search

davisjam / vuln-regex-detector

Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.
MIT License
320 stars 29 forks source link

detect vuln: make variants optional #64

Closed davisjam closed 5 years ago

davisjam commented 5 years ago

leftanchor allCurlies bigCurlies

Also, introduce all vs. big curlies variant to reduce false positives if you aren't planning to dynamically validate