# Unsanitized dynamic input in regular expression ## Overview * **Rule ID**: `javascript_lang_dynamic_regex` * **Applicable Languages**: Javascript * **Weakness ID**: CWE-1333 ## Description Creating regular expressions from dynamic input can lead to a vulnerability known as Regular Expression Denial of Service (ReDoS). This issue occurs because some regular expressions can have exponential time complexity. When attackers exploit this vulnerability, it can significantly drain CPU resources, leading to a denial of service. ## Remediation Guidelines * **Do** validate all dynamic and user-supplied input against a strict safelist of allowed characters before using it in regular expressions. This step helps prevent attackers from injecting malicious patterns. * **Do** restrict the length of input that can be processed. Limiting input size is a straightforward way to mitigate many ReDoS vulnerabilities. * **Do** implement timeouts for regular expression evaluation to avoid excessive resource consumption. This can be achieved using JavaScript environments or libraries that allow setting execution time limits. * **Do** simplify complex regular expressions to reduce the risk of catastrophic backtracking. Breaking down expressions into simpler parts makes them safer and more manageable. * **Do not** directly concatenate user input into regular expressions. This practice can introduce unsafe patterns and lead to vulnerabilities. ## References * [**OWASP Regular expression Denial of Service - ReDoS**](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS) * [**CWE-1333: Inefficient Regular Expression Complexity**](https://cwe.mitre.org/data/definitions/1333.html) ## Configuration To omit this rule during a scan, and to provide you with continuous 24/7 code-level scanning, you can employ our [**SAST TOOL**](https://scopy.sec1.io/login) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sec1.io/user-docs/4-sast/3-javascript/unsanitized-dynamic-input-in-regular-expression.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.