Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit c1290d9

Browse files
joefarebrotherjoefarebrother
committed
Sync shared redos library files.
1 parent 5555985 commit c1290d9

6 files changed

Lines changed: 48 additions & 6 deletions

File tree

javascript/ql/lib/semmle/javascript/security/performance/ReDoSUtil.qll

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -624,7 +624,9 @@ State after(RegExpTerm t) {
624624
or
625625
exists(EffectivelyQuestion opt | t = opt.getAChild() | result = after(opt))
626626
or
627-
exists(RegExpRoot root | t = root | result = AcceptAnySuffix(root))
627+
exists(RegExpRoot root | t = root |
628+
if matchesAnySuffix(root) then result = AcceptAnySuffix(root) else result = Accept(root)
629+
)
628630
}
629631

630632
/**
@@ -695,7 +697,7 @@ predicate delta(State q1, EdgeLabel lbl, State q2) {
695697
lbl = Epsilon() and q2 = Accept(root)
696698
)
697699
or
698-
exists(RegExpRoot root | q1 = Match(root, 0) | lbl = Any() and q2 = q1)
700+
exists(RegExpRoot root | q1 = Match(root, 0) | matchesAnyPrefix(root) and lbl = Any() and q2 = q1)
699701
or
700702
exists(RegExpDollar dollar | q1 = before(dollar) |
701703
lbl = Epsilon() and q2 = Accept(getRoot(dollar))

javascript/ql/lib/semmle/javascript/security/performance/ReDoSUtilSpecific.qll

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,18 @@ predicate isEscapeClass(RegExpTerm term, string clazz) {
1818
*/
1919
predicate isPossessive(RegExpQuantifier term) { none() }
2020

21+
/**
22+
* Holds if the regex that `term` is part of is used in a way that ignores any leading prefix of the input it's matched against.
23+
* Not yet implemented for Javascript.
24+
*/
25+
predicate matchesAnyPrefix(RegExpTerm term) { any() }
26+
27+
/**
28+
* Holds if the regex that `term` is part of is used in a way that ignores any trailing suffix of the input it's matched against.
29+
* Not yet implemented for Javascript.
30+
*/
31+
predicate matchesAnySuffix(RegExpTerm term) { any() }
32+
2133
/**
2234
* Holds if the regular expression should not be considered.
2335
*

python/ql/lib/semmle/python/security/performance/ReDoSUtil.qll

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -624,7 +624,9 @@ State after(RegExpTerm t) {
624624
or
625625
exists(EffectivelyQuestion opt | t = opt.getAChild() | result = after(opt))
626626
or
627-
exists(RegExpRoot root | t = root | result = AcceptAnySuffix(root))
627+
exists(RegExpRoot root | t = root |
628+
if matchesAnySuffix(root) then result = AcceptAnySuffix(root) else result = Accept(root)
629+
)
628630
}
629631

630632
/**
@@ -695,7 +697,7 @@ predicate delta(State q1, EdgeLabel lbl, State q2) {
695697
lbl = Epsilon() and q2 = Accept(root)
696698
)
697699
or
698-
exists(RegExpRoot root | q1 = Match(root, 0) | lbl = Any() and q2 = q1)
700+
exists(RegExpRoot root | q1 = Match(root, 0) | matchesAnyPrefix(root) and lbl = Any() and q2 = q1)
699701
or
700702
exists(RegExpDollar dollar | q1 = before(dollar) |
701703
lbl = Epsilon() and q2 = Accept(getRoot(dollar))

python/ql/lib/semmle/python/security/performance/ReDoSUtilSpecific.qll

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,18 @@ predicate isEscapeClass(RegExpTerm term, string clazz) {
1919
*/
2020
predicate isPossessive(RegExpQuantifier term) { none() }
2121

22+
/**
23+
* Holds if the regex that `term` is part of is used in a way that ignores any leading prefix of the input it's matched against.
24+
* Not yet implemented for Python.
25+
*/
26+
predicate matchesAnyPrefix(RegExpTerm term) { any() }
27+
28+
/**
29+
* Holds if the regex that `term` is part of is used in a way that ignores any trailing suffix of the input it's matched against.
30+
* Not yet implemented for Python.
31+
*/
32+
predicate matchesAnySuffix(RegExpTerm term) { any() }
33+
2234
/**
2335
* Holds if the regular expression should not be considered.
2436
*

ruby/ql/lib/codeql/ruby/security/performance/ReDoSUtil.qll

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -624,7 +624,9 @@ State after(RegExpTerm t) {
624624
or
625625
exists(EffectivelyQuestion opt | t = opt.getAChild() | result = after(opt))
626626
or
627-
exists(RegExpRoot root | t = root | result = AcceptAnySuffix(root))
627+
exists(RegExpRoot root | t = root |
628+
if matchesAnySuffix(root) then result = AcceptAnySuffix(root) else result = Accept(root)
629+
)
628630
}
629631

630632
/**
@@ -695,7 +697,7 @@ predicate delta(State q1, EdgeLabel lbl, State q2) {
695697
lbl = Epsilon() and q2 = Accept(root)
696698
)
697699
or
698-
exists(RegExpRoot root | q1 = Match(root, 0) | lbl = Any() and q2 = q1)
700+
exists(RegExpRoot root | q1 = Match(root, 0) | matchesAnyPrefix(root) and lbl = Any() and q2 = q1)
699701
or
700702
exists(RegExpDollar dollar | q1 = before(dollar) |
701703
lbl = Epsilon() and q2 = Accept(getRoot(dollar))

ruby/ql/lib/codeql/ruby/security/performance/ReDoSUtilSpecific.qll

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,18 @@ predicate isExcluded(RegExpParent parent) {
3939
*/
4040
predicate isPossessive(RegExpQuantifier term) { none() }
4141

42+
/**
43+
* Holds if the regex that `term` is part of is used in a way that ignores any leading prefix of the input it's matched against.
44+
* Not yet implemented for Ruby.
45+
*/
46+
predicate matchesAnyPrefix(RegExpTerm term) { any() }
47+
48+
/**
49+
* Holds if the regex that `term` is part of is used in a way that ignores any trailing suffix of the input it's matched against.
50+
* Not yet implemented for Ruby.
51+
*/
52+
predicate matchesAnySuffix(RegExpTerm term) { any() }
53+
4254
/**
4355
* A module containing predicates for determining which flags a regular expression have.
4456
*/

0 commit comments

Comments
 (0)