Skip to content

Commit 383b5f2

Browse files
committed
implement RegExpSubPattern.getOperand in the Python regexp implementation
1 parent de8f64c commit 383b5f2

File tree

3 files changed

+17
-1
lines changed

3 files changed

+17
-1
lines changed

python/ql/src/semmle/python/RegexTreeView.qll

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -836,6 +836,13 @@ class RegExpZeroWidthMatch extends RegExpGroup {
836836
*/
837837
class RegExpSubPattern extends RegExpZeroWidthMatch {
838838
RegExpSubPattern() { not re.emptyGroup(start, end) }
839+
840+
/** Gets the lookahead term. */
841+
RegExpTerm getOperand() {
842+
result.getRegex() = re and
843+
result.getStart() = start + 3 and
844+
result.getEnd() = end - 1
845+
}
839846
}
840847

841848
/**

python/ql/test/query-tests/Security/CWE-730/ReDoS.expected

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -93,5 +93,7 @@
9393
| redos.py:364:25:364:45 | ((?:a{0,\|-)\|\\w\\{\\d,)+ | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of 'a{0,'. |
9494
| redos.py:365:25:365:48 | ((?:a{0,2\|-)\|\\w\\{\\d,\\d)+ | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of 'a{0,2'. |
9595
| redos.py:371:25:371:35 | (\\u0061\|a)* | This part of the regular expression may cause exponential backtracking on strings starting with 'X' and containing many repetitions of 'a'. |
96+
| redos.py:380:35:380:41 | [^"\\s]+ | This part of the regular expression may cause exponential backtracking on strings starting with '/' and containing many repetitions of '!'. |
97+
| redos.py:381:35:381:41 | [^"\\s]+ | This part of the regular expression may cause exponential backtracking on strings starting with '/' and containing many repetitions of '!'. |
9698
| unittests.py:5:17:5:23 | (\u00c6\|\\\u00c6)+ | This part of the regular expression may cause exponential backtracking on strings starting with 'X' and containing many repetitions of '\u00c6'. |
9799
| unittests.py:9:16:9:24 | (?:.\|\\n)* | This part of the regular expression may cause exponential backtracking on strings containing many repetitions of '\\n'. |

python/ql/test/query-tests/Security/CWE-730/redos.py

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -371,4 +371,11 @@
371371
bad87 = re.compile(r'X(\u0061|a)*Y')
372372

373373
# GOOD
374-
good43 = re.compile(r'X(\u0061|b)+Y')
374+
good43 = re.compile(r'X(\u0061|b)+Y')
375+
376+
# GOOD
377+
good44 = re.compile(r'("[^"]*?"|[^"\s]+)+(?=\s*|\s*$)')
378+
379+
# BAD
380+
bad88 = re.compile(r'/("[^"]*?"|[^"\s]+)+(?=\s*|\s*$)X')
381+
bad89 = re.compile(r'/("[^"]*?"|[^"\s]+)+(?=X)')

0 commit comments

Comments
 (0)