adjust comments in ReDoS test case

erik-krogh · erik-krogh · commit 1b3c3ef4cbb2 · 2020-11-26T10:31:44.000+01:00
diff --git a/javascript/ql/test/query-tests/Performance/ReDoS/tst.js b/javascript/ql/test/query-tests/Performance/ReDoS/tst.js
@@ -268,19 +268,19 @@ var good28 = /foo([\uDC66\uDC67]|[\uDC68\uDC69])*foo/
 // GOOD
 var good29 = /foo((\uDC66|\uDC67)|(\uDC68|\uDC69))*foo/
 
-// NOT GOOD - but cannot currently construct a prefix
+// NOT GOOD (but cannot currently construct a prefix)
 var bad62 = /a{2,3}(b+)+X/;
 
-// NOT GOOD - and a good prefix test
+// NOT GOOD (and a good prefix test)
 var bad63 = /^<(\w+)((?:\s+\w+(?:\s*=\s*(?:(?:"[^"]*")|(?:'[^']*')|[^>\s]+))?)*)\s*(\/?)>/;
 
 // GOOD
 var good30 = /(a+)*[^][^][^]?/;
 
-// GOOD - but we fail to see that repeating the attack string ends in the "accept any" state.
+// GOOD - but we fail to see that repeating the attack string ends in the "accept any" state (due to not parsing the range `[^]{2,3}`).
 var good31 = /(a+)*[^]{2,3}/;
 
-// GOOD - but we don't find that no suffix is rejected
+// GOOD - but we spuriously conclude that a rejecting suffix exists (due to not parsing the range `[^]{2,}` when constructing the NFA).
 var good32 = /(a+)*([^]{2,}|X)$/;
 
 // GOOD
@@ -290,12 +290,12 @@ var good33 = /(a+)*([^]*|X)$/;
 var bad64 = /((a+)*$|[^]+)/;
 
 // GOOD - but still flagged. The only change compared to the above is the order of alternatives, which we don't model.
-var good34 = /((a+)*$|[^]+)/;
+var good34 = /([^]+|(a+)*$)/;
 
 // GOOD
 var good35 = /((;|^)a+)+$/;
 
-// NOT GOOD - a good prefix test
+// NOT GOOD (a good prefix test)
 var bad65 = /(^|;)(0|1)(0|1)(0|1)(0|1)(0|1)(0|1)(0|1)(0|1)(0|1)(0|1)(0|1)(0|1)(0|1)(0|1)(e+)+f/;
 
 // NOT GOOD
