Swift: Use enum content in URL and NSURL models.

geoffw0 · geoffw0 · commit 348c45dff32d · 2023-08-04T17:01:05.000+01:00
diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/NsUrl.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/NsUrl.qll
@@ -10,6 +10,6 @@ private import codeql.swift.dataflow.ExternalFlow
  */
 private class NsUrlSummaries extends SummaryModelCsv {
   override predicate row(string row) {
-    row = ";NSURL;true;init(string:);(String);;Argument[0];ReturnValue;taint"
+    row = ";NSURL;true;init(string:);(String);;Argument[0];ReturnValue.OptionalSome;taint"
   }
 }
diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Url.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Url.qll
@@ -85,8 +85,8 @@ private class UrlSummaries extends SummaryModelCsv {
   override predicate row(string row) {
     row =
       [
-        ";URL;true;init(string:);(String);;Argument[0];ReturnValue;taint",
-        ";URL;true;init(string:relativeTo:);(String,URL?);;Argument[0..1];ReturnValue;taint",
+        ";URL;true;init(string:);(String);;Argument[0];ReturnValue.OptionalSome;taint",
+        ";URL;true;init(string:relativeTo:);(String,URL?);;Argument[0..1];ReturnValue.OptionalSome;taint",
         ";URL;true;init(fileURLWithPath:);;;Argument[0];ReturnValue;taint",
         ";URL;true;init(fileURLWithPath:isDirectory:);;;Argument[0];ReturnValue;taint",
         ";URL;true;init(fileURLWithPath:relativeTo:);;;Argument[0..1];ReturnValue;taint",
@@ -95,8 +95,8 @@ private class UrlSummaries extends SummaryModelCsv {
         ";URL;true;init(fileURLWithFileSystemRepresentation:isDirectory:relativeTo:);;;Argument[0];ReturnValue;taint",
         ";URL;true;init(fileURLWithFileSystemRepresentation:isDirectory:relativeTo:);;;Argument[2];ReturnValue;taint",
         ";URL;true;init(fileReferenceLiteralResourceName:);;;Argument[0];ReturnValue;taint",
-        ";URL;true;init(_:);;;Argument[0];ReturnValue;taint",
-        ";URL;true;init(_:isDirectory:);;;Argument[0];ReturnValue;taint",
+        ";URL;true;init(_:);;;Argument[0];ReturnValue.OptionalSome;taint",
+        ";URL;true;init(_:isDirectory:);;;Argument[0];ReturnValue.OptionalSome;taint",
         ";URL;true;init(resolvingBookmarkData:options:relativeTo:bookmarkDataIsStale:);;;Argument[0];ReturnValue;taint",
         ";URL;true;init(resolvingBookmarkData:options:relativeTo:bookmarkDataIsStale:);;;Argument[2];ReturnValue;taint",
         ";URL;true;init(resolvingAliasFileAt:options:);;;Argument[0];ReturnValue;taint",
diff --git a/swift/ql/test/query-tests/Security/CWE-078/CommandInjection.expected b/swift/ql/test/query-tests/Security/CWE-078/CommandInjection.expected
@@ -31,11 +31,9 @@ edges
 | CommandInjection.swift:79:40:79:94 | call to String.init(contentsOf:) | CommandInjection.swift:79:40:79:94 | call to String.init(contentsOf:) [some:0] |
 | CommandInjection.swift:79:40:79:94 | call to String.init(contentsOf:) [some:0] | CommandInjection.swift:79:8:79:12 | let ...? [some:0] |
 | CommandInjection.swift:94:2:94:2 | [post] task3 [executableURL] | CommandInjection.swift:94:2:94:2 | [post] task3 |
-| CommandInjection.swift:94:24:94:56 | call to URL.init(string:) | CommandInjection.swift:94:24:94:56 | call to URL.init(string:) [some:0] |
-| CommandInjection.swift:94:24:94:56 | call to URL.init(string:) | CommandInjection.swift:94:24:94:57 | ...! |
 | CommandInjection.swift:94:24:94:56 | call to URL.init(string:) [some:0] | CommandInjection.swift:94:24:94:57 | ...! |
 | CommandInjection.swift:94:24:94:57 | ...! | CommandInjection.swift:94:2:94:2 | [post] task3 [executableURL] |
-| CommandInjection.swift:94:36:94:36 | userControlledString | CommandInjection.swift:94:24:94:56 | call to URL.init(string:) |
+| CommandInjection.swift:94:36:94:36 | userControlledString | CommandInjection.swift:94:24:94:56 | call to URL.init(string:) [some:0] |
 | CommandInjection.swift:95:2:95:2 | [post] task3 [arguments] | CommandInjection.swift:95:2:95:2 | [post] task3 |
 | CommandInjection.swift:95:20:95:48 | [...] | CommandInjection.swift:95:2:95:2 | [post] task3 [arguments] |
 | CommandInjection.swift:95:28:95:28 | userControlledString | CommandInjection.swift:95:20:95:48 | [...] |
@@ -62,10 +60,8 @@ edges
 | CommandInjection.swift:123:75:123:75 | userControlledString | CommandInjection.swift:123:67:123:95 | [...] |
 | CommandInjection.swift:123:75:123:75 | userControlledString | CommandInjection.swift:126:35:126:35 | userControlledString |
 | CommandInjection.swift:123:75:123:75 | userControlledString | CommandInjection.swift:127:70:127:70 | userControlledString |
-| CommandInjection.swift:126:23:126:55 | call to URL.init(string:) | CommandInjection.swift:126:23:126:55 | call to URL.init(string:) [some:0] |
-| CommandInjection.swift:126:23:126:55 | call to URL.init(string:) | CommandInjection.swift:126:23:126:56 | ...! |
 | CommandInjection.swift:126:23:126:55 | call to URL.init(string:) [some:0] | CommandInjection.swift:126:23:126:56 | ...! |
-| CommandInjection.swift:126:35:126:35 | userControlledString | CommandInjection.swift:126:23:126:55 | call to URL.init(string:) |
+| CommandInjection.swift:126:35:126:35 | userControlledString | CommandInjection.swift:126:23:126:55 | call to URL.init(string:) [some:0] |
 | CommandInjection.swift:127:70:127:70 | userControlledString | CommandInjection.swift:127:62:127:90 | [...] |
 nodes
 | CommandInjection.swift:38:22:38:33 | command | semmle.label | command |
@@ -100,7 +96,6 @@ nodes
 | CommandInjection.swift:79:40:79:94 | call to String.init(contentsOf:) [some:0] | semmle.label | call to String.init(contentsOf:) [some:0] |
 | CommandInjection.swift:94:2:94:2 | [post] task3 | semmle.label | [post] task3 |
 | CommandInjection.swift:94:2:94:2 | [post] task3 [executableURL] | semmle.label | [post] task3 [executableURL] |
-| CommandInjection.swift:94:24:94:56 | call to URL.init(string:) | semmle.label | call to URL.init(string:) |
 | CommandInjection.swift:94:24:94:56 | call to URL.init(string:) [some:0] | semmle.label | call to URL.init(string:) [some:0] |
 | CommandInjection.swift:94:24:94:57 | ...! | semmle.label | ...! |
 | CommandInjection.swift:94:36:94:36 | userControlledString | semmle.label | userControlledString |
@@ -129,7 +124,6 @@ nodes
 | CommandInjection.swift:122:42:122:42 | userControlledString | semmle.label | userControlledString |
 | CommandInjection.swift:123:67:123:95 | [...] | semmle.label | [...] |
 | CommandInjection.swift:123:75:123:75 | userControlledString | semmle.label | userControlledString |
-| CommandInjection.swift:126:23:126:55 | call to URL.init(string:) | semmle.label | call to URL.init(string:) |
 | CommandInjection.swift:126:23:126:55 | call to URL.init(string:) [some:0] | semmle.label | call to URL.init(string:) [some:0] |
 | CommandInjection.swift:126:23:126:56 | ...! | semmle.label | ...! |
 | CommandInjection.swift:126:35:126:35 | userControlledString | semmle.label | userControlledString |

Original file line number	Diff line number	Diff line change
`@@ -10,6 +10,6 @@ private import codeql.swift.dataflow.ExternalFlow`
`10`	`10`	`*/`
`11`	`11`	`private class NsUrlSummaries extends SummaryModelCsv {`
`12`	`12`	`override predicate row(string row) {`
`13`		`- row = ";NSURL;true;init(string:);(String);;Argument[0];ReturnValue;taint"`
	`13`	`+ row = ";NSURL;true;init(string:);(String);;Argument[0];ReturnValue.OptionalSome;taint"`
`14`	`14`	`}`
`15`	`15`	`}`