# Regular Expression Denial of Service (ReDoS)

- ID: javascript-regex-dos
- Severity: HIGH
- CWE: ReDoS (CWE-1333)
- Languages: JavaScript, TypeScript
- Frameworks: express, koa, fastify

## Description

Detects potentially catastrophic regular expressions that could lead to ReDoS attacks.

ReDoS occurs when regular expressions with certain patterns cause exponential backtracking,
leading to excessive CPU consumption. Evil regexes typically contain:

1. Nested quantifiers (e.g., (a+)+, (a*)*)
2. Alternation with overlapping patterns (e.g., (a|ab)*, (a|a)*)
3. Grouping with repetition where the group can match the same input in multiple ways
4. Complex patterns with overlapping possibilities that cause catastrophic backtracking

When user input is matched against these patterns, an attacker can craft input that
causes the regex engine to take exponential time, effectively causing a denial of service.

## Detection Message

Potentially vulnerable regular expression detected that could lead to ReDoS attacks.
Pattern: {pattern}
Location: {file}:{line}

The regex contains patterns that can cause catastrophic backtracking when processing
certain inputs, leading to excessive CPU consumption and denial of service.

## Remediation

Avoid nested quantifiers and use safe regex libraries:

```javascript
const safeRegex = require('safe-regex');

if (!safeRegex(pattern)) {
  return res.status(400).json({ error: 'Invalid regex' });
}

if (input.length > 1000) {
  return res.status(400).json({ error: 'Input too long' });
}

const result = input.match(/^[a-zA-Z0-9]+$/);
```

Learn more: https://shoulder.dev/learn/javascript/cwe-1333/regex-dos

## Documentation

[object Object]

## Related Rules

- **Regular Expression Denial of Service** [MEDIUM]: 
- **Regular Expression Denial of Service (ReDoS)** [MEDIUM]: