Swift: WIP SetContent for dataflow

Author: rdmarsh2

swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll

@@ -492,6 +492,9 @@ predicate parseContent(AccessPathToken component, Content content) {
   or
   component.getName() = "ArrayElement" and
   content instanceof Content::ArrayContent
+  or
+  component.getName() = "SetElement" and
+  content instanceof Content::SetContent
 }
 
 cached

swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll

@@ -256,7 +256,8 @@ private module Cached {
     TFieldContent(FieldDecl f) or
     TTupleContent(int index) { exists(any(TupleExpr te).getElement(index)) } or
     TEnumContent(ParamDecl f) { exists(EnumElementDecl d | d.getAParam() = f) } or
-    TArrayContent()
+    TArrayContent() or
+    TSetContent()
 }
 
 /**
@@ -898,7 +899,7 @@ class DataFlowExpr = Expr;
  * Holds if access paths with `c` at their head always should be tracked at high
  * precision. This disables adaptive access path precision for such access paths.
  */
-predicate forceHighPrecision(Content c) { c instanceof Content::ArrayContent }
+predicate forceHighPrecision(Content c) { c instanceof Content::ArrayContent or c instanceof Content::SetContent }
 
 /**
  * Holds if the node `n` is unreachable when the call context is `call`.

swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPublic.qll

@@ -224,6 +224,11 @@ module Content {
   class ArrayContent extends Content, TArrayContent {
     override string toString() { result = "Array element" }
   }
+
+  /** An element of a set */
+  class SetContent extends Content, TSetContent {
+    override string toString() { result = "Set element" }
+  }
 }
 
 /**

swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll

@@ -114,6 +114,11 @@ private string getContentSpecific(ContentSet cs) {
     cs.isSingleton(c) and
     result = "ArrayElement"
   )
+  or
+  exists(Content::SetContent c |
+    cs.isSingleton(c) and
+    result = "SetElement"
+  )
 }
 
 /** Gets the textual representation of a summary component in the format used for MaD models. */

swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Set.qll

@@ -0,0 +1,15 @@
+private import codeql.swift.dataflow.ExternalFlow
+
+/**
+ * A model for `Set` and related class members that permit data flow.
+ */
+private class SetSummaries extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        ";Set;true;insert(_:);;;Argument[-1].SetElement;ReturnValue.TupleElement[1];value",
+        ";Set;true;insert(_:);;;Argument[0];Argument[-1].SetElement;value",
+        ";Set;true;randomElement();;;Argument[-1].SetElement;ReturnValue;value"
+      ]
+  }
+}

swift/ql/lib/codeql/swift/frameworks/StandardLibrary/StandardLibrary.qll

@@ -15,6 +15,7 @@ private import NsObject
 private import NsString
 private import NsUrl
 private import Sequence
+private import Set
 private import String
 private import Url
 private import UrlSession

swift/ql/test/library-tests/dataflow/dataflow/test.swift

@@ -693,3 +693,13 @@ func testArray() {
     arr6.insert(source(), at: 2)
     sink(arg: arr6[0]) // $ flow=693
 }
+
+func testSetCollections() {
+    var set1: Set = [1,2,3]
+    sink(arg: set1.randomElement()!)
+    set1.insert(source())
+    sink(arg: set1.randomElement()!) // $ MISSING: flow=700
+
+    let set2 = Set([source()])
+    sink(arg: set2.randomElement()!) // $ MISSING: flow=703
+}