hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-23 15:55:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
This commit is contained in:
Tony Torralba
2022-12-20 14:14:05 +01:00
committed by GitHub
parent 46ea067449
commit 30aa9b230c
1 changed files with 4 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
swift/ql/src/queries/Security/CWE-943/PredicateInjection.qhelp
View File

@@ -9,25 +9,20 @@ be able to change the overall meaning of the predicate.
</overview>
<recommendation>
<p>
When building a predicate from untrusted data, pass it to the appropriate <code>arguments</code> parameter
during initialization, or as an array of substitution variables before evaluation, instead of appending
or concatenating it to the body of the predicate.
When building a predicate from untrusted data, you should either pass it to the appropriate <code>arguments</code> parameter during initialization, or as an array of substitution variables before evaluation. You should not append or concatenate it to the body of the predicate.
</p>
</recommendation>
<example>
<p>
In the following insecure example, a <code>NSPredicate</code> is built directly from data obtained from an HTTP request,
which is untrusted, and can be arbitrarily set by an attacker to alter the meaning of the predicate:
In the following insecure example, <code>NSPredicate</code> is built directly from data obtained from an HTTP request. This is untrusted, and can be arbitrarily set by an attacker to alter the meaning of the predicate:
</p>
<sample src="PredicateInjectionBad.swift" />
<p>
A better way to do this is using the <code>arguments</code> parameter of <code>NSPredicate</code>'s constructor,
which prevents attackers from altering the meaning of the predicate, even if they control the externally-obtained data,
as seen in the following secure example:
A better way to do this is to use the <code>arguments</code> parameter of <code>NSPredicate</code>'s constructor. This prevents attackers from altering the meaning of the predicate, even if they control the externally obtained data, as seen in the following secure example:
</p>
<sample src="PredicateInjectionGood.swift" />
</example>
<references>
<li>Apple Developer documentation: <a href="https://developer.apple.com/documentation/foundation/nspredicate">NSPredicate</a> </li>
<li>Apple Developer Documentation: <a href="https://developer.apple.com/documentation/foundation/nspredicate">NSPredicate</a> </li>
</references>
</qhelp>