Swift: Fix Swift warnings in the test.

geoffw0 · geoffw0 · commit a6fe620bcb88 · 2023-11-15T18:06:38.000Z
diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected
@@ -3,24 +3,24 @@ edges
 | UncontrolledFormatString.swift:78:22:80:5 | format | UncontrolledFormatString.swift:78:22:80:5 | { ... } [format] |
 | UncontrolledFormatString.swift:78:22:80:5 | { ... } [format] | UncontrolledFormatString.swift:79:16:79:16 | this [format] |
 | UncontrolledFormatString.swift:79:16:79:16 | this [format] | UncontrolledFormatString.swift:79:16:79:16 | format |
-| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:97:28:97:28 | tainted |
-| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:100:28:100:28 | tainted |
-| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:101:28:101:28 | tainted |
-| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:103:28:103:28 | tainted |
-| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:104:28:104:28 | tainted |
-| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:105:28:105:28 | tainted |
-| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:106:46:106:46 | tainted |
-| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:108:47:108:47 | tainted |
-| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:109:65:109:65 | tainted |
-| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:111:54:111:54 | tainted |
-| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:112:72:112:72 | tainted |
+| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:97:24:97:24 | tainted |
+| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:100:24:100:24 | tainted |
+| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:101:24:101:24 | tainted |
+| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:103:24:103:24 | tainted |
+| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:104:24:104:24 | tainted |
+| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:105:24:105:24 | tainted |
+| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:106:42:106:42 | tainted |
+| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:108:43:108:43 | tainted |
+| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:109:57:109:57 | tainted |
+| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:111:50:111:50 | tainted |
+| UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:112:64:112:64 | tainted |
 | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:115:11:115:11 | tainted |
 | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:116:11:116:11 | tainted |
 | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:118:61:118:61 | tainted |
-| UncontrolledFormatString.swift:108:47:108:47 | tainted | UncontrolledFormatString.swift:108:30:108:54 | call to NSString.init(string:) |
-| UncontrolledFormatString.swift:109:65:109:65 | tainted | UncontrolledFormatString.swift:109:48:109:72 | call to NSString.init(string:) |
-| UncontrolledFormatString.swift:111:54:111:54 | tainted | UncontrolledFormatString.swift:111:37:111:61 | call to NSString.init(string:) |
-| UncontrolledFormatString.swift:112:72:112:72 | tainted | UncontrolledFormatString.swift:112:55:112:79 | call to NSString.init(string:) |
+| UncontrolledFormatString.swift:108:43:108:43 | tainted | UncontrolledFormatString.swift:108:26:108:50 | call to NSString.init(string:) |
+| UncontrolledFormatString.swift:109:57:109:57 | tainted | UncontrolledFormatString.swift:109:40:109:64 | call to NSString.init(string:) |
+| UncontrolledFormatString.swift:111:50:111:50 | tainted | UncontrolledFormatString.swift:111:33:111:57 | call to NSString.init(string:) |
+| UncontrolledFormatString.swift:112:64:112:64 | tainted | UncontrolledFormatString.swift:112:47:112:71 | call to NSString.init(string:) |
 | UncontrolledFormatString.swift:116:11:116:11 | tainted | UncontrolledFormatString.swift:77:12:77:22 | format |
 nodes
 | UncontrolledFormatString.swift:77:12:77:22 | format | semmle.label | format |
@@ -29,37 +29,37 @@ nodes
 | UncontrolledFormatString.swift:79:16:79:16 | format | semmle.label | format |
 | UncontrolledFormatString.swift:79:16:79:16 | this [format] | semmle.label | this [format] |
 | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | semmle.label | call to String.init(contentsOf:) |
-| UncontrolledFormatString.swift:97:28:97:28 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:100:28:100:28 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:101:28:101:28 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:103:28:103:28 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:104:28:104:28 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:105:28:105:28 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:106:46:106:46 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:108:30:108:54 | call to NSString.init(string:) | semmle.label | call to NSString.init(string:) |
-| UncontrolledFormatString.swift:108:47:108:47 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:109:48:109:72 | call to NSString.init(string:) | semmle.label | call to NSString.init(string:) |
-| UncontrolledFormatString.swift:109:65:109:65 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:111:37:111:61 | call to NSString.init(string:) | semmle.label | call to NSString.init(string:) |
-| UncontrolledFormatString.swift:111:54:111:54 | tainted | semmle.label | tainted |
-| UncontrolledFormatString.swift:112:55:112:79 | call to NSString.init(string:) | semmle.label | call to NSString.init(string:) |
-| UncontrolledFormatString.swift:112:72:112:72 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:97:24:97:24 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:100:24:100:24 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:101:24:101:24 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:103:24:103:24 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:104:24:104:24 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:105:24:105:24 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:106:42:106:42 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:108:26:108:50 | call to NSString.init(string:) | semmle.label | call to NSString.init(string:) |
+| UncontrolledFormatString.swift:108:43:108:43 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:109:40:109:64 | call to NSString.init(string:) | semmle.label | call to NSString.init(string:) |
+| UncontrolledFormatString.swift:109:57:109:57 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:111:33:111:57 | call to NSString.init(string:) | semmle.label | call to NSString.init(string:) |
+| UncontrolledFormatString.swift:111:50:111:50 | tainted | semmle.label | tainted |
+| UncontrolledFormatString.swift:112:47:112:71 | call to NSString.init(string:) | semmle.label | call to NSString.init(string:) |
+| UncontrolledFormatString.swift:112:64:112:64 | tainted | semmle.label | tainted |
 | UncontrolledFormatString.swift:115:11:115:11 | tainted | semmle.label | tainted |
 | UncontrolledFormatString.swift:116:11:116:11 | tainted | semmle.label | tainted |
 | UncontrolledFormatString.swift:118:61:118:61 | tainted | semmle.label | tainted |
 subpaths
 #select
 | UncontrolledFormatString.swift:79:16:79:16 | format | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:79:16:79:16 | format | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:97:28:97:28 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:97:28:97:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:100:28:100:28 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:100:28:100:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:101:28:101:28 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:101:28:101:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:103:28:103:28 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:103:28:103:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:104:28:104:28 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:104:28:104:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:105:28:105:28 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:105:28:105:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:106:46:106:46 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:106:46:106:46 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:108:30:108:54 | call to NSString.init(string:) | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:108:30:108:54 | call to NSString.init(string:) | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:109:48:109:72 | call to NSString.init(string:) | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:109:48:109:72 | call to NSString.init(string:) | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:111:37:111:61 | call to NSString.init(string:) | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:111:37:111:61 | call to NSString.init(string:) | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
-| UncontrolledFormatString.swift:112:55:112:79 | call to NSString.init(string:) | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:112:55:112:79 | call to NSString.init(string:) | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:97:24:97:24 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:97:24:97:24 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:100:24:100:24 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:100:24:100:24 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:101:24:101:24 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:101:24:101:24 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:103:24:103:24 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:103:24:103:24 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:104:24:104:24 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:104:24:104:24 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:105:24:105:24 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:105:24:105:24 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:106:42:106:42 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:106:42:106:42 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:108:26:108:50 | call to NSString.init(string:) | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:108:26:108:50 | call to NSString.init(string:) | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:109:40:109:64 | call to NSString.init(string:) | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:109:40:109:64 | call to NSString.init(string:) | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:111:33:111:57 | call to NSString.init(string:) | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:111:33:111:57 | call to NSString.init(string:) | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
+| UncontrolledFormatString.swift:112:47:112:71 | call to NSString.init(string:) | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:112:47:112:71 | call to NSString.init(string:) | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
 | UncontrolledFormatString.swift:115:11:115:11 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:115:11:115:11 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
 | UncontrolledFormatString.swift:118:61:118:61 | tainted | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | UncontrolledFormatString.swift:118:61:118:61 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:91:24:91:77 | call to String.init(contentsOf:) | this user-provided value |
diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift
@@ -90,26 +90,26 @@ class MyString {
 func tests() throws {
     let tainted = try! String(contentsOf: URL(string: "http://example.com")!)
 
-    let a = String("abc") // GOOD: not a format string
-    let b = String(tainted) // GOOD: not a format string
+    _ = String("abc") // GOOD: not a format string
+    _ = String(tainted) // GOOD: not a format string
 
-    let c = String(format: "abc") // GOOD: not tainted
-    let d = String(format: tainted) // BAD
-    let e = String(format: "%s", "abc") // GOOD: not tainted
-    let f = String(format: "%s", tainted) // GOOD: format string itself is not tainted
-    let g = String(format: tainted, "abc") // BAD
-    let h = String(format: tainted, tainted) // BAD
+    _ = String(format: "abc") // GOOD: not tainted
+    _ = String(format: tainted) // BAD
+    _ = String(format: "%s", "abc") // GOOD: not tainted
+    _ = String(format: "%s", tainted) // GOOD: format string itself is not tainted
+    _ = String(format: tainted, "abc") // BAD
+    _ = String(format: tainted, tainted) // BAD
 
-    let i = String(format: tainted, arguments: []) // BAD
-    let j = String(format: tainted, locale: nil) // BAD
-    let k = String(format: tainted, locale: nil, arguments: []) // BAD
-    let l = String.localizedStringWithFormat(tainted) // BAD
+    _ = String(format: tainted, arguments: []) // BAD
+    _ = String(format: tainted, locale: nil) // BAD
+    _ = String(format: tainted, locale: nil, arguments: []) // BAD
+    _ = String.localizedStringWithFormat(tainted) // BAD
 
-    let m = NSString(format: NSString(string: tainted), "abc") // BAD
-    let n = NSString.localizedStringWithFormat(NSString(string: tainted)) // BAD
+    _ = NSString(format: NSString(string: tainted), "abc") // BAD
+    NSString.localizedStringWithFormat(NSString(string: tainted)) // BAD
 
-    var o = NSMutableString(format: NSString(string: tainted), "abc") // BAD
-    var p = NSMutableString.localizedStringWithFormat(NSString(string: tainted)) // BAD
+    _ = NSMutableString(format: NSString(string: tainted), "abc") // BAD
+    NSMutableString.localizedStringWithFormat(NSString(string: tainted)) // BAD
 
     NSLog("abc") // GOOD: not tainted
     NSLog(tainted) // BAD
@@ -119,11 +119,11 @@ func tests() throws {
 
     let taintedVal = Int(tainted)!
     let taintedSan = "\(taintedVal)"
-    let q = String(format: taintedSan) // GOOD: sufficiently sanitized
+    _ = String(format: taintedSan) // GOOD: sufficiently sanitized
 
     let taintedVal2 = Int(tainted) ?? 0
     let taintedSan2 = String(taintedVal2)
-    let r = String(format: taintedSan2) // GOOD: sufficiently sanitized
+    _ = String(format: taintedSan2) // GOOD: sufficiently sanitized
 
     _ = String("abc").appendingFormat("%s", "abc") // GOOD: not tainted
     _ = String("abc").appendingFormat("%s", tainted) // GOOD: format not tainted
