Swift: Add test case.

geoffw0 · geoffw0 · commit daa8141414ed · 2023-03-30T16:16:40.000+01:00
diff --git a/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected b/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected
@@ -111,10 +111,13 @@
 | testGRDB.swift:208:81:208:81 | password | label:password, type:credential |
 | testGRDB.swift:210:85:210:85 | password | label:password, type:credential |
 | testGRDB.swift:212:99:212:99 | password | label:password, type:credential |
+| testRealm.swift:31:20:31:20 | .password | label:password, type:credential |
 | testRealm.swift:41:11:41:11 | myPassword | label:myPassword, type:credential |
 | testRealm.swift:49:11:49:11 | myPassword | label:myPassword, type:credential |
 | testRealm.swift:59:12:59:12 | myPassword | label:myPassword, type:credential |
 | testRealm.swift:66:11:66:11 | myPassword | label:myPassword, type:credential |
+| testRealm.swift:73:2:73:4 | .password | label:password, type:credential |
+| testRealm.swift:73:15:73:15 | myPassword | label:myPassword, type:credential |
 | testSend.swift:29:19:29:19 | passwordPlain | label:passwordPlain, type:credential |
 | testSend.swift:33:19:33:19 | passwordPlain | label:passwordPlain, type:credential |
 | testSend.swift:45:13:45:13 | password | label:password, type:credential |
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testRealm.swift b/swift/ql/test/query-tests/Security/CWE-311/testRealm.swift
@@ -27,14 +27,14 @@ class MyRealmSwiftObject : RealmSwiftObject {
 	var data: String
 }
 
+class MyRealmSwiftObject2 : Object {
+	override init() { password = "" }
 
+	var username: String?
+	var password: String?
+}
 
-
-
-
-
-
-func test1(realm : Realm, myPassword : String, myHashedPassword : String) {
+func test1(realm : Realm, myUsername: String, myPassword : String, myHashedPassword : String) {
 	// add objects (within a transaction) ...
 
 	let a = MyRealmSwiftObject()
@@ -65,6 +65,13 @@ func test1(realm : Realm, myPassword : String, myHashedPassword : String) {
 	g.data = "" // GOOD (not sensitive)
 	g.data = myPassword // BAD
 	g.data = "" // GOOD (not sensitive)
+
+	// MyRealmSwiftObject2...
+
+	let h = MyRealmSwiftObject2()
+	h.username = myUsername // GOOD (not sensitive)
+	h.password = myPassword // BAD [NOT DETECTED]
+	realm.add(h)
 }
 
 // limitation: its possible to configure a Realm DB to be stored encrypted, if this is done correctly
