Swift: Add some local (and remote) flow sources for String.

Author: geoffw0

swift/ql/lib/codeql/swift/frameworks/StandardLibrary/String.qll

@@ -6,7 +6,13 @@ private class StringSource extends SourceModelCsv {
     row =
       [
         // String(contentsOf:) is a remote flow source
-        ";String;true;init(contentsOf:);(URL);;ReturnValue;remote"
+        ";String;true;init(contentsOf:);(URL);;ReturnValue;remote",
+        ";String;true;init(contentsOf:encoding:);(URL,String.Encoding);;ReturnValue;remote",
+        ";String;true;init(contentsOf:usedEncoding:);(URL,String.Encoding);;ReturnValue;remote",
+        // String(contentsOfFile:) is a local flow source
+        ";String;true;init(contentsOfFile:);(String);;ReturnValue;local",
+        ";String;true;init(contentsOfFile:encoding:);(String,String.Encoding);;ReturnValue;local",
+        ";String;true;init(contentsOfFile:usedEncoding:);(String,String.Encoding);;ReturnValue;local"
       ]
   }
 }

swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected

@@ -5,6 +5,16 @@
 | customurlschemes.swift:48:9:48:28 | ...[...] | Remote URL in UIApplicationDelegate.application.launchOptions |
 | string.swift:56:21:56:21 | call to init(contentsOf:) | external |
 | string.swift:56:21:56:44 | call to init(contentsOf:) | external |
+| string.swift:57:21:57:21 | call to init(contentsOf:encoding:) | external |
+| string.swift:57:21:57:77 | call to init(contentsOf:encoding:) | external |
+| string.swift:59:21:59:21 | call to init(contentsOf:usedEncoding:) | external |
+| string.swift:59:21:59:69 | call to init(contentsOf:usedEncoding:) | external |
+| string.swift:62:21:62:21 | call to init(contentsOfFile:) | external |
+| string.swift:62:21:62:48 | call to init(contentsOfFile:) | external |
+| string.swift:63:21:63:21 | call to init(contentsOfFile:encoding:) | external |
+| string.swift:63:21:63:81 | call to init(contentsOfFile:encoding:) | external |
+| string.swift:64:21:64:21 | call to init(contentsOfFile:usedEncoding:) | external |
+| string.swift:64:21:64:73 | call to init(contentsOfFile:usedEncoding:) | external |
 | url.swift:53:15:53:19 | .resourceBytes | external |
 | url.swift:60:15:60:19 | .lines | external |
 | url.swift:67:16:67:22 | .lines | external |

swift/ql/test/library-tests/dataflow/flowsources/string.swift

@@ -54,14 +54,14 @@ func testStrings() {
 
 		let url = URL(string: "http://example.com/")
 		let string3 = try String(contentsOf: url!) // SOURCE
-		let string4 = try String(contentsOf: url!, encoding: String.Encoding.ascii) // SOURCE [NOT DETECTED]
+		let string4 = try String(contentsOf: url!, encoding: String.Encoding.ascii) // SOURCE
 		var encoding = String.Encoding.ascii
-		let string5 = try String(contentsOf: url!, usedEncoding: &encoding) // SOURCE [NOT DETECTED]
+		let string5 = try String(contentsOf: url!, usedEncoding: &encoding) // SOURCE
 
 		let path = "file.txt"
-		let string6 = try String(contentsOfFile: path) // SOURCE [NOT DETECTED]
-		let string7 = try String(contentsOfFile: path, encoding: String.Encoding.ascii) // SOURCE [NOT DETECTED]
-		let string8 = try String(contentsOfFile: path, usedEncoding: &encoding) // SOURCE [NOT DETECTED]
+		let string6 = try String(contentsOfFile: path) // SOURCE
+		let string7 = try String(contentsOfFile: path, encoding: String.Encoding.ascii) // SOURCE
+		let string8 = try String(contentsOfFile: path, usedEncoding: &encoding) // SOURCE
 	} catch {
 		// ...
 	}