Skip to content

Commit 5019d3b

Browse files
geoffw0geoffw0
committed
Swift: Update test annotations.
1 parent 3f206cc commit 5019d3b

File tree

2 files changed

+13
-13
lines changed

2 files changed

+13
-13
lines changed

swift/ql/test/query-tests/Security/CWE-311/testURL.swift

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ struct URL
1212
func test1(passwd : String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
1313
let a = URL(string: "http://example.com/login?p=" + passwd); // BAD
1414
let b = URL(string: "http://example.com/login?p=" + encrypted_passwd); // GOOD (not sensitive)
15-
let c = URL(string: "http://example.com/login?ac=" + account_no); // BAD [NOT DETECTED]
15+
let c = URL(string: "http://example.com/login?ac=" + account_no); // BAD
1616
let d = URL(string: "http://example.com/login?cc=" + credit_card_no); // BAD
1717

1818
let base = URL(string: "http://example.com/"); // GOOD (not sensitive)

swift/ql/test/query-tests/Security/CWE-328/testCryptoKit.swift

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -54,16 +54,16 @@ enum Insecure {
5454

5555
func testHashMethods(passwd : UnsafeRawBufferPointer, cert: String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
5656
var hash = Crypto.Insecure.MD5.hash(data: passwd) // BAD
57-
hash = Crypto.Insecure.MD5.hash(data: cert) // BAD [NOT DETECTED]
57+
hash = Crypto.Insecure.MD5.hash(data: cert) // BAD
5858
hash = Crypto.Insecure.MD5.hash(data: encrypted_passwd) // GOOD (not sensitive)
59-
hash = Crypto.Insecure.MD5.hash(data: account_no) // BAD [NOT DETECTED]
59+
hash = Crypto.Insecure.MD5.hash(data: account_no) // BAD
6060
hash = Crypto.Insecure.MD5.hash(data: credit_card_no) // BAD
6161
hash = Crypto.Insecure.MD5.hash(data: credit_card_no) // BAD
6262

6363
hash = Crypto.Insecure.SHA1.hash(data: passwd) // BAD
64-
hash = Crypto.Insecure.SHA1.hash(data: cert) // BAD [NOT DETECTED]
64+
hash = Crypto.Insecure.SHA1.hash(data: cert) // BAD
6565
hash = Crypto.Insecure.SHA1.hash(data: encrypted_passwd) // GOOD (not sensitive)
66-
hash = Crypto.Insecure.SHA1.hash(data: account_no) // BAD [NOT DETECTED]
66+
hash = Crypto.Insecure.SHA1.hash(data: account_no) // BAD
6767
hash = Crypto.Insecure.SHA1.hash(data: credit_card_no) // BAD
6868

6969
hash = Crypto.SHA256.hash(data: passwd) // BAD [NOT DETECTED] not a computationally expensive hash
@@ -88,18 +88,18 @@ func testHashMethods(passwd : UnsafeRawBufferPointer, cert: String, encrypted_pa
8888
func testMD5UpdateWithData(passwd : String, cert: String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
8989
var hash = Crypto.Insecure.MD5()
9090
hash.update(data: passwd) // BAD
91-
hash.update(data: cert) // BAD [NOT DETECTED]
91+
hash.update(data: cert) // BAD
9292
hash.update(data: encrypted_passwd) // GOOD (not sensitive)
93-
hash.update(data: account_no) // BAD [NOT DETECTED]
93+
hash.update(data: account_no) // BAD
9494
hash.update(data: credit_card_no) // BAD
9595
}
9696

9797
func testSHA1UpdateWithData(passwd : String, cert: String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
9898
var hash = Crypto.Insecure.SHA1()
9999
hash.update(data: passwd) // BAD
100-
hash.update(data: cert) // BAD [NOT DETECTED]
100+
hash.update(data: cert) // BAD
101101
hash.update(data: encrypted_passwd) // GOOD (not sensitive)
102-
hash.update(data: account_no) // BAD [NOT DETECTED]
102+
hash.update(data: account_no) // BAD
103103
hash.update(data: credit_card_no) // BAD
104104
}
105105

@@ -130,18 +130,18 @@ func testSHA512UpdateWithData(passwd : String, cert: String, encrypted_passwd :
130130
func testMD5UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer, cert: UnsafeRawBufferPointer, encrypted_passwd : UnsafeRawBufferPointer, account_no : UnsafeRawBufferPointer, credit_card_no : UnsafeRawBufferPointer) {
131131
var hash = Crypto.Insecure.MD5()
132132
hash.update(bufferPointer: passwd) // BAD
133-
hash.update(bufferPointer: cert) // BAD [NOT DETECTED]
133+
hash.update(bufferPointer: cert) // BAD
134134
hash.update(bufferPointer: encrypted_passwd) // GOOD (not sensitive)
135-
hash.update(bufferPointer: account_no) // BAD [NOT DETECTED]
135+
hash.update(bufferPointer: account_no) // BAD
136136
hash.update(bufferPointer: credit_card_no) // BAD
137137
}
138138

139139
func testSHA1UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer, cert: UnsafeRawBufferPointer, encrypted_passwd : UnsafeRawBufferPointer, account_no : UnsafeRawBufferPointer, credit_card_no : UnsafeRawBufferPointer) {
140140
var hash = Crypto.Insecure.SHA1()
141141
hash.update(bufferPointer: passwd) // BAD
142-
hash.update(bufferPointer: cert) // BAD [NOT DETECTED]
142+
hash.update(bufferPointer: cert) // BAD
143143
hash.update(bufferPointer: encrypted_passwd) // GOOD (not sensitive)
144-
hash.update(bufferPointer: account_no) // BAD [NOT DETECTED]
144+
hash.update(bufferPointer: account_no) // BAD
145145
hash.update(bufferPointer: credit_card_no) // BAD
146146
}
147147

0 commit comments

Comments
 (0)