Swift: Add doc.

Author: geoffw0

swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp

@@ -0,0 +1,39 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+<overview>
+<p>
+Passing untrusted format strings to functions that use <code>printf</code> style formatting can lead to buffer overflows and data representation problems. An attacker can exploit this weakness to crash the program or obtain sensitive information from its internal state.</p>
+</p>
+
+</overview>
+<recommendation>
+
+<p>Use a string literal for the format string to prevent the possibility of data flow from
+an untrusted source. This also helps to prevent errors where the format arguments do not match the format string.</p>
+
+<p>If the format string cannot be constant, ensure that it comes from a secure data source or is compiled into the source code. If you need to include a value from the user, use the <code>%s</code> specifier in the format string and include that value as a format argument.
+</p>
+
+</recommendation>
+<example>
+
+<p>In this example, the format string includes a user-controlled <code>inputString</code>:</p>
+
+<sample src="UncontrolledFormatStringBad.cs" />
+
+<p>To fix it, make <code>inputString</code> a format argument rather than part of the format string, as in the following code:</p>
+
+<sample src="UncontrolledFormatStringGood.cs" />
+
+</example>
+<references>
+
+<li>
+OWASP:
+<a href="https://owasp.org/www-community/attacks/Format_string_attack">Format string attack</a>.
+</li>
+
+</references>
+</qhelp>

swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringBad.swift

@@ -0,0 +1,2 @@
+
+print(String(format: "User input: " + inputString)) // vulnerable

swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringGood.swift

@@ -0,0 +1,2 @@
+
+print(String(format: "User input: %s", inputString)) // fixed