Skip to content

Commit fc7c66d

Browse files
atorralbaatorralba
committed
Remove now unnecessary additional taint step in UnsafeJsEval
1 parent e67b72d commit fc7c66d

File tree

2 files changed

+0
-6
lines changed

2 files changed

+0
-6
lines changed

swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -108,10 +108,6 @@ class UnsafeJsEvalConfig extends TaintTracking::Configuration {
108108
])
109109
).getArgument(0)
110110
or
111-
arg =
112-
any(CallExpr ce | ce.getStaticTarget().(MethodDecl).hasQualifiedName("Data", "init(_:)"))
113-
.getArgument(0)
114-
or
115111
arg =
116112
any(CallExpr ce |
117113
ce.getStaticTarget().(MethodDecl).hasQualifiedName("String", "init(decoding:as:)")

swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,6 @@ edges
66
| UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() : | UnsafeJsEval.swift:205:7:205:7 | remoteString : |
77
| UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() : | UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... : |
88
| UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() : | UnsafeJsEval.swift:211:24:211:37 | .utf8 : |
9-
| UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() : | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) : |
109
| UnsafeJsEval.swift:204:7:204:66 | try! ... : | UnsafeJsEval.swift:265:13:265:13 | string : |
1110
| UnsafeJsEval.swift:204:7:204:66 | try! ... : | UnsafeJsEval.swift:268:13:268:13 | string : |
1211
| UnsafeJsEval.swift:204:7:204:66 | try! ... : | UnsafeJsEval.swift:276:13:276:13 | string : |
@@ -29,7 +28,6 @@ edges
2928
| UnsafeJsEval.swift:211:19:211:41 | call to init(_:) : | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) : |
3029
| UnsafeJsEval.swift:211:24:211:37 | .utf8 : | UnsafeJsEval.swift:144:5:144:29 | [summary param] 0 in init(_:) : |
3130
| UnsafeJsEval.swift:211:24:211:37 | .utf8 : | UnsafeJsEval.swift:211:19:211:41 | call to init(_:) : |
32-
| UnsafeJsEval.swift:211:24:211:37 | .utf8 : | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) : |
3331
| UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) : | UnsafeJsEval.swift:265:13:265:13 | string : |
3432
| UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) : | UnsafeJsEval.swift:268:13:268:13 | string : |
3533
| UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) : | UnsafeJsEval.swift:276:13:276:13 | string : |

0 commit comments

Comments
 (0)