hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Swift: Test taint throguh some NSObject methods.

Browse Source
This commit is contained in:
Geoffrey White
2023-02-14 17:46:31 +00:00
parent 85a0fd9b30
commit 16ec29e3df
1 changed files with 26 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
swift/ql/test/library-tests/dataflow/taint/nsstring.swift
View File

@@ -4,9 +4,22 @@
typealias unichar = UInt16 typealias unichar = UInt16
class NSObject { class NSObject {
func copy() -> Any { return 0 }
func mutableCopy() -> Any { return 0 }
} }
class NSString : NSObject { struct NSZone {
}
protocol NSCopying {
func copy(with zone: NSZone?) -> Any
}
protocol NSMutableCopying {
func mutableCopy(with zone: NSZone?) -> Any
}
class NSString : NSObject, NSCopying, NSMutableCopying {
struct EncodingConversionOptions : OptionSet { struct EncodingConversionOptions : OptionSet {
let rawValue: Int let rawValue: Int
} }
@@ -37,6 +50,9 @@ class NSString : NSObject {
convenience init?(contentsOfFile path: String) { self.init(string: "") } convenience init?(contentsOfFile path: String) { self.init(string: "") }
convenience init?(contentsOf url: URL) { self.init(string: "") } convenience init?(contentsOf url: URL) { self.init(string: "") }
func copy(with zone: NSZone? = nil) -> Any { return 0 }
func mutableCopy(with zone: NSZone? = nil) -> Any { return 0 }
class func localizedStringWithFormat(_ format: NSString, _ args: CVarArg) -> Self { return (nil as Self?)! } class func localizedStringWithFormat(_ format: NSString, _ args: CVarArg) -> Self { return (nil as Self?)! }
class func path(withComponents components: [String]) -> String { return "" } class func path(withComponents components: [String]) -> String { return "" }
class func string(withCString bytes: UnsafePointer<CChar>) -> Any? { return nil } class func string(withCString bytes: UnsafePointer<CChar>) -> Any? { return nil }
@@ -322,4 +338,13 @@ func taintThroughInterpolatedStrings() {
sink(arg: outBuffer) // $ MISSING: tainted= sink(arg: outBuffer) // $ MISSING: tainted=
sink(arg: outBuffer.pointee) // $ MISSING: tainted= sink(arg: outBuffer.pointee) // $ MISSING: tainted=
} }
// `NSObject` methods
var str20 = sourceNSString()
sink(arg: str20.copy()) // $ MISSING: tainted=
sink(arg: str20.mutableCopy()) // $ MISSING: tainted=
sink(arg: str20.copy(with: nil)) // $ MISSING: tainted=
sink(arg: str20.mutableCopy(with: nil)) // $ MISSING: tainted=
} }