Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 2dd8b6f

Browse files
erik-krogherik-krogh
committed
support \f and \v in the \s class
1 parent 68fe030 commit 2dd8b6f

3 files changed

Lines changed: 19 additions & 3 deletions

File tree

javascript/ql/src/Performance/ReDoS.ql

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -327,8 +327,12 @@ private module CharacterClasses {
327327
char = "0123456789".charAt(_)
328328
or
329329
cc.getValue() = "s" and
330-
// TODO: also supposed to match \f and vertical tab (\x0B).
331-
char = [" ", "\t", "\r", "\n"]
330+
(
331+
char = [" ", "\t", "\r", "\n", "\\u000c", "\\u000b"]
332+
or
333+
exists(RegExpConstant constant | constant.getValue().charAt(_) = char) and
334+
char.regexpMatch("\\u000b|\\u000c") // \v|\f (vertical tab | form feed)
335+
)
332336
or
333337
cc.getValue() = "w" and
334338
char = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_".charAt(_)

javascript/ql/test/query-tests/Performance/ReDoS/ReDoS.expected

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -97,3 +97,6 @@
9797
| tst.js:137:15:137:21 | (\\w\|G)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of 'G'. |
9898
| tst.js:143:15:143:22 | (\\d\|\\w)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '0'. |
9999
| tst.js:146:15:146:21 | (\\d\|5)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '5'. |
100+
| tst.js:149:15:149:24 | (\\s\|[\\f])* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '\u000c'. |
101+
| tst.js:152:15:152:28 | (\\s\|[\\v]\|\\\\v)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '\u000b'. |
102+
| tst.js:155:15:155:24 | (\\f\|[\\f])* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '\u000c'. |

javascript/ql/test/query-tests/Performance/ReDoS/tst.js

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -143,4 +143,13 @@ var good11 = /((\s|\d)*)"/;
143143
var bad31 = /((\d|\w)*)"/;
144144

145145
// NOT GOOD
146-
var bad32 = /((\d|5)*)"/;
146+
var bad32 = /((\d|5)*)"/;
147+
148+
// NOT GOOD
149+
var bad33 = /((\s|[\f])*)"/;
150+
151+
// NOT GOOD
152+
var bad34 = /((\s|[\v]|\\v)*)"/;
153+
154+
// NOT GOOD
155+
var bad35 = /((\f|[\f])*)"/;

0 commit comments

Comments
 (0)