hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Swift: Add models.

Browse Source
This commit is contained in:
Geoffrey White
2023-08-08 09:57:21 +01:00
parent cb6aed18f3
commit 09346c76e7
2 changed files with 15 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
swift/ql/lib/codeql/swift/frameworks/UIKit/UITextField.qll
View File

@@ -1,15 +1,22 @@
/**
* Provides models for the `UITextField` Swift class.
* Provides models for the `UITextField` and related Swift class.
*/
import swift
private import codeql.swift.dataflow.ExternalFlow
/**
* A model for `UITextField` members that are flow sources.
* A model for `UITextField` and `UITextInput` members that are flow sources.
*/
private class UITextFieldSource extends SourceModelCsv {
override predicate row(string row) {
row = [";UITextField;true;text;;;;local", ";UITextField;true;attributedText;;;;local"]
row =
[
";UITextField;true;text;;;;local", ";UITextField;true;attributedText;;;;local",
";UITextFieldDelegate;true;textField(_:shouldChangeCharactersIn:replacementString:);;;Parameter[2];local",
";UITextViewDelegate;true;textView(_:shouldChangeTextIn:replacementText:);;;Parameter[2];local",
";UITextInput;true;text(in:);;;ReturnValue;local",
";UITextInput;true;shouldChangeText(in:replacementText:);;;Parameter[1];local",
]
}
}

10
swift/ql/test/library-tests/dataflow/flowsources/uikit.swift
View File

@@ -55,16 +55,16 @@ class MyTextInput : UITextInput {
func text(in range: UITextRange) -> String? { return nil }
func harmless(in range: UITextRange) -> String? { return nil }
func shouldChangeText(in range: UITextRange, replacementText text: String) -> Bool { // $ MISSING: source=local
sink(arg: text) // $ MISSING: tainted=
func shouldChangeText(in range: UITextRange, replacementText text: String) -> Bool { // $ source=local
sink(arg: text) // $ tainted
return true
}
}
class MyUITextFieldDelegate : UITextFieldDelegate {
func textField(_ textField: UITextField, shouldChangeCharactersIn range: NSRange, replacementString string: String) -> Bool { // $ MISSING: source=local
sink(arg: string) // $ MISSING: tainted=
func textField(_ textField: UITextField, shouldChangeCharactersIn range: NSRange, replacementString string: String) -> Bool { // $ source=local
sink(arg: string) // $ tainted
return true
}
@@ -77,6 +77,6 @@ func test(textField: UITextField, searchTextField: UISearchTextField, myTextInpu
_ = textField.text?.uppercased() // $ source=local
_ = searchTextField.text // $ source=local
_ = myTextInput.text(in: range)! // $ MISSING: source=local
_ = myTextInput.text(in: range)! // $ source=local
_ = myTextInput.harmless(in: range)! // GOOD (not input)
}