Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 97acf1f

Browse files
erik-krogherik-krogh
committed
fix FP related to inverted character classes choosing a char that was not matched by the char class
1 parent a49b99b commit 97acf1f

2 files changed

Lines changed: 4 additions & 1 deletion

File tree

  • javascript/ql

javascript/ql/src/Performance/ReDoS.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -222,7 +222,7 @@ abstract class CharacterClass extends InputSymbol {
222222
/**
223223
* Gets a character matched by this character class.
224224
*/
225-
string choose() { result = getARelevantChar() }
225+
string choose() { result = getARelevantChar() and matches(result) }
226226
}
227227

228228
/**

javascript/ql/test/query-tests/Performance/ReDoS/tst.js

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -258,3 +258,6 @@ var bad57 = /^([^>a]+)*(>|$)/;
258258

259259
// NOT GOOD
260260
var bad58 = /(\n\s*)+$/;
261+
262+
// GOOD
263+
var good26 = /([^\\\]]+)*/

0 commit comments

Comments
 (0)