Sākums Izpētīt Palīdzība
Pierakstīties
masif
/
quran
1
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Koks: cf937194cb
Atzari Tagi
quran
/
node_modules
/
safe-regex
/
lib
/
heuristic-analyzer.js

heuristic-analyzer.js 1.5 KB
Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. // Exports an Analyzer subclass
    2. 

  2. 

  3. const regexpTree = require("regexp-tree");
    4. 

  4. const analyzer = require("./analyzer");
    5. 

  5. 

  6. class HeuristicAnalyzer extends analyzer.Analyzer {
    7. 

  7.   constructor(analyzerOptions) {
    8. 

  8.     super(analyzerOptions);
    9. 

  9.   }
    10. 

  10. 

  11.   isVulnerable(regExp) {
    12. 

  12.     // Heuristic #1: Star height > 1
    13. 

  13.     const starHeight = this._measureStarHeight(regExp);
    14. 

  14.     if (starHeight > 1) {
    15. 

  15.       return true;
    16. 

  16.     }
    17. 

  17. 

  18.     // Heuristic #2: # repetitions > limit
    19. 

  19.     // TODO This is a poor heuristic
    20. 

  20.     const nRepetitions = this._measureRepetitions(regExp);
    21. 

  21.     if (nRepetitions > this.options.heuristic_replimit) {
    22. 

  22.       return true;
    23. 

  23.     }
    24. 

  24. 

  25.     return false;
    26. 

  26.   }
    27. 

  27. 

  28.   genAttackString(regExp) {
    29. 

  29.     return null;
    30. 

  30.   }
    31. 

  31. 

  32.   _measureStarHeight(regExp) {
    33. 

  33.     let currentStarHeight = 0;
    34. 

  34.     let maxObservedStarHeight = 0;
    35. 

  35. 

  36.     const ast = regexpTree.parse(regExp);
    37. 

  37. 

  38.     regexpTree.traverse(ast, {
    39. 

  39.       Repetition: {
    40. 

  40.         pre({ node }) {
    41. 

  41.           currentStarHeight++;
    42. 

  42.           if (maxObservedStarHeight < currentStarHeight) {
    43. 

  43.             maxObservedStarHeight = currentStarHeight;
    44. 

  44.           }
    45. 

  45.         },
    46. 

  46. 

  47.         post({ node }) {
    48. 

  48.           currentStarHeight--;
    49. 

  49.         }
    50. 

  50.       }
    51. 

  51.     });
    52. 

  52. 

  53.     return maxObservedStarHeight;
    54. 

  54.   }
    55. 

  55. 

  56.   _measureRepetitions(regExp) {
    57. 

  57.     let nRepetitions = 0;
    58. 

  58. 

  59.     const ast = regexpTree.parse(regExp);
    60. 

  60.     regexpTree.traverse(ast, {
    61. 

  61.       Repetition: {
    62. 

  62.         pre({ node }) {
    63. 

  63.           nRepetitions++;
    64. 

  64.         }
    65. 

  65.       }
    66. 

  66.     });
    67. 

  67. 

  68.     return nRepetitions;
    69. 

  69.   }
    70. 

  70. }
    71. 

  71. 

  72. module.exports = HeuristicAnalyzer;
    73.