CodeQL library for Java
codeql/java-all 0.3.2 (changelog, source)
Search

Module PolynomialReDoSQuery

Definitions and configurations for the Polynomial ReDoS query

Import path

import semmle.code.java.security.performance.PolynomialReDoSQuery

Imports

DataFlow

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

FlowSources

Provides classes representing various flow sources for taint tracking.

RegexFlowConfigs

Defines configurations and steps for handling regexes

RegexTreeView

Provides a class hierarchy corresponding to a parse tree of regular expressions.

SuperlinearBackTracking

Provides classes for working with regular expressions that can perform backtracking in superlinear time.

Predicates

hasPolynomialReDoSResult

Holds if there is flow from source to sink that is matched against the regexp term regexp that is vulnerable to Polynomial ReDoS.

Classes

PolynomialRedosConfig

A configuration for Polynomial ReDoS queries.

PolynomialRedosSink

A sink for polynomial redos queries, where a regex is matched.