hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 09:15:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Swift: Model Collection.makeIterator().

Browse Source
This commit is contained in:
Geoffrey White
2024-11-28 10:07:44 +00:00
parent d1915c707d
commit 1d43abfe4d
6 changed files with 49 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Collection.qll
View File

@@ -44,6 +44,7 @@ private class CollectionSummaries extends SummaryModelCsv {
";Collection;true;trimmingPrefix(_:);;;Argument[-1].CollectionElement;ReturnValue.CollectionElement;value",
";Collection;true;trimmingPrefix(while:);;;Argument[-1];ReturnValue;taint",
";Collection;true;trimmingPrefix(while:);;;Argument[-1].CollectionElement;ReturnValue.CollectionElement;value",
";Collection;true;makeIterator();;;Argument[-1].CollectionElement;ReturnValue.CollectionElement;value",
";RangeReplaceableCollection;true;init(_:);;;Argument[0];ReturnValue.CollectionElement;taint",
";RangeReplaceableCollection;true;init(_:);;;Argument[0].CollectionElement;ReturnValue.CollectionElement;value",
";RangeReplaceableCollection;true;init(repeating:count:);;;Argument[0];ReturnValue.CollectionElement;value",

39
swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
View File

@@ -135,9 +135,15 @@ edges
| test2.swift:69:10:69:10 | key | test2.swift:70:19:70:19 | key | provenance | |
| test2.swift:69:25:69:25 | call to makeIterator() [Collection element, Tuple element at index 0] | test2.swift:69:5:69:5 | $generator [Collection element, Tuple element at index 0] | provenance | |
| test2.swift:69:25:69:25 | d4 [Collection element, Tuple element at index 0] | test2.swift:69:25:69:25 | call to makeIterator() [Collection element, Tuple element at index 0] | provenance | |
| test2.swift:76:14:76:47 | [...] [Collection element] | test2.swift:78:14:78:14 | a1 [Collection element] | provenance | |
| test2.swift:76:14:76:47 | [...] [Collection element] | test2.swift:82:19:82:19 | a1 [Collection element] | provenance | |
| test2.swift:76:14:76:47 | [...] [Collection element] | test2.swift:84:20:84:20 | a1 [Collection element] | provenance | |
| test2.swift:76:30:76:46 | call to source(_:) | test2.swift:76:14:76:47 | [...] [Collection element] | provenance | |
| test2.swift:78:5:78:5 | $v$generator [Collection element] | test2.swift:78:5:78:5 | call to next() [some:0] | provenance | |
| test2.swift:78:5:78:5 | call to next() [some:0] | test2.swift:78:9:78:9 | v | provenance | |
| test2.swift:78:9:78:9 | v | test2.swift:79:19:79:19 | v | provenance | |
| test2.swift:78:14:78:14 | a1 [Collection element] | test2.swift:78:14:78:14 | call to makeIterator() [Collection element] | provenance | |
| test2.swift:78:14:78:14 | call to makeIterator() [Collection element] | test2.swift:78:5:78:5 | $v$generator [Collection element] | provenance | |
| test2.swift:82:19:82:19 | a1 [Collection element] | test2.swift:82:19:82:24 | ...[...] | provenance | |
| test2.swift:84:5:84:5 | $generator [Collection element, Tuple element at index 1] | test2.swift:84:5:84:5 | call to next() [some:0, Tuple element at index 1] | provenance | |
| test2.swift:84:5:84:5 | call to next() [some:0, Tuple element at index 1] | test2.swift:84:9:84:15 | (...) [Tuple element at index 1] | provenance | |
@@ -146,9 +152,15 @@ edges
| test2.swift:84:20:84:20 | a1 [Collection element] | test2.swift:84:20:84:34 | call to enumerated() [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:84:20:84:34 | call to enumerated() [Collection element, Tuple element at index 1] | test2.swift:84:20:84:34 | call to makeIterator() [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:84:20:84:34 | call to makeIterator() [Collection element, Tuple element at index 1] | test2.swift:84:5:84:5 | $generator [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:93:5:93:5 | [post] a2 [Collection element] | test2.swift:95:14:95:14 | a2 [Collection element] | provenance | |
| test2.swift:93:5:93:5 | [post] a2 [Collection element] | test2.swift:99:19:99:19 | a2 [Collection element] | provenance | |
| test2.swift:93:5:93:5 | [post] a2 [Collection element] | test2.swift:101:20:101:20 | a2 [Collection element] | provenance | |
| test2.swift:93:13:93:29 | call to source(_:) | test2.swift:93:5:93:5 | [post] a2 [Collection element] | provenance | |
| test2.swift:95:5:95:5 | $v$generator [Collection element] | test2.swift:95:5:95:5 | call to next() [some:0] | provenance | |
| test2.swift:95:5:95:5 | call to next() [some:0] | test2.swift:95:9:95:9 | v | provenance | |
| test2.swift:95:9:95:9 | v | test2.swift:96:19:96:19 | v | provenance | |
| test2.swift:95:14:95:14 | a2 [Collection element] | test2.swift:95:14:95:14 | call to makeIterator() [Collection element] | provenance | |
| test2.swift:95:14:95:14 | call to makeIterator() [Collection element] | test2.swift:95:5:95:5 | $v$generator [Collection element] | provenance | |
| test2.swift:99:19:99:19 | a2 [Collection element] | test2.swift:99:19:99:24 | ...[...] | provenance | |
| test2.swift:101:5:101:5 | $generator [Collection element, Tuple element at index 1] | test2.swift:101:5:101:5 | call to next() [some:0, Tuple element at index 1] | provenance | |
| test2.swift:101:5:101:5 | call to next() [some:0, Tuple element at index 1] | test2.swift:101:9:101:15 | (...) [Tuple element at index 1] | provenance | |
@@ -712,9 +724,15 @@ edges
| test.swift:849:19:849:24 | v | test.swift:850:15:850:15 | v | provenance | |
| test.swift:856:29:856:40 | args [Collection element] | test.swift:859:15:859:15 | args [Collection element] | provenance | |
| test.swift:856:29:856:40 | args [Collection element] | test.swift:860:15:860:15 | args [Collection element] | provenance | |
| test.swift:856:29:856:40 | args [Collection element] | test.swift:862:16:862:16 | args [Collection element] | provenance | |
| test.swift:856:29:856:40 | args [Collection element] | test.swift:867:15:867:15 | args [Collection element] | provenance | |
| test.swift:859:15:859:15 | args [Collection element] | test.swift:859:15:859:21 | ...[...] | provenance | |
| test.swift:860:15:860:15 | args [Collection element] | test.swift:860:15:860:21 | ...[...] | provenance | |
| test.swift:862:5:862:5 | $arg$generator [Collection element] | test.swift:862:5:862:5 | call to next() [some:0] | provenance | |
| test.swift:862:5:862:5 | call to next() [some:0] | test.swift:862:9:862:9 | arg | provenance | |
| test.swift:862:9:862:9 | arg | test.swift:863:19:863:19 | arg | provenance | |
| test.swift:862:16:862:16 | args [Collection element] | test.swift:862:16:862:16 | call to makeIterator() [Collection element] | provenance | |
| test.swift:862:16:862:16 | call to makeIterator() [Collection element] | test.swift:862:5:862:5 | $arg$generator [Collection element] | provenance | |
| test.swift:866:21:866:29 | enter #keyPath(...) [Collection element] | test.swift:866:27:866:29 | KeyPathComponent | provenance | |
| test.swift:866:27:866:29 | KeyPathComponent | test.swift:866:21:866:29 | exit #keyPath(...) | provenance | |
| test.swift:867:15:867:15 | args [Collection element] | test.swift:866:21:866:29 | enter #keyPath(...) [Collection element] | provenance | |
@@ -908,6 +926,12 @@ nodes
| test2.swift:70:19:70:19 | key | semmle.label | key |
| test2.swift:76:14:76:47 | [...] [Collection element] | semmle.label | [...] [Collection element] |
| test2.swift:76:30:76:46 | call to source(_:) | semmle.label | call to source(_:) |
| test2.swift:78:5:78:5 | $v$generator [Collection element] | semmle.label | $v$generator [Collection element] |
| test2.swift:78:5:78:5 | call to next() [some:0] | semmle.label | call to next() [some:0] |
| test2.swift:78:9:78:9 | v | semmle.label | v |
| test2.swift:78:14:78:14 | a1 [Collection element] | semmle.label | a1 [Collection element] |
| test2.swift:78:14:78:14 | call to makeIterator() [Collection element] | semmle.label | call to makeIterator() [Collection element] |
| test2.swift:79:19:79:19 | v | semmle.label | v |
| test2.swift:82:19:82:19 | a1 [Collection element] | semmle.label | a1 [Collection element] |
| test2.swift:82:19:82:24 | ...[...] | semmle.label | ...[...] |
| test2.swift:84:5:84:5 | $generator [Collection element, Tuple element at index 1] | semmle.label | $generator [Collection element, Tuple element at index 1] |
@@ -920,6 +944,12 @@ nodes
| test2.swift:86:19:86:19 | v | semmle.label | v |
| test2.swift:93:5:93:5 | [post] a2 [Collection element] | semmle.label | [post] a2 [Collection element] |
| test2.swift:93:13:93:29 | call to source(_:) | semmle.label | call to source(_:) |
| test2.swift:95:5:95:5 | $v$generator [Collection element] | semmle.label | $v$generator [Collection element] |
| test2.swift:95:5:95:5 | call to next() [some:0] | semmle.label | call to next() [some:0] |
| test2.swift:95:9:95:9 | v | semmle.label | v |
| test2.swift:95:14:95:14 | a2 [Collection element] | semmle.label | a2 [Collection element] |
| test2.swift:95:14:95:14 | call to makeIterator() [Collection element] | semmle.label | call to makeIterator() [Collection element] |
| test2.swift:96:19:96:19 | v | semmle.label | v |
| test2.swift:99:19:99:19 | a2 [Collection element] | semmle.label | a2 [Collection element] |
| test2.swift:99:19:99:24 | ...[...] | semmle.label | ...[...] |
| test2.swift:101:5:101:5 | $generator [Collection element, Tuple element at index 1] | semmle.label | $generator [Collection element, Tuple element at index 1] |
@@ -1518,6 +1548,12 @@ nodes
| test.swift:859:15:859:21 | ...[...] | semmle.label | ...[...] |
| test.swift:860:15:860:15 | args [Collection element] | semmle.label | args [Collection element] |
| test.swift:860:15:860:21 | ...[...] | semmle.label | ...[...] |
| test.swift:862:5:862:5 | $arg$generator [Collection element] | semmle.label | $arg$generator [Collection element] |
| test.swift:862:5:862:5 | call to next() [some:0] | semmle.label | call to next() [some:0] |
| test.swift:862:9:862:9 | arg | semmle.label | arg |
| test.swift:862:16:862:16 | args [Collection element] | semmle.label | args [Collection element] |
| test.swift:862:16:862:16 | call to makeIterator() [Collection element] | semmle.label | call to makeIterator() [Collection element] |
| test.swift:863:19:863:19 | arg | semmle.label | arg |
| test.swift:866:21:866:29 | enter #keyPath(...) [Collection element] | semmle.label | enter #keyPath(...) [Collection element] |
| test.swift:866:21:866:29 | exit #keyPath(...) | semmle.label | exit #keyPath(...) |
| test.swift:866:27:866:29 | KeyPathComponent | semmle.label | KeyPathComponent |
@@ -1661,8 +1697,10 @@ subpaths
| test2.swift:53:15:53:28 | ... ??(_:_:) ... | test2.swift:46:17:46:33 | call to source(_:) | test2.swift:53:15:53:28 | ... ??(_:_:) ... | result |
| test2.swift:54:15:54:24 | ...! | test2.swift:46:17:46:33 | call to source(_:) | test2.swift:54:15:54:24 | ...! | result |
| test2.swift:70:19:70:19 | key | test2.swift:60:8:60:24 | call to source(_:) | test2.swift:70:19:70:19 | key | result |
| test2.swift:79:19:79:19 | v | test2.swift:76:30:76:46 | call to source(_:) | test2.swift:79:19:79:19 | v | result |
| test2.swift:82:19:82:24 | ...[...] | test2.swift:76:30:76:46 | call to source(_:) | test2.swift:82:19:82:24 | ...[...] | result |
| test2.swift:86:19:86:19 | v | test2.swift:76:30:76:46 | call to source(_:) | test2.swift:86:19:86:19 | v | result |
| test2.swift:96:19:96:19 | v | test2.swift:93:13:93:29 | call to source(_:) | test2.swift:96:19:96:19 | v | result |
| test2.swift:99:19:99:24 | ...[...] | test2.swift:93:13:93:29 | call to source(_:) | test2.swift:99:19:99:24 | ...[...] | result |
| test2.swift:103:19:103:19 | v | test2.swift:93:13:93:29 | call to source(_:) | test2.swift:103:19:103:19 | v | result |
| test.swift:7:15:7:15 | t1 | test.swift:6:19:6:26 | call to source() | test.swift:7:15:7:15 | t1 | result |
@@ -1789,6 +1827,7 @@ subpaths
| test.swift:850:15:850:15 | v | test.swift:872:18:872:25 | call to source() | test.swift:850:15:850:15 | v | result |
| test.swift:859:15:859:21 | ...[...] | test.swift:873:24:873:31 | call to source() | test.swift:859:15:859:21 | ...[...] | result |
| test.swift:860:15:860:21 | ...[...] | test.swift:873:24:873:31 | call to source() | test.swift:860:15:860:21 | ...[...] | result |
| test.swift:863:19:863:19 | arg | test.swift:873:24:873:31 | call to source() | test.swift:863:19:863:19 | arg | result |
| test.swift:867:15:867:38 | \\...[...] | test.swift:873:24:873:31 | call to source() | test.swift:867:15:867:38 | \\...[...] | result |
| test.swift:880:19:880:19 | elem | test.swift:877:21:877:28 | call to source() | test.swift:880:19:880:19 | elem | result |
| test.swift:884:15:884:31 | ...! | test.swift:877:21:877:28 | call to source() | test.swift:884:15:884:31 | ...! | result |

2
swift/ql/test/library-tests/dataflow/dataflow/test.swift
View File

@@ -860,7 +860,7 @@ func testVarargs3(_ v: Int, _ args: Int...) {
sink(arg: args[1]) // $ flow=873
for arg in args {
sink(arg: arg) // $ MISSING: flow=873
sink(arg: arg) // $ flow=873
}
let myKeyPath = \[Int][1]

4
swift/ql/test/library-tests/dataflow/dataflow/test2.swift
View File

@@ -76,7 +76,7 @@ func testArrays1() {
var a1 = ["a", "b", "c", source("source5")]
for v in a1 {
sink(arg: v) // $ MISSING: flow=source5
sink(arg: v) // $ flow=source5
}
for ix in 0 ..< a1.count {
sink(arg: a1[ix]) // $ flow=source5
@@ -93,7 +93,7 @@ func testArrays2() {
a2[1] = source("source6")
for v in a2 {
sink(arg: v) // $ MISSING: flow=source6
sink(arg: v) // $ flow=source6
}
for ix in 0 ..< a2.count {
sink(arg: a2[ix]) // $ flow=source6

3
swift/ql/test/query-tests/Security/CWE-020/MissingRegexAnchor.expected
View File

@@ -46,6 +46,9 @@
| UnanchoredUrlRegex.swift:71:46:71:46 | https?://good.com | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
| UnanchoredUrlRegex.swift:78:39:78:39 | https?://good.com | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
| UnanchoredUrlRegex.swift:79:39:79:39 | https?://good.com:8080 | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
| UnanchoredUrlRegex.swift:82:3:82:3 | https?://good.com | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
| UnanchoredUrlRegex.swift:83:3:83:3 | https?:\\/\\/good.com | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
| UnanchoredUrlRegex.swift:84:3:84:3 | ^https?://good.com | This hostname pattern may match any domain name, as it is missing a '$' or '/' at the end. |
| UnanchoredUrlRegex.swift:91:3:91:3 | https?://good.com | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
| UnanchoredUrlRegex.swift:101:39:101:39 | https?:\\/\\/good.com\\/([0-9]+) | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |
| UnanchoredUrlRegex.swift:107:39:107:39 | example\\.com\|whatever | When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it. |

6
swift/ql/test/query-tests/Security/CWE-020/UnanchoredUrlRegex.swift
View File

@@ -79,9 +79,9 @@ func tests(url: String, secure: Bool) throws {
_ = try NSRegularExpression(pattern: #"https?://good.com:8080"#).firstMatch(in: input, range: inputRange) // BAD (missing anchor)
let trustedUrlRegexs = [
"https?://good.com", // BAD (missing anchor), referenced below [NOT DETECTED]
#"https?:\/\/good.com"#, // BAD (missing anchor), referenced below [NOT DETECTED]
"^https?://good.com" // BAD (missing post-anchor), referenced below [NOT DETECTED]
"https?://good.com", // BAD (missing anchor), referenced below
#"https?:\/\/good.com"#, // BAD (missing anchor), referenced below
"^https?://good.com" // BAD (missing post-anchor), referenced below
]
for trustedUrlRegex in trustedUrlRegexs {
if let _ = try NSRegularExpression(pattern: trustedUrlRegex).firstMatch(in: input, range: inputRange) { }