CodeQL library for Java/Kotlin
codeql/java-all 0.8.12 (changelog, source)
Search

Predicate hasPolynomialReDoSResult

DEPRECATED: Use PolynomialRedosFlow instead.

Holds if there is flow from source to sink that is matched against the regexp term regexp that is vulnerable to Polynomial ReDoS.

Import path

import semmle.code.java.security.regexp.PolynomialReDoSQuery
predicate hasPolynomialReDoSResult(PathNode source, PathNode sink, PolynomialBackTrackingTerm regexp)