Skip to content

Commit f106e06

Browse files
erik-krogherik-krogh
authored
Merge pull request #9422 from erik-krogh/refacReDoS
Refactorizations of the ReDoS libraries
2 parents 79bae0c + 3a4a343 commit f106e06

File tree

112 files changed

+9752
-9409
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

112 files changed

+9752
-9409
lines changed

config/identical-files.json

Lines changed: 17 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -485,22 +485,27 @@
485485
"ruby/ql/lib/codeql/ruby/security/internal/SensitiveDataHeuristics.qll"
486486
],
487487
"ReDoS Util Python/JS/Ruby/Java": [
488-
"javascript/ql/lib/semmle/javascript/security/performance/ReDoSUtil.qll",
489-
"python/ql/lib/semmle/python/security/performance/ReDoSUtil.qll",
490-
"ruby/ql/lib/codeql/ruby/security/performance/ReDoSUtil.qll",
491-
"java/ql/lib/semmle/code/java/security/performance/ReDoSUtil.qll"
488+
"javascript/ql/lib/semmle/javascript/security/regexp/NfaUtils.qll",
489+
"python/ql/lib/semmle/python/security/regexp/NfaUtils.qll",
490+
"ruby/ql/lib/codeql/ruby/security/regexp/NfaUtils.qll",
491+
"java/ql/lib/semmle/code/java/security/regexp/NfaUtils.qll"
492492
],
493493
"ReDoS Exponential Python/JS/Ruby/Java": [
494-
"javascript/ql/lib/semmle/javascript/security/performance/ExponentialBackTracking.qll",
495-
"python/ql/lib/semmle/python/security/performance/ExponentialBackTracking.qll",
496-
"ruby/ql/lib/codeql/ruby/security/performance/ExponentialBackTracking.qll",
497-
"java/ql/lib/semmle/code/java/security/performance/ExponentialBackTracking.qll"
494+
"javascript/ql/lib/semmle/javascript/security/regexp/ExponentialBackTracking.qll",
495+
"python/ql/lib/semmle/python/security/regexp/ExponentialBackTracking.qll",
496+
"ruby/ql/lib/codeql/ruby/security/regexp/ExponentialBackTracking.qll",
497+
"java/ql/lib/semmle/code/java/security/regexp/ExponentialBackTracking.qll"
498498
],
499499
"ReDoS Polynomial Python/JS/Ruby/Java": [
500-
"javascript/ql/lib/semmle/javascript/security/performance/SuperlinearBackTracking.qll",
501-
"python/ql/lib/semmle/python/security/performance/SuperlinearBackTracking.qll",
502-
"ruby/ql/lib/codeql/ruby/security/performance/SuperlinearBackTracking.qll",
503-
"java/ql/lib/semmle/code/java/security/performance/SuperlinearBackTracking.qll"
500+
"javascript/ql/lib/semmle/javascript/security/regexp/SuperlinearBackTracking.qll",
501+
"python/ql/lib/semmle/python/security/regexp/SuperlinearBackTracking.qll",
502+
"ruby/ql/lib/codeql/ruby/security/regexp/SuperlinearBackTracking.qll",
503+
"java/ql/lib/semmle/code/java/security/regexp/SuperlinearBackTracking.qll"
504+
],
505+
"RegexpMatching Python/JS/Ruby": [
506+
"javascript/ql/lib/semmle/javascript/security/regexp/RegexpMatching.qll",
507+
"python/ql/lib/semmle/python/security/regexp/RegexpMatching.qll",
508+
"ruby/ql/lib/codeql/ruby/security/regexp/RegexpMatching.qll"
504509
],
505510
"BadTagFilterQuery Python/JS/Ruby": [
506511
"javascript/ql/lib/semmle/javascript/security/BadTagFilterQuery.qll",

java/ql/lib/change-notes/2022-05-25-redos-refac.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
---
2+
category: deprecated
3+
---
4+
* The utility files previously in the `semmle.code.java.security.performance` package have been moved to the `semmle.code.java.security.regexp` package.
5+
The previous files still exist as deprecated aliases.

0 commit comments

Comments
 (0)