reuse InfiniteRepetitionQuantifier from SuperLiniearBacktracking

erik-krogh · erik-krogh · commit d1706e804853 · 2020-11-24T20:16:36.000+01:00
diff --git a/javascript/ql/src/Performance/ReDoS.ql b/javascript/ql/src/Performance/ReDoS.ql
@@ -13,6 +13,7 @@
  */
 
 import javascript
+import semmle.javascript.security.performance.SuperlinearBackTracking
 
 /*
  * This query implements the analysis described in the following two papers:
@@ -104,7 +105,7 @@ class RegExpRoot extends RegExpTerm {
    */
   predicate isRelevant() {
     // there is at least one repetition
-    exists(RegExpRepetition rep | getRoot(rep) = this |
+    exists(InfiniteRepetitionQuantifier rep | getRoot(rep) = this |
       // that could possibly match the same thing in multiple ways.
       exists(RegExpTerm child |
         child instanceof RegExpAlt or
@@ -120,17 +121,6 @@ class RegExpRoot extends RegExpTerm {
   }
 }
 
-/**
- * A term that matches repetitions of a given pattern, that is, `E*`, `E+`, or `E{n,m}`.
- */
-class RegExpRepetition extends RegExpParent {
-  RegExpRepetition() {
-    this instanceof RegExpStar or
-    this instanceof RegExpPlus or
-    this instanceof RegExpRange
-  }
-}
-
 /**
  * A constant in a regular expression that represents valid Unicode character(s).
  */
diff --git a/javascript/ql/src/semmle/javascript/security/performance/SuperlinearBackTracking.qll b/javascript/ql/src/semmle/javascript/security/performance/SuperlinearBackTracking.qll
@@ -8,7 +8,7 @@ import javascript
 /**
  * A regular expression term that permits unlimited repetitions.
  */
-private class InfiniteRepetitionQuantifier extends RegExpQuantifier {
+class InfiniteRepetitionQuantifier extends RegExpQuantifier {
   InfiniteRepetitionQuantifier() {
     this instanceof RegExpPlus
     or
