sdk/python/File System/PyRe

PyRe

The re module. Catastrophic backtracking in regex patterns (ReDoS) — finding when a user-controlled pattern flows into re.compile / re.search / re.match. Also, re.findall on untrusted HTML is a common anti-pattern that misses cases.

4 sinks

Taint flow0 sources → 4 sinks

Sinks — dangerous call

.compile()Compiles a regex

.match()Matches at start of string

.search()Searches for pattern

.sub()Regex-based substitution

Sinks

— dangerous functions taint must not reach

.compile()Sink

Signature

re.compile(pattern, flags=0) -> Pattern

Compiles a regex. ReDoS sink when pattern is user-controlled.

tracks:0

.match()Sink

Signature

re.match(pattern, string, flags=0) -> Match | None

Matches at start of string. ReDoS sink on user-controlled pattern.

tracks:0

.search()Sink

Signature

re.search(pattern, string, flags=0) -> Match | None

Searches for pattern. ReDoS sink on user-controlled pattern.

tracks:0

.sub()Sink

Signature

re.sub(pattern, repl, string, count=0, flags=0) -> str

Regex-based substitution. ReDoS sink on user-controlled pattern.

tracks:0

Fully-Qualified Names

FQN	Field
re	fqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

Import

rule.py

from codepathfinder.go_rule import PyRe

← PreviousPyPathlib

Next →PyRegex