CodeQL library for Python
codeql/python-all 2.0.1-dev (changelog, source)
Search

Module PolynomialReDoS

Provides default sources, sinks and sanitizers for detecting “polynomial regular expression denial of service (ReDoS)” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.PolynomialReDoSCustomizations

Imports

Make<RegexTreeView::Impl>

A parameterized module implementing the analysis described in the above papers.

Classes

ConstCompareAsSanitizerGuard

A comparison with a constant, considered as a sanitizer-guard.

RegexExecutionAsSink

A regex execution, considered as a flow sink.

RemoteFlowSourceAsSource

A source of remote user input, considered as a flow source.

Sanitizer

A sanitizer for “polynomial regular expression denial of service (ReDoS)” vulnerabilities.

Sink

A data flow sink for “polynomial regular expression denial of service (ReDoS)” vulnerabilities.

Source

A data flow source for “polynomial regular expression denial of service (ReDoS)” vulnerabilities.

Aliases

StringConstCompareAsSanitizerGuard

DEPRECATED: Use ConstCompareAsSanitizerGuard instead.