Skip to content

Commit a3289fa

Browse files
erik-krogherik-krogh
committed
sync ReDoSUtil with python
1 parent 5374506 commit a3289fa

File tree

1 file changed

+7
-13
lines changed

1 file changed

+7
-13
lines changed

python/ql/lib/semmle/python/security/performance/ReDoSUtil.qll

Lines changed: 7 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -186,13 +186,7 @@ private predicate isCanonicalTerm(RelevantRegExpTerm term, string str) {
186186
*/
187187
string getCanonicalizationFlags(RegExpTerm root) {
188188
root.isRootTerm() and
189-
(
190-
RegExpFlags::isIgnoreCase(root) and
191-
result = "i"
192-
or
193-
not RegExpFlags::isIgnoreCase(root) and
194-
result = ""
195-
)
189+
(if RegExpFlags::isIgnoreCase(root) then result = "i" else result = "")
196190
}
197191

198192
/**
@@ -207,7 +201,7 @@ private newtype TInputSymbol =
207201
not RegExpFlags::isIgnoreCase(cc.getRootTerm())
208202
).getValue().charAt(_)
209203
or
210-
// normalize to lower case if the regexp is case insensitive
204+
// normalize everything to lower case if the regexp is case insensitive
211205
c =
212206
any(RegexpCharacterConstant cc, string char |
213207
cc instanceof RelevantRegExpTerm and
@@ -325,16 +319,16 @@ private module CharacterClasses {
325319
if RegExpFlags::isIgnoreCase(cc.getRootTerm())
326320
then
327321
// normalize everything to lower case if the regexp is case insensitive
328-
exists(string c | hasChildThatMatchesIgnoringCasing(cc, c) | char = c.toLowerCase())
329-
else hasChildThatMatchesIgnoringCasing(cc, char)
322+
exists(string c | hasChildThatMatchesIgnoringCasingFlags(cc, c) | char = c.toLowerCase())
323+
else hasChildThatMatchesIgnoringCasingFlags(cc, char)
330324
}
331325

332326
/**
333327
* Holds if the character class `cc` has a child (constant or range) that matches `char`.
334-
* Ignores whether the character class is inside a regular expression that ignores casing.
328+
* Ignores whether the character class is inside a regular expression that has the ignore case flag.
335329
*/
336330
pragma[noinline]
337-
predicate hasChildThatMatchesIgnoringCasing(RegExpCharacterClass cc, string char) {
331+
predicate hasChildThatMatchesIgnoringCasingFlags(RegExpCharacterClass cc, string char) {
338332
exists(getCanonicalCharClass(cc)) and
339333
exists(RegExpTerm child | child = cc.getAChild() |
340334
char = child.(RegexpCharacterConstant).getValue()
@@ -583,7 +577,7 @@ predicate delta(State q1, EdgeLabel lbl, State q2) {
583577
not RegExpFlags::isIgnoreCase(s.getRootTerm()) and
584578
lbl = Char(s.getValue().charAt(i))
585579
or
586-
// normalizing to lower case if ignorecase flag is set
580+
// normalize everything to lower case if the regexp is case insensitive
587581
RegExpFlags::isIgnoreCase(s.getRootTerm()) and
588582
exists(string c | c = s.getValue().charAt(i) | lbl = Char(c.toLowerCase()))
589583
) and

0 commit comments

Comments
 (0)