From 16ec29e3df67f6fe65ce1dcaa9ed35544e30a87c Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 14 Feb 2023 17:46:31 +0000
Subject: [PATCH] Swift: Test taint throguh some NSObject methods.

---
 .../dataflow/taint/nsstring.swift             | 27 ++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/swift/ql/test/library-tests/dataflow/taint/nsstring.swift b/swift/ql/test/library-tests/dataflow/taint/nsstring.swift
index da39444b260..e71b0d6154b 100644
--- a/swift/ql/test/library-tests/dataflow/taint/nsstring.swift
+++ b/swift/ql/test/library-tests/dataflow/taint/nsstring.swift
@@ -4,9 +4,22 @@
 typealias unichar = UInt16
 
 class NSObject {
+  func copy() -> Any { return 0 }
+  func mutableCopy() -> Any { return 0 }
 }
 
-class NSString : NSObject {
+struct NSZone {
+}
+
+protocol NSCopying {
+  func copy(with zone: NSZone?) -> Any
+}
+
+protocol NSMutableCopying {
+  func mutableCopy(with zone: NSZone?) -> Any
+}
+
+class NSString : NSObject, NSCopying, NSMutableCopying {
   struct EncodingConversionOptions : OptionSet {
     let rawValue: Int
   }
@@ -37,6 +50,9 @@ class NSString : NSObject {
   convenience init?(contentsOfFile path: String) { self.init(string: "") }
   convenience init?(contentsOf url: URL) { self.init(string: "") }
 
+  func copy(with zone: NSZone? = nil) -> Any { return 0 }
+  func mutableCopy(with zone: NSZone? = nil) -> Any { return 0 }
+
   class func localizedStringWithFormat(_ format: NSString, _ args: CVarArg) -> Self { return (nil as Self?)! }
   class func path(withComponents components: [String]) -> String { return "" }
   class func string(withCString bytes: UnsafePointer<CChar>) -> Any? { return nil }
@@ -322,4 +338,13 @@ func taintThroughInterpolatedStrings() {
     sink(arg: outBuffer) // $ MISSING: tainted=
     sink(arg: outBuffer.pointee) // $ MISSING: tainted=
   }
+
+  // `NSObject` methods
+
+  var str20 = sourceNSString()
+
+  sink(arg: str20.copy()) // $ MISSING: tainted=
+  sink(arg: str20.mutableCopy()) // $ MISSING: tainted=
+  sink(arg: str20.copy(with: nil)) // $ MISSING: tainted=
+  sink(arg: str20.mutableCopy(with: nil)) // $ MISSING: tainted=
 }