hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Swift: Fix MaD for methods

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2022-08-03 17:47:33 +01:00
parent 1c8090fa04
commit 24c9ab8015
3 changed files with 6 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
swift/ql/lib/codeql/swift/controlflow/CfgNodes.qll
View File

@@ -125,6 +125,8 @@ class ApplyExprCfgNode extends ExprCfgNode {
}
AbstractFunctionDecl getStaticTarget() { result = e.getStaticTarget() }
Expr getFunction() { result = e.getFunction() }
}
class CallExprCfgNode extends ApplyExprCfgNode {

5
swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll
View File

@@ -11,6 +11,7 @@ private import FlowSummaryImpl::Private
private import FlowSummaryImpl::Public
private import codeql.swift.dataflow.ExternalFlow
private import codeql.swift.dataflow.FlowSummary as FlowSummary
private import codeql.swift.controlflow.CfgNodes
class SummarizedCallableBase = AbstractFunctionDecl;
@@ -153,7 +154,9 @@ class InterpretNode extends TInterpretNode {
DataFlowCallable asCallable() { result.getUnderlyingCallable() = this.asElement() }
/** Gets the target of this call, if any. */
AbstractFunctionDecl getCallTarget() { result = this.asCall().asCall().getStaticTarget() }
AbstractFunctionDecl getCallTarget() {
result = this.asCall().asCall().getFunction().(ApplyExpr).getStaticTarget()
}
/** Gets a textual representation of this node. */
string toString() {

18
swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql
View File

@@ -17,24 +17,6 @@ import codeql.swift.dataflow.DataFlow
import codeql.swift.dataflow.TaintTracking
import codeql.swift.dataflow.FlowSources
import DataFlow::PathGraph
import codeql.swift.frameworks.StandardLibrary.String
/**
* A taint source that is `String(contentsOf:)`.
* TODO: this shouldn't be needed when `StringSource` in `String.qll` is working.
*/
class StringContentsOfUrlSource extends RemoteFlowSource {
StringContentsOfUrlSource() {
exists(CallExpr call, AbstractFunctionDecl f |
call.getFunction().(ApplyExpr).getStaticTarget() = f and
f.getName() = "init(contentsOf:)" and
f.getParam(0).getType().getName() = "URL" and
this.asExpr() = call
)
}
override string getSourceType() { result = "" }
}
/**
* A sink that is a candidate result for this query, such as certain arguments