Swift: Add more test cases exploring the timeout.

geoffw0 · geoffw0 · commit c501fa52890f · 2023-06-20T15:27:54.000+01:00
diff --git a/swift/ql/test/library-tests/regex/redos_variants.swift b/swift/ql/test/library-tests/regex/redos_variants.swift
@@ -380,7 +380,12 @@ func myRegexpVariantsTests(myUrl: URL) throws {
 
     // BAD
     // TODO: QL evaluation times out (for test, at 5 minutes)
+    // times out:
 //    _ = try Regex(#"(\w*foobarbaz\w*foobarbaz\w*foobarbaz\w*foobarbaz\s*foobarbaz\d*foobarbaz\w*)+-"#).firstMatch(in: tainted) // $ redos-vulnerable=
+    // a simpler regex that times out:
+//	_ = try Regex(#"(\w*foobarfoobarfoobarfoobarfoobarfoobarfoobarfoobar)+"#).firstMatch(in: tainted) // $ redos-vulnerable=
+    // a simpler regerx that doesn't time out but is slow to evaluate:
+//	_ = try Regex(#"(\w*foobarfoobarfoobar)+"#).firstMatch(in: tainted) // $ redos-vulnerable=
 
     // BAD (but cannot currently construct a prefix)
     // attack string: "aa" + "b" x lots + "!"
