Swift: Delete the specific description, debugDescription models.

geoffw0 · geoffw0 · commit f12e45b2438b · 2023-09-27T16:39:54.000+01:00
diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/FilePath.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/FilePath.qll
@@ -61,11 +61,7 @@ private class FilePathFieldsInheritTaint extends TaintInheritingContent,
   FilePathFieldsInheritTaint() {
     exists(FieldDecl f | this.getField() = f |
       f.getEnclosingDecl().asNominalTypeDecl() instanceof FilePath and
-      f.getName() =
-        [
-          "description", "debugDescription", "components", "extension", "lastComponent", "root",
-          "stem", "string"
-        ]
+      f.getName() = ["components", "extension", "lastComponent", "root", "stem", "string"]
     )
   }
 }
diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/String.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/String.qll
@@ -131,8 +131,8 @@ private class StringSummaries extends SummaryModelCsv {
 }
 
 /**
- * A content implying that, if a `String` is tainted, then many of its fields are
- * tainted. This also includes fields declared in `StringProtocol`.
+ * A content implying that, if a `String`, `StringProtocol` or related class is tainted, then many
+ * of its fields are tainted.
  */
 private class StringFieldsInheritTaint extends TaintInheritingContent,
   DataFlow::Content::FieldContent
@@ -141,12 +141,11 @@ private class StringFieldsInheritTaint extends TaintInheritingContent,
     this.getField()
         .hasQualifiedName(["String", "StringProtocol"],
           [
-            "unicodeScalars", "utf8", "utf16", "lazy", "utf8CString", "description",
-            "debugDescription", "dataValue", "identifierValue", "capitalized",
-            "localizedCapitalized", "localizedLowercase", "localizedUppercase",
-            "decomposedStringWithCanonicalMapping", "decomposedStringWithCompatibilityMapping",
-            "precomposedStringWithCanonicalMapping", "precomposedStringWithCompatibilityMapping",
-            "removingPercentEncoding"
+            "unicodeScalars", "utf8", "utf16", "lazy", "utf8CString", "dataValue",
+            "identifierValue", "capitalized", "localizedCapitalized", "localizedLowercase",
+            "localizedUppercase", "decomposedStringWithCanonicalMapping",
+            "decomposedStringWithCompatibilityMapping", "precomposedStringWithCanonicalMapping",
+            "precomposedStringWithCompatibilityMapping", "removingPercentEncoding"
           ])
   }
 }
diff --git a/swift/ql/test/library-tests/dataflow/taint/libraries/files.swift b/swift/ql/test/library-tests/dataflow/taint/libraries/files.swift
@@ -184,8 +184,8 @@ func test_files(e1: Encoder) {
 
 	// --- FilePath member variables ---
 
-	sink(string: tainted.description) // $ tainted=133
-	sink(string: tainted.debugDescription) // $ tainted=133
+	sink(string: tainted.description) // $ MISSING: tainted=133
+	sink(string: tainted.debugDescription) // $ MISSING: tainted=133
 	sink(string: tainted.extension!) // $ tainted=133
 	sink(string: tainted.stem!) // $ tainted=133
 	sink(string: tainted.string) // $ tainted=133
diff --git a/swift/ql/test/library-tests/dataflow/taint/libraries/string.swift b/swift/ql/test/library-tests/dataflow/taint/libraries/string.swift
@@ -272,9 +272,9 @@ func taintThroughSimpleStringOperations() {
   sink(arg: [tainted, tainted].joined()) // $ MISSING: tainted=217
 
   sink(arg: clean.description)
-  sink(arg: tainted.description) // $ tainted=217
+  sink(arg: tainted.description) // $ MISSING: tainted=217
   sink(arg: clean.debugDescription)
-  sink(arg: tainted.debugDescription) // $ tainted=217
+  sink(arg: tainted.debugDescription) // $ MISSING: tainted=217
   sink(arg: clean.utf8)
   sink(arg: tainted.utf8) // $ tainted=217
   sink(arg: clean.utf16)

Original file line number	Diff line number	Diff line change
`@@ -61,11 +61,7 @@ private class FilePathFieldsInheritTaint extends TaintInheritingContent,`
`61`	`61`	`FilePathFieldsInheritTaint() {`
`62`	`62`	`exists(FieldDecl f \| this.getField() = f \|`
`63`	`63`	`f.getEnclosingDecl().asNominalTypeDecl() instanceof FilePath and`
`64`		`- f.getName() =`
`65`		`- [`
`66`		`- "description", "debugDescription", "components", "extension", "lastComponent", "root",`
`67`		`- "stem", "string"`
`68`		`- ]`
	`64`	`+ f.getName() = ["components", "extension", "lastComponent", "root", "stem", "string"]`
`69`	`65`	`)`
`70`	`66`	`}`
`71`	`67`	`}`