Module PolynomialReDoS
Provides default sources, sinks and sanitizers for detecting “polynomial regular expression denial of service (ReDoS)” vulnerabilities, as well as extension points for adding your own.
Import path
import semmle.python.security.dataflow.PolynomialReDoSCustomizationsImports
| Make<RegexTreeView::Impl> | A parameterized module implementing the analysis described in the above papers. |
Classes
| ConstCompareAsSanitizerGuard | A comparison with a constant, considered as a sanitizer-guard. |
| RegexExecutionAsSink | A regex execution, considered as a flow sink. |
| RemoteFlowSourceAsSource | DEPRECATED: Use |
| Sanitizer | A sanitizer for “polynomial regular expression denial of service (ReDoS)” vulnerabilities. |
| Sink | A data flow sink for “polynomial regular expression denial of service (ReDoS)” vulnerabilities. |
| Source | A data flow source for “polynomial regular expression denial of service (ReDoS)” vulnerabilities. |
Aliases
| StringConstCompareAsSanitizerGuard | DEPRECATED: Use ConstCompareAsSanitizerGuard instead. |