Swift: Add numeric barrier to the regular expression injection query as well.

Author: geoffw0

swift/ql/lib/codeql/swift/security/regex/RegexInjectionExtensions.qll

@@ -57,3 +57,13 @@ private class RegexInjectionSinks extends SinkModelCsv {
       ]
   }
 }
+
+/**
+ * A barrier for regular expression injection vulnerabilities.
+ */
+private class RegexInjectionDefaultBarrier extends RegexInjectionBarrier {
+  RegexInjectionDefaultBarrier() {
+    // any numeric type
+    this.asExpr().getType().getUnderlyingType().getABaseType*().getName() = "Numeric"
+  }
+}

swift/ql/src/change-notes/2023-09-19-numeric-barriers.md

@@ -1,4 +1,4 @@
 ---
 category: minorAnalysis
 ---
-* Adder barriers for numeric type values to the injection-like queries, to reduce false positive results where the user input that can be injected is constrainted to a numerical value. The queries updated by this change are: "Predicate built from user-controlled sources" (`swift/predicate-injection`), "Database query built from user-controlled sources" (`swift/sql-injection`), "Uncontrolled format string" (`swift/uncontrolled-format-string`) and "JavaScript Injection" (`swift/unsafe-js-eval`).
+* Adder barriers for numeric type values to the injection-like queries, to reduce false positive results where the user input that can be injected is constrainted to a numerical value. The queries updated by this change are: "Predicate built from user-controlled sources" (`swift/predicate-injection`), "Database query built from user-controlled sources" (`swift/sql-injection`), "Uncontrolled format string" (`swift/uncontrolled-format-string`), "JavaScript Injection" (`swift/unsafe-js-eval`) and "Regular expression injection" (`swift/regex-injection`).