Swift: Effect of fixing string interpolation bug.

geoffw0 · geoffw0 · commit 839b9635b944 · 2023-09-25T20:30:58.000+01:00
diff --git a/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected b/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected
@@ -8,8 +8,6 @@ edges
 | file://:0:0:0:0 | value | file://:0:0:0:0 | [post] self [value] |
 | sqlite3_c_api.swift:42:69:42:69 | medicalNotes | sqlite3_c_api.swift:46:27:46:27 | insertQuery |
 | sqlite3_c_api.swift:43:49:43:49 | medicalNotes | sqlite3_c_api.swift:47:27:47:27 | updateQuery |
-| sqlite3_c_api.swift:43:49:43:49 | medicalNotes | sqlite3_c_api.swift:48:27:48:27 | deleteQuery |
-| sqlite3_c_api.swift:43:49:43:49 | medicalNotes | sqlite3_c_api.swift:57:34:57:34 | id |
 | testCoreData2.swift:23:13:23:13 | value | file://:0:0:0:0 | value |
 | testCoreData2.swift:37:2:37:2 | [post] obj [myValue] | testCoreData2.swift:37:2:37:2 | [post] obj |
 | testCoreData2.swift:37:16:37:16 | bankAccountNo | testCoreData2.swift:37:2:37:2 | [post] obj [myValue] |
@@ -205,8 +203,6 @@ nodes
 | sqlite3_c_api.swift:43:49:43:49 | medicalNotes | semmle.label | medicalNotes |
 | sqlite3_c_api.swift:46:27:46:27 | insertQuery | semmle.label | insertQuery |
 | sqlite3_c_api.swift:47:27:47:27 | updateQuery | semmle.label | updateQuery |
-| sqlite3_c_api.swift:48:27:48:27 | deleteQuery | semmle.label | deleteQuery |
-| sqlite3_c_api.swift:57:34:57:34 | id | semmle.label | id |
 | sqlite3_c_api.swift:58:36:58:36 | medicalNotes | semmle.label | medicalNotes |
 | testCoreData2.swift:23:13:23:13 | value | semmle.label | value |
 | testCoreData2.swift:37:2:37:2 | [post] obj | semmle.label | [post] obj |
@@ -478,8 +474,6 @@ subpaths
 #select
 | sqlite3_c_api.swift:46:27:46:27 | insertQuery | sqlite3_c_api.swift:42:69:42:69 | medicalNotes | sqlite3_c_api.swift:46:27:46:27 | insertQuery | This operation stores 'insertQuery' in a database. It may contain unencrypted sensitive data from $@. | sqlite3_c_api.swift:42:69:42:69 | medicalNotes | medicalNotes |
 | sqlite3_c_api.swift:47:27:47:27 | updateQuery | sqlite3_c_api.swift:43:49:43:49 | medicalNotes | sqlite3_c_api.swift:47:27:47:27 | updateQuery | This operation stores 'updateQuery' in a database. It may contain unencrypted sensitive data from $@. | sqlite3_c_api.swift:43:49:43:49 | medicalNotes | medicalNotes |
-| sqlite3_c_api.swift:48:27:48:27 | deleteQuery | sqlite3_c_api.swift:43:49:43:49 | medicalNotes | sqlite3_c_api.swift:48:27:48:27 | deleteQuery | This operation stores 'deleteQuery' in a database. It may contain unencrypted sensitive data from $@. | sqlite3_c_api.swift:43:49:43:49 | medicalNotes | medicalNotes |
-| sqlite3_c_api.swift:57:34:57:34 | id | sqlite3_c_api.swift:43:49:43:49 | medicalNotes | sqlite3_c_api.swift:57:34:57:34 | id | This operation stores 'id' in a database. It may contain unencrypted sensitive data from $@. | sqlite3_c_api.swift:43:49:43:49 | medicalNotes | medicalNotes |
 | sqlite3_c_api.swift:58:36:58:36 | medicalNotes | sqlite3_c_api.swift:58:36:58:36 | medicalNotes | sqlite3_c_api.swift:58:36:58:36 | medicalNotes | This operation stores 'medicalNotes' in a database. It may contain unencrypted sensitive data from $@. | sqlite3_c_api.swift:58:36:58:36 | medicalNotes | medicalNotes |
 | testCoreData2.swift:37:2:37:2 | obj | testCoreData2.swift:37:16:37:16 | bankAccountNo | testCoreData2.swift:37:2:37:2 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:37:16:37:16 | bankAccountNo | bankAccountNo |
 | testCoreData2.swift:39:2:39:2 | obj | testCoreData2.swift:39:28:39:28 | bankAccountNo | testCoreData2.swift:39:2:39:2 | [post] obj | This operation stores 'obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:39:28:39:28 | bankAccountNo | bankAccountNo |
diff --git a/swift/ql/test/query-tests/Security/CWE-311/sqlite3_c_api.swift b/swift/ql/test/query-tests/Security/CWE-311/sqlite3_c_api.swift
@@ -45,7 +45,7 @@ func test_sqlite3_c_api(db: OpaquePointer?, id: Int32, medicalNotes: String) {
 
 	let _ = sqlite3_exec(db, insertQuery, nil, nil, nil) // BAD (sensitive data)
 	let _ = sqlite3_exec(db, updateQuery, nil, nil, nil) // BAD (sensitive data)
-	let _ = sqlite3_exec(db, deleteQuery, nil, nil, nil) // GOOD [FALSE POSITIVE]
+	let _ = sqlite3_exec(db, deleteQuery, nil, nil, nil) // GOOD
 
 	// --- sensitive data in bindings ---
 
@@ -54,7 +54,7 @@ func test_sqlite3_c_api(db: OpaquePointer?, id: Int32, medicalNotes: String) {
 	var stmt1: OpaquePointer?
 
 	if (sqlite3_prepare(db, varQuery, -1, &stmt1, nil) == SQLITE_OK) { // GOOD
-		if (sqlite3_bind_int(stmt1, 1, id) == SQLITE_OK) { // GOOD [FALSE POSITIVE]
+		if (sqlite3_bind_int(stmt1, 1, id) == SQLITE_OK) { // GOOD
 			if (sqlite3_bind_text(stmt1, 2, medicalNotes, -1, SQLITE_TRANSIENT) == SQLITE_OK) { // BAD (sensitive data)
 				// ...
 			}
