sicua/dist/analyzers/security/detectors/RedosPatternDetector.d.ts

A tool for analyzing project structure and dependencies

/**
 * Detector for Regular Expression Denial of Service (ReDoS) vulnerabilities
 */
import { BaseDetector } from "./BaseDetector";
import { Vulnerability } from "../types/vulnerability.types";
import { ScanResult } from "../../../types";
export declare class RedosPatternDetector extends BaseDetector {
    private static readonly REDOS_PATTERNS;
    private static readonly DANGEROUS_PATTERNS;
    constructor();
    detect(scanResult: ScanResult): Promise<Vulnerability[]>;
    /**
     * AST-based analysis for ReDoS patterns
     */
    private analyzeASTForRedosPatterns;
    /**
     * Find method calls that use regex patterns
     */
    private findRegexMethodCalls;
    /**
     * Analyze regex method calls
     */
    private analyzeRegexMethodCall;
    /**
     * Improved regex analysis with better pattern detection
     */
    private analyzeRegexForReDoS;
    /**
     * Find regex literal expressions
     */
    private findRegexLiterals;
    /**
     * Find RegExp constructor calls
     */
    private findRegExpConstructors;
    /**
     * Analyze regex literal for ReDoS patterns
     */
    private analyzeRegexLiteral;
    /**
     * Analyze RegExp constructor for ReDoS patterns
     */
    private analyzeRegExpConstructor;
    /**
     * Extract regex pattern from literal text
     */
    private extractRegexPattern;
    /**
     * Extract function name from AST node context
     */
    private extractFunctionFromAST;
}