Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Python] CWE-400: Regular Expression Injection #318

Closed
1 task done
jorgectf opened this issue Mar 18, 2021 · 7 comments
Closed
1 task done

[Python] CWE-400: Regular Expression Injection #318

jorgectf opened this issue Mar 18, 2021 · 7 comments
Assignees
@agustingianni
Labels
All For One Submissions to the All for One, One for All bounty

Comments

@jorgectf
Copy link
Contributor

jorgectf commented Mar 18, 2021
edited
Loading

Query

Relevant PR: github/codeql#5442

Report

Constructing regular expressions directly from tainted data enables attackers to craft regular expressions in order to cause a Denial of Service or change the behaviour of the application depending on the matched string.

This query identifies cases in which a regular expression is used without being escaped before by re.escape (see python re documentation).

  • Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc). We would love to have you spread the word about the good work you are doing

Result(s)
@jorgectf jorgectf added the All For One Submissions to the All for One, One for All bounty label Mar 18, 2021
@jorgectf jorgectf changed the title [Python] CWE-400: Regular Expression Denial of Service [Python] CWE-400: Regular Expression Injection Mar 18, 2021
@ghsecuritylab
Copy link
Collaborator

Your submission is now in status SecLab review.

For information, the evaluation workflow is the following:
CodeQL initial assessment > SecLab review > CodeQL review > SecLab finalize > Pay > Closed

@jorgectf
Copy link
Contributor Author

Polished a bit the description after the detail change related to Regular Expression Injection.

@agustingianni agustingianni self-assigned this Apr 15, 2021
@agustingianni
Copy link
Contributor

Hello Jorge, the security lab is evaluating your submission, we will ping you back soon. Thanks for the submission

@ghsecuritylab
Copy link
Collaborator

Your submission is now in status CodeQL review.

For information, the evaluation workflow is the following:
CodeQL initial assessment > SecLab review > CodeQL review > SecLab finalize > Pay > Closed

@ghsecuritylab
Copy link
Collaborator

Your submission is now in status SecLab finalize.

For information, the evaluation workflow is the following:
CodeQL initial assessment > SecLab review > CodeQL review > SecLab finalize > Pay > Closed

@xcorail
Copy link
Contributor

xcorail commented May 13, 2021

Created Hackerone report 1196124 for bounty 303883 : [318] [Python] CWE-400: Regular Expression Injection

@xcorail xcorail closed this as completed May 13, 2021
@ghsecuritylab
Copy link
Collaborator

Your submission is now in status Closed.

For information, the evaluation workflow is the following:
CodeQL initial assessment > SecLab review > CodeQL review > SecLab finalize > Pay > Closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@agustingianni agustingianni

Labels
All For One Submissions to the All for One, One for All bounty
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@agustingianni @xcorail @jorgectf @ghsecuritylab