Skip to content

Commit 4c7cf2a

Browse files
yoffyoff
committed
Python: Make test pass
Also checked that the OP's snapshot no longer has alerts from `duplicate_char_in_class`
1 parent f9f52b0 commit 4c7cf2a

File tree

1 file changed

+11
-1
lines changed

1 file changed

+11
-1
lines changed

python/ql/src/semmle/python/regex.qll

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -124,6 +124,14 @@ abstract class RegexString extends Expr {
124124
)
125125
}
126126

127+
// escaped characters without any special handling (yet)
128+
private predicate singleEscape(int i) {
129+
exists(string c |
130+
c = this.getChar(i) and
131+
c != "x" and c != "U"
132+
)
133+
}
134+
127135
private predicate escapedCharacter(int start, int end) {
128136
this.escapingChar(start) and
129137
not exists(this.getText().substring(start + 1, end + 1).toInt()) and
@@ -133,7 +141,9 @@ abstract class RegexString extends Expr {
133141
end in [start + 2 .. start + 4] and
134142
exists(this.getText().substring(start + 1, end).toInt())
135143
or
136-
this.getChar(start + 1) != "x" and end = start + 2
144+
this.getChar(start + 1) = "U" and end = start + 10
145+
or
146+
this.singleEscape(start + 1) and end = start + 2
137147
)
138148
}
139149

0 commit comments

Comments
 (0)