Skip to content

Commit 0d6c141

Browse files
geoffw0geoffw0
authored
Merge pull request github#15607 from geoffw0/unsafeunpack
Swift: Trivial changes to swift/unsafe-unpacking
2 parents f7955db + 159080f commit 0d6c141

File tree

9 files changed

+5
-5
lines changed

9 files changed

+5
-5
lines changed

swift/ql/src/change-notes/2024-02-07-unsafe-unpacking.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
11
---
22
category: newQuery
33
---
4-
* Added a new query, `swift/unsafe-unpacking`, that detects unpacking user controlled zips without validating the destination file path is within the destination directory.
4+
* Added a new experimental query, `swift/unsafe-unpacking`, that detects unpacking user controlled zips without validating the destination file path is within the destination directory.

swift/ql/src/experimental/Security/CWE-022/UnsafeUnpack.qhelp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ The following examples unpacks a remote zip using `Zip.unzipFile()` which is vul
2727
<p>
2828
The following examples unpacks a remote zip using `fileManager.unzipItem()` which is vulnerable to symlink path traversal.
2929
</p>
30-
<sample src="ZIPFoundationBad.swift" />
30+
<sample src="ZipFoundationBad.swift" />
3131

3232

3333
<p>Consider using a safer module, such as: <code>ZIPArchive</code></p>

swift/ql/src/experimental/Security/CWE-022/ZIPFoundationBad.swift renamed to swift/ql/src/experimental/Security/CWE-022/ZipFoundationBad.swift

File renamed without changes.

swift/ql/test/query-tests/Security/CWE-022/PathInjectionTest.expected renamed to swift/ql/test/query-tests/Security/CWE-022/PathInjection/PathInjectionTest.expected

File renamed without changes.

swift/ql/test/query-tests/Security/CWE-022/PathInjectionTest.ql renamed to swift/ql/test/query-tests/Security/CWE-022/PathInjection/PathInjectionTest.ql

File renamed without changes.

swift/ql/test/query-tests/Security/CWE-022/testPathInjection.swift renamed to swift/ql/test/query-tests/Security/CWE-022/PathInjection/testPathInjection.swift

File renamed without changes.

swift/ql/test/query-tests/Security/CWE-022-Unsafe-Unpack/UnsafeUnpack.expected renamed to swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.expected

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
edges
2-
| UnsafeUnpack.swift:62:9:62:48 | call to Data.init(contentsOf:options:) | UnsafeUnpack.swift:62:60:62:60 | source |
3-
| UnsafeUnpack.swift:62:60:62:60 | source | UnsafeUnpack.swift:64:27:64:27 | source |
4-
| UnsafeUnpack.swift:62:60:62:60 | source | UnsafeUnpack.swift:67:39:67:39 | source |
2+
| UnsafeUnpack.swift:62:9:62:48 | call to Data.init(contentsOf:options:) | UnsafeUnpack.swift:62:60:62:60 | source | provenance | |
3+
| UnsafeUnpack.swift:62:60:62:60 | source | UnsafeUnpack.swift:64:27:64:27 | source | provenance | |
4+
| UnsafeUnpack.swift:62:60:62:60 | source | UnsafeUnpack.swift:67:39:67:39 | source | provenance | |
55
nodes
66
| UnsafeUnpack.swift:62:9:62:48 | call to Data.init(contentsOf:options:) | semmle.label | call to Data.init(contentsOf:options:) |
77
| UnsafeUnpack.swift:62:60:62:60 | source | semmle.label | source |

swift/ql/test/query-tests/Security/CWE-022-Unsafe-Unpack/UnsafeUnpack.qlref renamed to swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.qlref

File renamed without changes.

swift/ql/test/query-tests/Security/CWE-022-Unsafe-Unpack/UnsafeUnpack.swift renamed to swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.swift

File renamed without changes.

0 commit comments

Comments
 (0)