Skip to content

Commit c692a31

Browse files
geoffw0geoffw0
committed
Swift: Add new results found in UncontrolledFormatString test.
1 parent 9cd9627 commit c692a31

File tree

2 files changed

+35
-4
lines changed

2 files changed

+35
-4
lines changed

swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,28 @@
11
edges
2+
| UncontrolledFormatString.swift:30:5:30:35 | [summary param] 0 in NSString.init(string:) : | file://:0:0:0:0 | [summary] to write: return (return) in NSString.init(string:) : |
23
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:70:28:70:28 | tainted |
34
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:73:28:73:28 | tainted |
45
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted |
56
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted |
67
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:77:28:77:28 | tainted |
78
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:78:28:78:28 | tainted |
89
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:79:46:79:46 | tainted |
10+
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:81:47:81:47 | tainted : |
11+
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:82:65:82:65 | tainted : |
12+
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:84:54:84:54 | tainted : |
13+
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:85:72:85:72 | tainted : |
914
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:88:11:88:11 | tainted |
1015
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:91:61:91:61 | tainted |
16+
| UncontrolledFormatString.swift:81:47:81:47 | tainted : | UncontrolledFormatString.swift:30:5:30:35 | [summary param] 0 in NSString.init(string:) : |
17+
| UncontrolledFormatString.swift:81:47:81:47 | tainted : | UncontrolledFormatString.swift:81:30:81:54 | call to NSString.init(string:) |
18+
| UncontrolledFormatString.swift:82:65:82:65 | tainted : | UncontrolledFormatString.swift:30:5:30:35 | [summary param] 0 in NSString.init(string:) : |
19+
| UncontrolledFormatString.swift:82:65:82:65 | tainted : | UncontrolledFormatString.swift:82:48:82:72 | call to NSString.init(string:) |
20+
| UncontrolledFormatString.swift:84:54:84:54 | tainted : | UncontrolledFormatString.swift:30:5:30:35 | [summary param] 0 in NSString.init(string:) : |
21+
| UncontrolledFormatString.swift:84:54:84:54 | tainted : | UncontrolledFormatString.swift:84:37:84:61 | call to NSString.init(string:) |
22+
| UncontrolledFormatString.swift:85:72:85:72 | tainted : | UncontrolledFormatString.swift:30:5:30:35 | [summary param] 0 in NSString.init(string:) : |
23+
| UncontrolledFormatString.swift:85:72:85:72 | tainted : | UncontrolledFormatString.swift:85:55:85:79 | call to NSString.init(string:) |
1124
nodes
25+
| UncontrolledFormatString.swift:30:5:30:35 | [summary param] 0 in NSString.init(string:) : | semmle.label | [summary param] 0 in NSString.init(string:) : |
1226
| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : |
1327
| UncontrolledFormatString.swift:70:28:70:28 | tainted | semmle.label | tainted |
1428
| UncontrolledFormatString.swift:73:28:73:28 | tainted | semmle.label | tainted |
@@ -17,9 +31,22 @@ nodes
1731
| UncontrolledFormatString.swift:77:28:77:28 | tainted | semmle.label | tainted |
1832
| UncontrolledFormatString.swift:78:28:78:28 | tainted | semmle.label | tainted |
1933
| UncontrolledFormatString.swift:79:46:79:46 | tainted | semmle.label | tainted |
34+
| UncontrolledFormatString.swift:81:30:81:54 | call to NSString.init(string:) | semmle.label | call to NSString.init(string:) |
35+
| UncontrolledFormatString.swift:81:47:81:47 | tainted : | semmle.label | tainted : |
36+
| UncontrolledFormatString.swift:82:48:82:72 | call to NSString.init(string:) | semmle.label | call to NSString.init(string:) |
37+
| UncontrolledFormatString.swift:82:65:82:65 | tainted : | semmle.label | tainted : |
38+
| UncontrolledFormatString.swift:84:37:84:61 | call to NSString.init(string:) | semmle.label | call to NSString.init(string:) |
39+
| UncontrolledFormatString.swift:84:54:84:54 | tainted : | semmle.label | tainted : |
40+
| UncontrolledFormatString.swift:85:55:85:79 | call to NSString.init(string:) | semmle.label | call to NSString.init(string:) |
41+
| UncontrolledFormatString.swift:85:72:85:72 | tainted : | semmle.label | tainted : |
2042
| UncontrolledFormatString.swift:88:11:88:11 | tainted | semmle.label | tainted |
2143
| UncontrolledFormatString.swift:91:61:91:61 | tainted | semmle.label | tainted |
44+
| file://:0:0:0:0 | [summary] to write: return (return) in NSString.init(string:) : | semmle.label | [summary] to write: return (return) in NSString.init(string:) : |
2245
subpaths
46+
| UncontrolledFormatString.swift:81:47:81:47 | tainted : | UncontrolledFormatString.swift:30:5:30:35 | [summary param] 0 in NSString.init(string:) : | file://:0:0:0:0 | [summary] to write: return (return) in NSString.init(string:) : | UncontrolledFormatString.swift:81:30:81:54 | call to NSString.init(string:) |
47+
| UncontrolledFormatString.swift:82:65:82:65 | tainted : | UncontrolledFormatString.swift:30:5:30:35 | [summary param] 0 in NSString.init(string:) : | file://:0:0:0:0 | [summary] to write: return (return) in NSString.init(string:) : | UncontrolledFormatString.swift:82:48:82:72 | call to NSString.init(string:) |
48+
| UncontrolledFormatString.swift:84:54:84:54 | tainted : | UncontrolledFormatString.swift:30:5:30:35 | [summary param] 0 in NSString.init(string:) : | file://:0:0:0:0 | [summary] to write: return (return) in NSString.init(string:) : | UncontrolledFormatString.swift:84:37:84:61 | call to NSString.init(string:) |
49+
| UncontrolledFormatString.swift:85:72:85:72 | tainted : | UncontrolledFormatString.swift:30:5:30:35 | [summary param] 0 in NSString.init(string:) : | file://:0:0:0:0 | [summary] to write: return (return) in NSString.init(string:) : | UncontrolledFormatString.swift:85:55:85:79 | call to NSString.init(string:) |
2350
#select
2451
| UncontrolledFormatString.swift:70:28:70:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:70:28:70:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
2552
| UncontrolledFormatString.swift:73:28:73:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:73:28:73:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
@@ -28,5 +55,9 @@ subpaths
2855
| UncontrolledFormatString.swift:77:28:77:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:77:28:77:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
2956
| UncontrolledFormatString.swift:78:28:78:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:78:28:78:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
3057
| UncontrolledFormatString.swift:79:46:79:46 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:79:46:79:46 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
58+
| UncontrolledFormatString.swift:81:30:81:54 | call to NSString.init(string:) | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:81:30:81:54 | call to NSString.init(string:) | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
59+
| UncontrolledFormatString.swift:82:48:82:72 | call to NSString.init(string:) | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:82:48:82:72 | call to NSString.init(string:) | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
60+
| UncontrolledFormatString.swift:84:37:84:61 | call to NSString.init(string:) | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:84:37:84:61 | call to NSString.init(string:) | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
61+
| UncontrolledFormatString.swift:85:55:85:79 | call to NSString.init(string:) | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:85:55:85:79 | call to NSString.init(string:) | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
3162
| UncontrolledFormatString.swift:88:11:88:11 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:88:11:88:11 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
3263
| UncontrolledFormatString.swift:91:61:91:61 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:91:61:91:61 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |

swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -78,11 +78,11 @@ func tests() {
7878
let k = String(format: tainted, locale: nil, arguments: []) // BAD
7979
let l = String.localizedStringWithFormat(tainted) // BAD
8080

81-
let m = NSString(format: NSString(string: tainted), "abc") // BAD [NOT DETECTED]
82-
let n = NSString.localizedStringWithFormat(NSString(string: tainted)) // BAD [NOT DETECTED]
81+
let m = NSString(format: NSString(string: tainted), "abc") // BAD
82+
let n = NSString.localizedStringWithFormat(NSString(string: tainted)) // BAD
8383

84-
var o = NSMutableString(format: NSString(string: tainted), "abc") // BAD [NOT DETECTED]
85-
var p = NSMutableString.localizedStringWithFormat(NSString(string: tainted)) // BAD [NOT DETECTED]
84+
var o = NSMutableString(format: NSString(string: tainted), "abc") // BAD
85+
var p = NSMutableString.localizedStringWithFormat(NSString(string: tainted)) // BAD
8686

8787
NSLog("abc") // GOOD: not tainted
8888
NSLog(tainted) // BAD

0 commit comments

Comments
 (0)