gsSQL icon indicating copy to clipboard operation
gsSQL copied to clipboard
verified publisher icon demmings

Sonarcloud and REGEX use.

Open demmings opened this issue 2 years ago • 0 comments

  • Getting a warning about a regex used to extract ORDER BY
  • Not currently causing any problems, other than a warning.
Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service.
  • Line of code that is at issue
const order_by = /^(.+?)(\s+ASC|DESC)?$/gi;
  • Not entirely sure how it can be replaced.
  • Maybe this? (have to check in code to see if it resolves)
^(.*?)(\s+ASC|DESC)?$

demmings avatar Mar 02 '23 00:03 demmings