Module ReDoSQuery
Provides a taint-tracking configuration for reasoning about untrusted user input used in dangerous regular expression operations.
Import path
import semmle.code.csharp.security.dataflow.ReDoSQuery
Imports
csharp | The default C# QL library. |
Predicates
isExponentialRegex | An expression that represents a regular expression with potential exponential behavior. |
Classes
ExponentialRegexSink | An expression passed as the |
RemoteSource | DEPRECATED: Use |
Sanitizer | A sanitizer for untrusted user input used in dangerous regular expression operations. |
Sink | A data flow sink for untrusted user input used in dangerous regular expression operations. |
Source | A data flow source for untrusted user input used in dangerous regular expression operations. |
ThreatModelSource | A source supported by the current threat model. |
Aliases
ExponentialRegexDataFlow | Constructs a global data flow computation. |
ReDoS | A taint-tracking module for untrusted user input used in dangerous regular expression operations. |