Swift: Add getVaList stub to the test.

geoffw0 · geoffw0 · commit 9333e80def52 · 2023-01-09T10:29:37.000Z
diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected
@@ -1,32 +1,32 @@
 edges
-| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:68:28:68:28 | tainted |
-| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:71:28:71:28 | tainted |
-| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:72:28:72:28 | tainted |
-| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:74:28:74:28 | tainted |
-| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:75:28:75:28 | tainted |
-| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:76:28:76:28 | tainted |
-| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:77:46:77:46 | tainted |
-| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:86:11:86:11 | tainted |
-| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:89:61:89:61 | tainted |
+| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:70:28:70:28 | tainted |
+| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:73:28:73:28 | tainted |
+| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:74:28:74:28 | tainted |
+| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:76:28:76:28 | tainted |
+| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:77:28:77:28 | tainted |
+| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:78:28:78:28 | tainted |
+| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:79:46:79:46 | tainted |
+| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:88:11:88:11 | tainted |
+| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:91:61:91:61 | tainted |
 nodes
-| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | semmle.label | call to String.init(contentsOf:) :  |
-| UncontrolledFormatString.swift:68:28:68:28 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:71:28:71:28 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:72:28:72:28 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | semmle.label | call to String.init(contentsOf:) :  |
+| UncontrolledFormatString.swift:70:28:70:28 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:73:28:73:28 | tainted | semmle.label | tainted |
 | UncontrolledFormatString.swift:74:28:74:28 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:75:28:75:28 | tainted | semmle.label | tainted |
 | UncontrolledFormatString.swift:76:28:76:28 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:77:46:77:46 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:86:11:86:11 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:89:61:89:61 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:77:28:77:28 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:78:28:78:28 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:79:46:79:46 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:88:11:88:11 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:91:61:91:61 | tainted | semmle.label | tainted |
 subpaths
 #select
-| UncontrolledFormatString.swift:68:28:68:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:68:28:68:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:71:28:71:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:71:28:71:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:72:28:72:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:72:28:72:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:74:28:74:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:74:28:74:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:75:28:75:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:75:28:75:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:76:28:76:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:76:28:76:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:77:46:77:46 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:77:46:77:46 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:86:11:86:11 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:86:11:86:11 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:89:61:89:61 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:89:61:89:61 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:70:28:70:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:70:28:70:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:73:28:73:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:73:28:73:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:74:28:74:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:74:28:74:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:76:28:76:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:76:28:76:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:77:28:77:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:77:28:77:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:78:28:78:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:78:28:78:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:79:46:79:46 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:79:46:79:46 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:88:11:88:11 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:88:11:88:11 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:91:61:91:61 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) :  | UncontrolledFormatString.swift:91:61:91:61 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value |
diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift
@@ -50,6 +50,8 @@ func NSLog(_ format: String, _ args: CVarArg...) {}
 
 func NSLogv(_ format: String, _ args: CVaListPointer) {}
 
+func getVaList(_ args: [CVarArg]) -> CVaListPointer { return (nil as CVaListPointer?)! }
+
 // --- tests ---
 
 func MyLog(_ format: String, _ args: CVarArg...) {
