Skip to content

Commit c501fa5

Browse files
committed
Swift: Add more test cases exploring the timeout.
1 parent 9f58d96 commit c501fa5

File tree

1 file changed

+5
-0
lines changed

1 file changed

+5
-0
lines changed

swift/ql/test/library-tests/regex/redos_variants.swift

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -380,7 +380,12 @@ func myRegexpVariantsTests(myUrl: URL) throws {
380380

381381
// BAD
382382
// TODO: QL evaluation times out (for test, at 5 minutes)
383+
// times out:
383384
// _ = try Regex(#"(\w*foobarbaz\w*foobarbaz\w*foobarbaz\w*foobarbaz\s*foobarbaz\d*foobarbaz\w*)+-"#).firstMatch(in: tainted) // $ redos-vulnerable=
385+
// a simpler regex that times out:
386+
// _ = try Regex(#"(\w*foobarfoobarfoobarfoobarfoobarfoobarfoobarfoobar)+"#).firstMatch(in: tainted) // $ redos-vulnerable=
387+
// a simpler regerx that doesn't time out but is slow to evaluate:
388+
// _ = try Regex(#"(\w*foobarfoobarfoobar)+"#).firstMatch(in: tainted) // $ redos-vulnerable=
384389

385390
// BAD (but cannot currently construct a prefix)
386391
// attack string: "aa" + "b" x lots + "!"

0 commit comments

Comments
 (0)