CodeQL library for Java
codeql/java-all 0.3.3 (changelog, source)
Search

Predicate hasPolynomialReDoSResult

Holds if there is flow from source to sink that is matched against the regexp term regexp that is vulnerable to Polynomial ReDoS.

Import path

import semmle.code.java.security.performance.PolynomialReDoSQuery
predicate hasPolynomialReDoSResult(PathNode source, PathNode sink, PolynomialBackTrackingTerm regexp)