Merge pull request github#11458 from geoffw0/simplify

Swift: Simplify some QL.

Author: geoffw0

swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql

@@ -32,17 +32,15 @@ class StaticInitializationVectorSource extends Expr {
 class EncryptionInitializationSink extends Expr {
   EncryptionInitializationSink() {
     // `iv` arg in `init` is a sink
-    exists(CallExpr call, string fName, int arg |
+    exists(CallExpr call, string fName |
       call.getStaticTarget()
           .(MethodDecl)
           .hasQualifiedName([
               "AES", "ChaCha20", "Blowfish", "Rabbit", "CBC", "CFB", "GCM", "OCB", "OFB", "PCBC",
               "CCM", "CTR"
             ], fName) and
-      fName.matches("%init(%iv:%") and
-      arg = [0, 1] and
-      call.getStaticTarget().(MethodDecl).getParam(pragma[only_bind_into](arg)).getName() = "iv" and
-      call.getArgument(pragma[only_bind_into](arg)).getExpr() = this
+      fName.matches("%init(%") and
+      call.getArgumentWithLabel("iv").getExpr() = this
     )
   }
 }

swift/ql/src/queries/Security/CWE-135/StringLengthConflation.ql

@@ -162,7 +162,7 @@ class StringLengthConflationConfiguration extends DataFlow::Configuration {
         call.getStaticTarget() = funcDecl and
         flowstate = "String"
       ) and
-      // match up `funcName`, `paramName`, `arg`, `node`.
+      // match up `funcName`, `arg`, `node`.
       funcDecl.getName() = funcName and
       call.getArgument(arg).getExpr() = node.asExpr()
     )

swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql

@@ -32,13 +32,12 @@ class ConstantPasswordSource extends Expr {
 class ConstantPasswordSink extends Expr {
   ConstantPasswordSink() {
     // `password` arg in `init` is a sink
-    exists(ClassOrStructDecl c, AbstractFunctionDecl f, CallExpr call, int arg |
+    exists(ClassOrStructDecl c, AbstractFunctionDecl f, CallExpr call |
       c.getFullName() = ["HKDF", "PBKDF1", "PBKDF2", "Scrypt"] and
       c.getAMember() = f and
-      f.getName().matches("%init(%password:%") and
+      f.getName().matches("%init(%") and
       call.getStaticTarget() = f and
-      f.getParam(pragma[only_bind_into](arg)).getName() = "password" and
-      call.getArgument(pragma[only_bind_into](arg)).getExpr() = this
+      call.getArgumentWithLabel("password").getExpr() = this
     )
   }
 }

swift/ql/src/queries/Security/CWE-760/ConstantSalt.ql

@@ -32,13 +32,12 @@ class ConstantSaltSource extends Expr {
 class ConstantSaltSink extends Expr {
   ConstantSaltSink() {
     // `salt` arg in `init` is a sink
-    exists(ClassOrStructDecl c, AbstractFunctionDecl f, CallExpr call, int arg |
+    exists(ClassOrStructDecl c, AbstractFunctionDecl f, CallExpr call |
       c.getFullName() = ["HKDF", "PBKDF1", "PBKDF2", "Scrypt"] and
       c.getAMember() = f and
-      f.getName().matches("%init(%salt:%") and
+      f.getName().matches("%init(%") and
       call.getStaticTarget() = f and
-      f.getParam(pragma[only_bind_into](arg)).getName() = "salt" and
-      call.getArgument(pragma[only_bind_into](arg)).getExpr() = this
+      call.getArgumentWithLabel("salt").getExpr() = this
     )
   }
 }

swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.ql

@@ -33,13 +33,12 @@ class IntLiteralSource extends IterationsSource instanceof IntegerLiteralExpr {
 class InsufficientHashIterationsSink extends Expr {
   InsufficientHashIterationsSink() {
     // `iterations` arg in `init` is a sink
-    exists(ClassOrStructDecl c, AbstractFunctionDecl f, CallExpr call, int arg |
+    exists(ClassOrStructDecl c, AbstractFunctionDecl f, CallExpr call |
       c.getFullName() = ["PBKDF1", "PBKDF2"] and
       c.getAMember() = f and
-      f.getName().matches("init(%iterations:%") and
+      f.getName().matches("init(%") and
       call.getStaticTarget() = f and
-      f.getParam(pragma[only_bind_into](arg)).getName() = "iterations" and
-      call.getArgument(pragma[only_bind_into](arg)).getExpr() = this
+      call.getArgumentWithLabel("iterations").getExpr() = this
     )
   }
 }