Skip to content

Commit e230951

Browse files
geoffw0geoffw0
committed
Swift: Model StringProtocol methods.
1 parent 38eeb9c commit e230951

File tree

4 files changed

+202
-300
lines changed

4 files changed

+202
-300
lines changed

swift/ql/lib/codeql/swift/frameworks/StandardLibrary/String.qll

Lines changed: 34 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,37 @@ private class StringSummaries extends SummaryModelCsv {
3232
";StringProtocol;true;init(cString:);;;Argument[0];ReturnValue;taint",
3333
";StringProtocol;true;init(decoding:as:);;;Argument[0];ReturnValue;taint",
3434
";StringProtocol;true;init(decodingCString:as:);;;Argument[0];ReturnValue;taint",
35+
";StringProtocol;true;addingPercentEncoding(withAllowedCharacter:);;;Argument[-1];ReturnValue;taint",
36+
";StringProtocol;true;addingPercentEscapes(using:);;;Argument[-1];ReturnValue;taint",
37+
";StringProtocol;true;appending(_:);;;Argument[-1..0];ReturnValue;taint",
38+
";StringProtocol;true;appendingFormat(_:_:);;;Argument[-1..0];ReturnValue;taint",//-1..
39+
";StringProtocol;true;applyingTransform(_:reverse:);;;Argument[-1];ReturnValue;taint",
40+
";StringProtocol;true;cString(using:);;;Argument[-1];ReturnValue;taint",
41+
";StringProtocol;true;capitalized(with:);;;Argument[-1];ReturnValue;taint",
42+
";StringProtocol;true;completePath(into:caseSensitive:matchesInto:filterTypes:);;;Argument[-1];Argument[0];taint",
43+
";StringProtocol;true;completePath(into:caseSensitive:matchesInto:filterTypes:);;;Argument[-1];Argument[2];taint",
44+
";StringProtocol;true;components(separatedBy:);;;Argument[-1];ReturnValue;taint",
45+
";StringProtocol;true;data(using:allowLossyConversion:);;;Argument[-1];ReturnValue;taint",
46+
";StringProtocol;true;folding(options:locale:);;;Argument[-1];ReturnValue;taint",
47+
";StringProtocol;true;getBytes(_:maxLength:usedLength:encoding:options:range:remaining:);;;Argument[-1];Argument[0];taint",
48+
";StringProtocol;true;getCString(_:maxLength:encoding:);;;Argument[-1];Argument[0];taint",
49+
";StringProtocol;true;lowercased();;;Argument[-1];ReturnValue;taint",
50+
";StringProtocol;true;lowercased(with:);;;Argument[-1];ReturnValue;taint",
51+
";StringProtocol;true;padding(toLength:withPad:startingAt:);;;Argument[-1];ReturnValue;taint",
52+
";StringProtocol;true;padding(toLength:withPad:startingAt:);;;Argument[1];ReturnValue;taint",
53+
";StringProtocol;true;propertyList();;;Argument[-1];ReturnValue;taint",
54+
";StringProtocol;true;propertyListFromStringsFileFormat();;;Argument[-1];ReturnValue;taint",
55+
";StringProtocol;true;replacingCharacters(in:with:);;;Argument[-1];ReturnValue;taint",
56+
";StringProtocol;true;replacingCharacters(in:with:);;;Argument[1];ReturnValue;taint",
57+
";StringProtocol;true;replacingOccurrences(of:with:options:range);;;Argument[-1];ReturnValue;taint",
58+
";StringProtocol;true;replacingOccurrences(of:with:options:range);;;Argument[1];ReturnValue;taint",
59+
";StringProtocol;true;replacingPercentEscapes(using:);;;Argument[-1];ReturnValue;taint",
60+
";StringProtocol;true;split(separator:maxSplits:omittingEmptySubsequences:);;;Argument[-1];ReturnValue;taint",
61+
";StringProtocol;true;substring(from:);;;Argument[-1];ReturnValue;taint",
62+
";StringProtocol;true;substring(with:);;;Argument[-1];ReturnValue;taint",
63+
";StringProtocol;true;trimmingCharacters(in:);;;Argument[-1];ReturnValue;taint",
64+
";StringProtocol;true;uppercased();;;Argument[-1];ReturnValue;taint",
65+
";StringProtocol;true;uppercased(with:);;;Argument[-1];ReturnValue;taint",
3566
";String;true;init(decoding:);;;Argument[0];ReturnValue;taint",
3667
";String;true;init(_:);;;Argument[0];ReturnValue;taint",
3768
";String;true;init(repeating:count:);;;Argument[0];ReturnValue;taint",
@@ -72,8 +103,8 @@ private class StringSummaries extends SummaryModelCsv {
72103
";String;true;insert(contentsOf:at:);;;Argument[0];Argument[-1];taint",
73104
";String;true;replaceSubrange(_:with::);;;Argument[1];Argument[-1];taint",
74105
";String;true;popLast();;;Argument[-1];ReturnValue;taint",
75-
";String;true;lowercased();;;Argument[-1];ReturnValue;taint",
76-
";String;true;uppercased();;;Argument[-1];ReturnValue;taint",
106+
";String;true;lowercased();;;Argument[-1];ReturnValue;taint",//?
107+
";String;true;uppercased();;;Argument[-1];ReturnValue;taint",//?
77108
";String;true;first(where:);;;Argument[-1];ReturnValue;taint",
78109
";String;true;last(where:);;;Argument[-1];ReturnValue;taint",
79110
";String;true;max();;;Argument[-1];ReturnValue;taint",
@@ -87,7 +118,7 @@ private class StringSummaries extends SummaryModelCsv {
87118
";String;true;prefix(while:);;;Argument[-1];ReturnValue;taint",
88119
";String;true;suffix(_:);;;Argument[-1];ReturnValue;taint",
89120
";String;true;suffix(from:);;;Argument[-1];ReturnValue;taint",
90-
";String;true;split(separator:maxSplits:omittingEmptySubsequences:);;;Argument[-1];ReturnValue;taint",
121+
";String;true;split(separator:maxSplits:omittingEmptySubsequences:);;;Argument[-1];ReturnValue;taint",//?
91122
";String;true;split(maxSplits:omittingEmptySubsequences:whereSeparator:);;;Argument[-1];ReturnValue;taint",
92123
";String;true;randomElement();;;Argument[-1];ReturnValue;taint",
93124
";String;true;randomElement(using:);;;Argument[-1];ReturnValue;taint",

swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1055,17 +1055,25 @@
10551055
| string.swift:167:19:167:19 | tainted | string.swift:170:29:170:29 | tainted |
10561056
| string.swift:167:29:167:29 | < | string.swift:167:13:167:29 | ... .+(_:_:) ... |
10571057
| string.swift:169:13:169:13 | [post] clean | string.swift:169:29:169:29 | clean |
1058+
| string.swift:169:13:169:13 | clean | string.swift:169:13:169:34 | call to appending(_:) |
10581059
| string.swift:169:13:169:13 | clean | string.swift:169:29:169:29 | clean |
10591060
| string.swift:169:29:169:29 | [post] clean | string.swift:170:13:170:13 | clean |
1061+
| string.swift:169:29:169:29 | clean | string.swift:169:13:169:34 | call to appending(_:) |
10601062
| string.swift:169:29:169:29 | clean | string.swift:170:13:170:13 | clean |
10611063
| string.swift:170:13:170:13 | [post] clean | string.swift:171:31:171:31 | clean |
1064+
| string.swift:170:13:170:13 | clean | string.swift:170:13:170:36 | call to appending(_:) |
10621065
| string.swift:170:13:170:13 | clean | string.swift:171:31:171:31 | clean |
10631066
| string.swift:170:29:170:29 | [post] tainted | string.swift:171:13:171:13 | tainted |
1067+
| string.swift:170:29:170:29 | tainted | string.swift:170:13:170:36 | call to appending(_:) |
10641068
| string.swift:170:29:170:29 | tainted | string.swift:171:13:171:13 | tainted |
10651069
| string.swift:171:13:171:13 | [post] tainted | string.swift:172:13:172:13 | tainted |
1070+
| string.swift:171:13:171:13 | tainted | string.swift:171:13:171:36 | call to appending(_:) |
10661071
| string.swift:171:13:171:13 | tainted | string.swift:172:13:172:13 | tainted |
1072+
| string.swift:171:31:171:31 | clean | string.swift:171:13:171:36 | call to appending(_:) |
10671073
| string.swift:172:13:172:13 | [post] tainted | string.swift:172:31:172:31 | tainted |
1074+
| string.swift:172:13:172:13 | tainted | string.swift:172:13:172:38 | call to appending(_:) |
10681075
| string.swift:172:13:172:13 | tainted | string.swift:172:31:172:31 | tainted |
1076+
| string.swift:172:31:172:31 | tainted | string.swift:172:13:172:38 | call to appending(_:) |
10691077
| string.swift:174:7:174:7 | SSA def(str) | string.swift:175:13:175:13 | str |
10701078
| string.swift:174:13:174:13 | abc | string.swift:174:7:174:7 | SSA def(str) |
10711079
| string.swift:175:13:175:13 | [post] str | string.swift:176:3:176:3 | str |
@@ -1184,6 +1192,7 @@
11841192
| string.swift:231:13:231:13 | [post] tainted | string.swift:232:13:232:13 | tainted |
11851193
| string.swift:231:13:231:13 | tainted | string.swift:232:13:232:13 | tainted |
11861194
| string.swift:232:13:232:13 | [post] tainted | string.swift:232:37:232:37 | tainted |
1195+
| string.swift:232:13:232:13 | tainted | string.swift:232:13:232:55 | call to substring(from:) |
11871196
| string.swift:232:13:232:13 | tainted | string.swift:232:37:232:37 | tainted |
11881197
| string.swift:232:37:232:37 | [post] tainted | string.swift:234:13:234:13 | tainted |
11891198
| string.swift:232:37:232:37 | tainted | string.swift:234:13:234:13 | tainted |
@@ -1194,10 +1203,13 @@
11941203
| string.swift:235:13:235:13 | tainted | string.swift:235:13:235:32 | call to uppercased() |
11951204
| string.swift:235:13:235:13 | tainted | string.swift:236:13:236:13 | tainted |
11961205
| string.swift:236:13:236:13 | [post] tainted | string.swift:237:13:237:13 | tainted |
1206+
| string.swift:236:13:236:13 | tainted | string.swift:236:13:236:41 | call to lowercased(with:) |
11971207
| string.swift:236:13:236:13 | tainted | string.swift:237:13:237:13 | tainted |
11981208
| string.swift:237:13:237:13 | [post] tainted | string.swift:238:13:238:13 | tainted |
1209+
| string.swift:237:13:237:13 | tainted | string.swift:237:13:237:41 | call to uppercased(with:) |
11991210
| string.swift:237:13:237:13 | tainted | string.swift:238:13:238:13 | tainted |
12001211
| string.swift:238:13:238:13 | [post] tainted | string.swift:239:13:239:13 | tainted |
1212+
| string.swift:238:13:238:13 | tainted | string.swift:238:13:238:42 | call to capitalized(with:) |
12011213
| string.swift:238:13:238:13 | tainted | string.swift:239:13:239:13 | tainted |
12021214
| string.swift:239:13:239:13 | [post] tainted | string.swift:241:13:241:13 | tainted |
12031215
| string.swift:239:13:239:13 | tainted | string.swift:241:13:241:13 | tainted |
@@ -1208,19 +1220,27 @@
12081220
| string.swift:243:5:243:5 | SSA def(c) | string.swift:243:18:243:18 | c |
12091221
| string.swift:243:5:243:5 | c | string.swift:243:5:243:5 | SSA def(c) |
12101222
| string.swift:245:13:245:13 | [post] tainted | string.swift:246:13:246:13 | tainted |
1223+
| string.swift:245:13:245:13 | tainted | string.swift:245:13:245:68 | call to trimmingCharacters(in:) |
12111224
| string.swift:245:13:245:13 | tainted | string.swift:246:13:246:13 | tainted |
12121225
| string.swift:246:13:246:13 | [post] tainted | string.swift:247:13:247:13 | tainted |
1226+
| string.swift:246:13:246:13 | tainted | string.swift:246:13:246:70 | call to padding(toLength:withPad:startingAt:) |
12131227
| string.swift:246:13:246:13 | tainted | string.swift:247:13:247:13 | tainted |
1228+
| string.swift:246:52:246:52 | | string.swift:246:13:246:70 | call to padding(toLength:withPad:startingAt:) |
12141229
| string.swift:247:13:247:13 | [post] tainted | string.swift:248:13:248:13 | tainted |
1230+
| string.swift:247:13:247:13 | tainted | string.swift:247:13:247:69 | call to components(separatedBy:) |
12151231
| string.swift:247:13:247:13 | tainted | string.swift:248:13:248:13 | tainted |
12161232
| string.swift:248:13:248:13 | [post] tainted | string.swift:249:13:249:13 | tainted |
1233+
| string.swift:248:13:248:13 | tainted | string.swift:248:13:248:69 | call to components(separatedBy:) |
12171234
| string.swift:248:13:248:13 | tainted | string.swift:249:13:249:13 | tainted |
12181235
| string.swift:248:13:248:69 | call to components(separatedBy:) | string.swift:248:13:248:72 | ...[...] |
12191236
| string.swift:249:13:249:13 | [post] tainted | string.swift:250:13:250:13 | tainted |
1237+
| string.swift:249:13:249:13 | tainted | string.swift:249:13:249:40 | call to folding(options:locale:) |
12201238
| string.swift:249:13:249:13 | tainted | string.swift:250:13:250:13 | tainted |
12211239
| string.swift:250:13:250:13 | [post] tainted | string.swift:251:13:251:13 | tainted |
1240+
| string.swift:250:13:250:13 | tainted | string.swift:250:13:250:55 | call to propertyListFromStringsFileFormat() |
12221241
| string.swift:250:13:250:13 | tainted | string.swift:251:13:251:13 | tainted |
12231242
| string.swift:251:13:251:13 | [post] tainted | string.swift:258:13:258:13 | tainted |
1243+
| string.swift:251:13:251:13 | tainted | string.swift:251:13:251:55 | call to propertyListFromStringsFileFormat() |
12241244
| string.swift:251:13:251:13 | tainted | string.swift:258:13:258:13 | tainted |
12251245
| string.swift:251:13:251:55 | call to propertyListFromStringsFileFormat() | string.swift:251:13:251:62 | ...[...] |
12261246
| string.swift:251:13:251:62 | ...[...] | string.swift:251:13:251:63 | ...! |
@@ -1438,6 +1458,7 @@
14381458
| string.swift:378:5:378:5 | ptr | string.swift:378:5:378:5 | SSA def(ptr) |
14391459
| string.swift:382:7:382:7 | SSA def(arrayString1) | string.swift:383:13:383:13 | arrayString1 |
14401460
| string.swift:382:22:382:22 | [post] clean | string.swift:397:3:397:3 | clean |
1461+
| string.swift:382:22:382:22 | clean | string.swift:382:22:382:63 | call to cString(using:) |
14411462
| string.swift:382:22:382:22 | clean | string.swift:397:3:397:3 | clean |
14421463
| string.swift:382:22:382:63 | call to cString(using:) | string.swift:382:22:382:64 | ...! |
14431464
| string.swift:382:22:382:64 | ...! | string.swift:382:7:382:7 | SSA def(arrayString1) |
@@ -1451,6 +1472,7 @@
14511472
| string.swift:387:31:387:49 | ...! | string.swift:387:15:387:50 | call to String.init(cString:) |
14521473
| string.swift:389:7:389:7 | SSA def(arrayString2) | string.swift:390:13:390:13 | arrayString2 |
14531474
| string.swift:389:22:389:22 | [post] tainted | string.swift:408:3:408:3 | tainted |
1475+
| string.swift:389:22:389:22 | tainted | string.swift:389:22:389:65 | call to cString(using:) |
14541476
| string.swift:389:22:389:22 | tainted | string.swift:408:3:408:3 | tainted |
14551477
| string.swift:389:22:389:65 | call to cString(using:) | string.swift:389:22:389:66 | ...! |
14561478
| string.swift:389:22:389:66 | ...! | string.swift:389:7:389:7 | SSA def(arrayString2) |

0 commit comments

Comments
 (0)