CodeQL library for Python
codeql/python-all 0.6.4 (changelog, source)
Search

Module PolynomialReDoS

Provides default sources, sinks and sanitizers for detecting “polynomial regular expression denial of service (ReDoS)” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.PolynomialReDoSCustomizations

Imports

Make<RegexTreeView::Impl>

A parameterized module implementing the analysis described in the above papers.

Classes

RegexExecutionAsSink

A regex execution, considered as a flow sink.

RemoteFlowSourceAsSource

A source of remote user input, considered as a flow source.

Sanitizer

A sanitizer for “polynomial regular expression denial of service (ReDoS)” vulnerabilities.

SanitizerGuard

DEPRECATED: Use Sanitizer instead.

Sink

A data flow sink for “polynomial regular expression denial of service (ReDoS)” vulnerabilities.

Source

A data flow source for “polynomial regular expression denial of service (ReDoS)” vulnerabilities.

StringConstCompareAsSanitizerGuard

A comparison with a constant string, considered as a sanitizer-guard.