Ruby/Python re-introduce normalCharacterSequence

aibaars · aibaars · commit 5044f8910516 · 2022-02-25T18:43:43.000+01:00
diff --git a/python/ql/lib/semmle/python/RegexTreeView.qll b/python/ql/lib/semmle/python/RegexTreeView.qll
@@ -40,7 +40,7 @@ newtype TRegExpParent =
   TRegExpSpecialChar(Regex re, int start, int end) { re.specialCharacter(start, end, _) } or
   /** A normal character */
   TRegExpNormalChar(Regex re, int start, int end) {
-    re.simpleCharacterSequence(start, end)
+    re.normalCharacterSequence(start, end)
     or
     re.escapedCharacter(start, end) and
     not re.specialCharacter(start, end, _)
diff --git a/python/ql/lib/semmle/python/regex.qll b/python/ql/lib/semmle/python/regex.qll
@@ -427,6 +427,7 @@ abstract class RegexString extends Expr {
   }
 
   predicate normalCharacter(int start, int end) {
+    end = start + 1 and
     this.character(start, end) and
     not this.specialCharacter(start, end, _)
   }
@@ -447,16 +448,16 @@ abstract class RegexString extends Expr {
   }
 
   /**
-   * A sequence of 'simple' characters.
+   * Holds if the range [start:end) consists of only 'normal' characters.
    */
-  predicate simpleCharacterSequence(int start, int end) {
-    // a simple character inside a character set is interpreted on its own
-    this.simpleCharacter(start, end) and
+  predicate normalCharacterSequence(int start, int end) {
+    // a normal character inside a character set is interpreted on its own
+    this.normalCharacter(start, end) and
     this.inCharSet(start)
     or
-    // a maximal run of simple characters is considered as one constant
+    // a maximal run of normal characters is considered as one constant
     exists(int s, int e |
-      e = max(int i | simpleCharacterRun(s, i)) and
+      e = max(int i | this.normalCharacterRun(s, i)) and
       not this.inCharSet(s)
     |
       // 'abc' can be considered one constant, but
@@ -474,17 +475,17 @@ abstract class RegexString extends Expr {
     )
   }
 
-  private predicate simpleCharacterRun(int start, int end) {
+  private predicate normalCharacterRun(int start, int end) {
     (
-      simpleCharacterRun(start, end - 1)
+      this.normalCharacterRun(start, end - 1)
       or
-      start = end - 1 and not normalCharacter(start - 1, start)
+      start = end - 1 and not this.normalCharacter(start - 1, start)
     ) and
-    this.simpleCharacter(end - 1, end)
+    this.normalCharacter(end - 1, end)
   }
 
   private predicate characterItem(int start, int end) {
-    this.simpleCharacterSequence(start, end) or
+    this.normalCharacterSequence(start, end) or
     this.escapedCharacter(start, end) or
     this.specialCharacter(start, end, _)
   }
diff --git a/python/ql/test/library-tests/regex/Regex.ql b/python/ql/test/library-tests/regex/Regex.ql
@@ -6,6 +6,10 @@ predicate part(Regex r, int start, int end, string kind) {
   or
   r.normalCharacter(start, end) and kind = "char"
   or
+  r.escapedCharacter(start, end) and
+  kind = "char" and
+  not r.specialCharacter(start, end, _)
+  or
   r.specialCharacter(start, end, kind)
   or
   r.sequence(start, end) and kind = "sequence"
diff --git a/ruby/ql/lib/codeql/ruby/security/performance/ParseRegExp.qll b/ruby/ql/lib/codeql/ruby/security/performance/ParseRegExp.qll
@@ -382,6 +382,7 @@ class RegExp extends AST::RegExpLiteral {
   }
 
   predicate normalCharacter(int start, int end) {
+    end = start + 1 and
     this.character(start, end) and
     not this.specialCharacter(start, end, _)
   }
@@ -402,16 +403,16 @@ class RegExp extends AST::RegExpLiteral {
   }
 
   /**
-   * A sequence of 'simple' characters.
+   * Holds if the range [start:end) consists of only 'normal' characters.
    */
-  predicate simpleCharacterSequence(int start, int end) {
-    // a simple character inside a character set is interpreted on its own
-    this.simpleCharacter(start, end) and
+  predicate normalCharacterSequence(int start, int end) {
+    // a normal character inside a character set is interpreted on its own
+    this.normalCharacter(start, end) and
     this.inCharSet(start)
     or
-    // a maximal run of simple characters is considered as one constant
+    // a maximal run of normal characters is considered as one constant
     exists(int s, int e |
-      e = max(int i | simpleCharacterRun(s, i)) and
+      e = max(int i | this.normalCharacterRun(s, i)) and
       not this.inCharSet(s)
     |
       // 'abc' can be considered one constant, but
@@ -429,17 +430,17 @@ class RegExp extends AST::RegExpLiteral {
     )
   }
 
-  private predicate simpleCharacterRun(int start, int end) {
+  private predicate normalCharacterRun(int start, int end) {
     (
-      simpleCharacterRun(start, end - 1)
+      this.normalCharacterRun(start, end - 1)
       or
-      start = end - 1 and not normalCharacter(start - 1, start)
+      start = end - 1 and not this.normalCharacter(start - 1, start)
     ) and
-    this.simpleCharacter(end - 1, end)
+    this.normalCharacter(end - 1, end)
   }
 
   private predicate characterItem(int start, int end) {
-    this.simpleCharacterSequence(start, end) or
+    this.normalCharacterSequence(start, end) or
     this.escapedCharacter(start, end) or
     this.specialCharacter(start, end, _)
   }
diff --git a/ruby/ql/lib/codeql/ruby/security/performance/RegExpTreeView.qll b/ruby/ql/lib/codeql/ruby/security/performance/RegExpTreeView.qll
@@ -229,7 +229,7 @@ newtype TRegExpParent =
   TRegExpGroup(RegExp re, int start, int end) { re.group(start, end) } or
   TRegExpSpecialChar(RegExp re, int start, int end) { re.specialCharacter(start, end, _) } or
   TRegExpNormalChar(RegExp re, int start, int end) {
-    re.simpleCharacterSequence(start, end)
+    re.normalCharacterSequence(start, end)
     or
     re.escapedCharacter(start, end) and
     not re.specialCharacter(start, end, _)

Original file line number	Diff line number	Diff line change
`@@ -427,6 +427,7 @@ abstract class RegexString extends Expr {`
`427`	`427`	`}`
`428`	`428`
`429`	`429`	`predicate normalCharacter(int start, int end) {`
	`430`	`+ end = start + 1 and`
`430`	`431`	`this.character(start, end) and`
`431`	`432`	`not this.specialCharacter(start, end, _)`
`432`	`433`	`}`
`@@ -447,16 +448,16 @@ abstract class RegexString extends Expr {`
`447`	`448`	`}`
`448`	`449`
`449`	`450`	`/**`
`450`		`- * A sequence of 'simple' characters.`
	`451`	`+ * Holds if the range [start:end) consists of only 'normal' characters.`
`451`	`452`	`*/`
`452`		`- predicate simpleCharacterSequence(int start, int end) {`
`453`		`- // a simple character inside a character set is interpreted on its own`
`454`		`- this.simpleCharacter(start, end) and`
	`453`	`+ predicate normalCharacterSequence(int start, int end) {`
	`454`	`+ // a normal character inside a character set is interpreted on its own`
	`455`	`+ this.normalCharacter(start, end) and`
`455`	`456`	`this.inCharSet(start)`
`456`	`457`	`or`
`457`		`- // a maximal run of simple characters is considered as one constant`
	`458`	`+ // a maximal run of normal characters is considered as one constant`
`458`	`459`	`exists(int s, int e \|`
`459`		`- e = max(int i \| simpleCharacterRun(s, i)) and`
	`460`	`+ e = max(int i \| this.normalCharacterRun(s, i)) and`
`460`	`461`	`not this.inCharSet(s)`
`461`	`462`	`\|`
`462`	`463`	`// 'abc' can be considered one constant, but`
`@@ -474,17 +475,17 @@ abstract class RegexString extends Expr {`
`474`	`475`	`)`
`475`	`476`	`}`
`476`	`477`
`477`		`- private predicate simpleCharacterRun(int start, int end) {`
	`478`	`+ private predicate normalCharacterRun(int start, int end) {`
`478`	`479`	`(`
`479`		`- simpleCharacterRun(start, end - 1)`
	`480`	`+ this.normalCharacterRun(start, end - 1)`
`480`	`481`	`or`
`481`		`- start = end - 1 and not normalCharacter(start - 1, start)`
	`482`	`+ start = end - 1 and not this.normalCharacter(start - 1, start)`
`482`	`483`	`) and`
`483`		`- this.simpleCharacter(end - 1, end)`
	`484`	`+ this.normalCharacter(end - 1, end)`
`484`	`485`	`}`
`485`	`486`
`486`	`487`	`private predicate characterItem(int start, int end) {`
`487`		`- this.simpleCharacterSequence(start, end) or`
	`488`	`+ this.normalCharacterSequence(start, end) or`
`488`	`489`	`this.escapedCharacter(start, end) or`
`489`	`490`	`this.specialCharacter(start, end, _)`
`490`	`491`	`}`
Original file line number	Diff line number	Diff line change
`@@ -382,6 +382,7 @@ class RegExp extends AST::RegExpLiteral {`
`382`	`382`	`}`
`383`	`383`
`384`	`384`	`predicate normalCharacter(int start, int end) {`
	`385`	`+ end = start + 1 and`
`385`	`386`	`this.character(start, end) and`
`386`	`387`	`not this.specialCharacter(start, end, _)`
`387`	`388`	`}`
`@@ -402,16 +403,16 @@ class RegExp extends AST::RegExpLiteral {`
`402`	`403`	`}`
`403`	`404`
`404`	`405`	`/**`
`405`		`- * A sequence of 'simple' characters.`
	`406`	`+ * Holds if the range [start:end) consists of only 'normal' characters.`
`406`	`407`	`*/`
`407`		`- predicate simpleCharacterSequence(int start, int end) {`
`408`		`- // a simple character inside a character set is interpreted on its own`
`409`		`- this.simpleCharacter(start, end) and`
	`408`	`+ predicate normalCharacterSequence(int start, int end) {`
	`409`	`+ // a normal character inside a character set is interpreted on its own`
	`410`	`+ this.normalCharacter(start, end) and`
`410`	`411`	`this.inCharSet(start)`
`411`	`412`	`or`
`412`		`- // a maximal run of simple characters is considered as one constant`
	`413`	`+ // a maximal run of normal characters is considered as one constant`
`413`	`414`	`exists(int s, int e \|`
`414`		`- e = max(int i \| simpleCharacterRun(s, i)) and`
	`415`	`+ e = max(int i \| this.normalCharacterRun(s, i)) and`
`415`	`416`	`not this.inCharSet(s)`
`416`	`417`	`\|`
`417`	`418`	`// 'abc' can be considered one constant, but`
`@@ -429,17 +430,17 @@ class RegExp extends AST::RegExpLiteral {`
`429`	`430`	`)`
`430`	`431`	`}`
`431`	`432`
`432`		`- private predicate simpleCharacterRun(int start, int end) {`
	`433`	`+ private predicate normalCharacterRun(int start, int end) {`
`433`	`434`	`(`
`434`		`- simpleCharacterRun(start, end - 1)`
	`435`	`+ this.normalCharacterRun(start, end - 1)`
`435`	`436`	`or`
`436`		`- start = end - 1 and not normalCharacter(start - 1, start)`
	`437`	`+ start = end - 1 and not this.normalCharacter(start - 1, start)`
`437`	`438`	`) and`
`438`		`- this.simpleCharacter(end - 1, end)`
	`439`	`+ this.normalCharacter(end - 1, end)`
`439`	`440`	`}`
`440`	`441`
`441`	`442`	`private predicate characterItem(int start, int end) {`
`442`		`- this.simpleCharacterSequence(start, end) or`
	`443`	`+ this.normalCharacterSequence(start, end) or`
`443`	`444`	`this.escapedCharacter(start, end) or`
`444`	`445`	`this.specialCharacter(start, end, _)`
`445`	`446`	`}`