MartinThoma
commented
3 years ago More information about ReDoS: https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
Open sobolevn opened 4 years ago
MartinThoma
commented
3 years ago More information about ReDoS: https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
Is your feature request related to a problem? Please describe. Some
reexpressions might cause DoS. See: https://www.regular-expressions.info/catastrophic.htmlDescribe the solution you'd like I would like to have a linting rule for this. If
banditsees a regex that might cause DoS, it should raise an error.Describe alternatives you've considered I have considered using
dlint, it has this feature: https://github.com/dlint-py/dlint/blob/master/dlint/redos/detect.pyBut, it has a lot of duplicating rules from
bandit. And I don't want to mix them.