*([sx-zSX-Z])?\s*([a-zA-Z]{2,3}))?\s*(\d\d)\s*-?\s*(\d{6,7}))$/g;
/([A-Z&#228;&#246;&#252;0-9\/][^a-z\:\,\(\)]*[A-Z&#228;&#246;&#252;0-9])($|[\.\:\,\;\)\-\ \+]|s\b)/g;
/^[\u0081-\uFFFF]{1,}$/g;
/^(?n:(?!-[\d\,]*K) (?!-((\d{1,3},)*((([3-9]\d\d|2[89]\d|27[4-9])\xB0C)|(((4[6-9]|[5-9]\d)\d)\xB0F)))) -?\d{1,3}(,\d{3})*(\xB0[CF]|K) )$/g;
/^(\d{5}((|-)-\d{4})?)|([A-Za-z]\d[A-Za-z][\s\.\-]?(|-)\d[A-Za-z]\d)|[A-Za-z]{1,2}\d{1,2}[A-Za-z]? \d[A-Za-z]{2}$/g;
/(.*\.([wW][mM][aA])|([mM][pP][3])$)/g;
/\p{Sm}/g;
/(?-i:\b\p{Lu}+\b)/g;
/^[+]447\d{9}$/g;
/[1-2][0|9][0-9]{2}[0-1][0-9][0-3][0-9][-][0-9]{4}/g;
/^(([a-z])+.)+[A-Z]([a-z])+$/g;
Reference in New Issue View Git Blame Copy Permalink