Swift: Add another test case.

geoffw0 · geoffw0 · commit 45858527e2e7 · 2024-11-26T11:15:24.000Z
diff --git a/swift/ql/test/query-tests/Security/CWE-020/MissingRegexAnchor.expected b/swift/ql/test/query-tests/Security/CWE-020/MissingRegexAnchor.expected
@@ -46,8 +46,9 @@
 | UnanchoredUrlRegex.swift:71:46:71:46 | https?://good.com | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
 | UnanchoredUrlRegex.swift:78:39:78:39 | https?://good.com | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
 | UnanchoredUrlRegex.swift:79:39:79:39 | https?://good.com:8080 | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
-| UnanchoredUrlRegex.swift:95:39:95:39 | https?:\\/\\/good.com\\/([0-9]+) | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
-| UnanchoredUrlRegex.swift:101:39:101:39 | example\\.com\|whatever | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
+| UnanchoredUrlRegex.swift:91:3:91:3 | https?://good.com | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
+| UnanchoredUrlRegex.swift:101:39:101:39 | https?:\\/\\/good.com\\/([0-9]+) | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
+| UnanchoredUrlRegex.swift:107:39:107:39 | example\\.com\|whatever | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
 | test.swift:56:16:56:16 | ^http://example.com | This hostname pattern may match any domain name, as it is missing a '$' or '/' at the end. |
 | test.swift:59:16:59:16 | ^http://test\\.example.com | This hostname pattern may match any domain name, as it is missing a '$' or '/' at the end. |
 | test.swift:69:16:69:16 | ^(.+\\.(?:example-a\|example-b)\\.com)/ | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
diff --git a/swift/ql/test/query-tests/Security/CWE-020/UnanchoredUrlRegex.swift b/swift/ql/test/query-tests/Security/CWE-020/UnanchoredUrlRegex.swift
@@ -86,6 +86,12 @@ func tests(url: String, secure: Bool) throws {
 	for trustedUrlRegex in trustedUrlRegexs {
 		if let _ = try NSRegularExpression(pattern: trustedUrlRegex).firstMatch(in: input, range: inputRange) { }
 	}
+
+	let trustedUrlRegexs2 = [
+		"https?://good.com", // BAD (missing anchor), referenced below
+	]
+	if let _ = try NSRegularExpression(pattern: trustedUrlRegexs2[0]).firstMatch(in: input, range: inputRange) { }
+
 	let notUsedUrlRegexs = [
 		"https?://good.com" // OK (not referenced)
 	]

Original file line number	Diff line number	Diff line change
`@@ -86,6 +86,12 @@ func tests(url: String, secure: Bool) throws {`
`86`	`86`	`for trustedUrlRegex in trustedUrlRegexs {`
`87`	`87`	`if let _ = try NSRegularExpression(pattern: trustedUrlRegex).firstMatch(in: input, range: inputRange) { }`
`88`	`88`	`}`
	`89`	`+`
	`90`	`+ let trustedUrlRegexs2 = [`
	`91`	`+ "https?://good.com", // BAD (missing anchor), referenced below`
	`92`	`+ ]`
	`93`	`+ if let _ = try NSRegularExpression(pattern: trustedUrlRegexs2[0]).firstMatch(in: input, range: inputRange) { }`
	`94`	`+`
`89`	`95`	`let notUsedUrlRegexs = [`
`90`	`96`	`"https?://good.com" // OK (not referenced)`
`91`	`97`	`]`