Python: Add Regular Expression Injection query#5442
Conversation
|
Just a small comment on naming. There are currently ReDoS queries implemented for C# and JavaScript. Your query looks for regular expressions being constructed from user input. |
|
Thanks for the detail @erik-krogh! I've updated everything according to Regular Expression Injection instead of Regular Expression Denial of Service. |
|
Regarding the structure we now try to follow:
|
|
If the sanitiser is moved to concepts, it might have to be made a bit more precise, but I am not sure. Is there an awful lot of ways to escape? |
As far as I know, |
Shall I include |
In that case, we should probably limit it for now. We can then expand the concept if we see false positives due to custom escape mechanisms. |
We would actually have those predicates that populate the concepts scattered around in the models of the libraries where the concepts occur. So in this case, you identify some regex execution in the |
yoff
left a comment
There was a problem hiding this comment.
As mentioned we will have to put it all into experimental. I will add the required files and folders to main, then you can just pull and move things around.
We also still need qldocs on public methods, but that is a smaller thing.
yoff
left a comment
There was a problem hiding this comment.
My apologies, I did not explain the idea behind getRegexNode clearly. I thought I had described how it would change the definition of sinks, but clearly those thoughts did not make it out of my mind. I have given the relevant modifications; this should also make the query compile again :-)
|
Absolutely no problem @yoff! I made some tests yesterday and had to unset the |
|
#5493 has now been merged, so you have somewhere safe to put all the files :-) |
6b24752 to
f4fe354
Compare
Update `RegexExecution` docs and use `flowsTo()` instead of `getALocalSource()`. Co-authored-by: yoff <lerchedahl@gmail.com>
Signed-off-by: jorgectf <jorgectf@protonmail.com>
Signed-off-by: jorgectf <jorgectf@protonmail.com>
Signed-off-by: jorgectf <jorgectf@protonmail.com>
9e7e05b to
21e01b8
Compare
Signed-off-by: jorgectf <jorgectf@protonmail.com>
yoff
left a comment
There was a problem hiding this comment.
Final consistency polish :-)
Co-authored-by: yoff <lerchedahl@gmail.com>
Thanks 👍 |
yoff
left a comment
There was a problem hiding this comment.
Just needed to make the auto format check happy..
😆 |
|
🎉 |
Any suggestions/tricks to improve the query or workarounds (to learn), no matter how minimal they are, are massively appreciated.