CodeQL library for Python
codeql/python-all 2.2.1-dev (changelog, source)
Search

Module PolynomialReDoSQuery

Provides a taint-tracking configuration for detecting “polynomial regular expression denial of service (ReDoS)” vulnerabilities.

Note, for performance reasons: only import this file if PolynomialReDoS::Configuration is needed, otherwise PolynomialReDoSCustomizations should be imported instead.

Import path

import semmle.python.security.dataflow.PolynomialReDoSQuery

Imports

DataFlow

Provides a library for local (intra-procedural) and global (inter-procedural) data flow analysis: deciding whether data can flow from a source to a sink.

PolynomialReDoS

Provides default sources, sinks and sanitizers for detecting “polynomial regular expression denial of service (ReDoS)” vulnerabilities, as well as extension points for adding your own.

TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

Aliases

PolynomialReDoSFlow

Global taint-tracking for detecting “polynomial regular expression denial of service (ReDoS)” vulnerabilities.