New rule to detect regex denial-of-service
Closed this issue · 0 comments
ericwb commented
Is your feature request related to a problem? Please describe.
Some patterns given to a regex functions can cause severe performance issues.
Describe the solution you'd like
- Check for suspicious patterns passed to various function in the re module
Describe alternatives you've considered
n/a
Additional context
https://docs.python.org/3/library/re.html
https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
https://cwe.mitre.org/data/definitions/1333.html
Love this idea? Give it a 👍. We prioritize fulfilling features with the most 👍.