Swift: Array.withUnsafeBytes doesn't reliably match ContiguousBytes, so define models there as well.

geoffw0 · geoffw0 · commit b41d47b91003 · 2023-08-04T09:18:36.000+01:00
diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Array.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Array.qll
@@ -26,6 +26,9 @@ private class ArraySummaries extends SummaryModelCsv {
         ";Array;true;withUnsafeMutableBufferPointer(_:);;;Argument[-1];Argument[0].Parameter[0];taint",
         ";Array;true;withUnsafeMutableBufferPointer(_:);;;Argument[0].Parameter[0];Argument[-1];taint",
         ";Array;true;withUnsafeMutableBufferPointer(_:);;;Argument[0].ReturnValue;ReturnValue;value",
+        ";Array;true;withUnsafeBytes(_:);;;Argument[-1];Argument[0].Parameter[0];taint",
+        ";Array;true;withUnsafeBytes(_:);;;Argument[-1].ArrayElement;Argument[0].Parameter[0];taint",
+        ";Array;true;withUnsafeBytes(_:);;;Argument[0].ReturnValue;ReturnValue;value",
         ";Array;true;withUnsafeMutableBytes(_:);;;Argument[-1];Argument[0].Parameter[0];taint",
         ";Array;true;withUnsafeMutableBytes(_:);;;Argument[0].Parameter[0];Argument[-1];taint",
         ";Array;true;withUnsafeMutableBytes(_:);;;Argument[0].ReturnValue;ReturnValue;value",
diff --git a/swift/ql/test/library-tests/dataflow/taint/libraries/int.swift b/swift/ql/test/library-tests/dataflow/taint/libraries/int.swift
@@ -19,7 +19,7 @@ func taintThroughClosurePointer() {
     sink(arg: ptr1[0]) // $ MISSING: tainted=13
     return source()
   })
-  sink(arg: return1) // $ MISSING: tainted=20
+  sink(arg: return1) // $ tainted=20
 
   // ---
 
@@ -110,7 +110,7 @@ func taintThroughMutablePointer() {
       sink(arg: ptr4[0]) // $ MISSING: tainted=97
       return source()
     })
-    sink(arg: return5) // $ MISSING: tainted=111
+    sink(arg: return5) // $ tainted=111
     return source()
   })
   sink(arg: return4) // $ tainted=114
