mirror of
https://github.com/github/codeql.git
synced 2026-04-26 09:15:12 +02:00
Swift: Model LosslessStringConvertible.
This commit is contained in:
Geoffrey White
@@ -27,7 +27,7 @@ private class StringSource extends SourceModelCsv {
|
||||
}
|
||||
|
||||
/**
|
||||
* A model for `String` and `StringProtocol` members that permit taint flow.
|
||||
* A model for members of `String`, `StringProtocol` and similar classes that permit taint flow.
|
||||
*/
|
||||
private class StringSummaries extends SummaryModelCsv {
|
||||
override predicate row(string row) {
|
||||
@@ -111,7 +111,8 @@ private class StringSummaries extends SummaryModelCsv {
|
||||
";String;true;randomElement();;;Argument[-1];ReturnValue;taint",
|
||||
";String;true;randomElement(using:);;;Argument[-1];ReturnValue;taint",
|
||||
";String;true;enumerated();;;Argument[-1];ReturnValue;taint",
|
||||
";String;true;encode(to:);;;Argument[-1];Argument[0];taint"
|
||||
";String;true;encode(to:);;;Argument[-1];Argument[0];taint",
|
||||
";LosslessStringConvertible;true;init(_:);;;Argument[0];ReturnValue;taint",
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
@@ -10,6 +10,7 @@
|
||||
| conversions.swift:15:7:15:7 | self | conversions.swift:15:7:15:7 | SSA def(self) |
|
||||
| conversions.swift:16:11:16:11 | SSA def(self) | conversions.swift:16:11:16:42 | self[return] |
|
||||
| conversions.swift:16:11:16:11 | self | conversions.swift:16:11:16:11 | SSA def(self) |
|
||||
| conversions.swift:16:11:16:42 | [summary param] 0 in MyString.init(_:) | conversions.swift:16:11:16:42 | [summary] to write: ReturnValue in MyString.init(_:) |
|
||||
| conversions.swift:18:28:18:28 | SSA def(self) | conversions.swift:18:28:18:44 | self[return] |
|
||||
| conversions.swift:18:28:18:28 | self | conversions.swift:18:28:18:28 | SSA def(self) |
|
||||
| conversions.swift:19:33:19:33 | SSA def(self) | conversions.swift:19:33:19:49 | self[return] |
|
||||
@@ -73,6 +74,7 @@
|
||||
| conversions.swift:80:6:80:6 | ms1 | conversions.swift:80:6:80:6 | SSA def(ms1) |
|
||||
| conversions.swift:80:12:80:26 | call to MyString.init(_:) | conversions.swift:80:12:80:27 | ...! |
|
||||
| conversions.swift:80:12:80:27 | ...! | conversions.swift:80:6:80:6 | ms1 |
|
||||
| conversions.swift:80:21:80:21 | abc | conversions.swift:80:12:80:26 | call to MyString.init(_:) |
|
||||
| conversions.swift:81:12:81:12 | [post] ms1 | conversions.swift:82:12:82:12 | ms1 |
|
||||
| conversions.swift:81:12:81:12 | ms1 | conversions.swift:82:12:82:12 | ms1 |
|
||||
| conversions.swift:82:12:82:12 | [post] ms1 | conversions.swift:83:12:83:12 | ms1 |
|
||||
@@ -83,6 +85,7 @@
|
||||
| conversions.swift:86:6:86:6 | ms2 | conversions.swift:86:6:86:6 | SSA def(ms2) |
|
||||
| conversions.swift:86:12:86:35 | call to MyString.init(_:) | conversions.swift:86:12:86:36 | ...! |
|
||||
| conversions.swift:86:12:86:36 | ...! | conversions.swift:86:6:86:6 | ms2 |
|
||||
| conversions.swift:86:21:86:34 | call to sourceString() | conversions.swift:86:12:86:35 | call to MyString.init(_:) |
|
||||
| conversions.swift:87:12:87:12 | [post] ms2 | conversions.swift:88:12:88:12 | ms2 |
|
||||
| conversions.swift:87:12:87:12 | ms2 | conversions.swift:88:12:88:12 | ms2 |
|
||||
| conversions.swift:88:12:88:12 | [post] ms2 | conversions.swift:89:12:89:12 | ms2 |
|
||||
|
||||
@@ -36,6 +36,11 @@ edges
|
||||
| conversions.swift:72:12:72:24 | call to sourceFloat() | conversions.swift:72:12:72:26 | .exponent |
|
||||
| conversions.swift:73:12:73:24 | call to sourceFloat() | conversions.swift:73:12:73:26 | .significand |
|
||||
| conversions.swift:78:19:78:32 | call to sourceString() | conversions.swift:78:12:78:33 | call to String.init(_:) |
|
||||
| conversions.swift:86:12:86:35 | call to MyString.init(_:) | conversions.swift:86:12:86:35 | call to MyString.init(_:) [some:0] |
|
||||
| conversions.swift:86:12:86:35 | call to MyString.init(_:) | conversions.swift:87:12:87:12 | ms2 |
|
||||
| conversions.swift:86:12:86:35 | call to MyString.init(_:) [some:0] | conversions.swift:86:12:86:36 | ...! |
|
||||
| conversions.swift:86:12:86:36 | ...! | conversions.swift:87:12:87:12 | ms2 |
|
||||
| conversions.swift:86:21:86:34 | call to sourceString() | conversions.swift:86:12:86:35 | call to MyString.init(_:) |
|
||||
| conversions.swift:94:31:94:44 | call to sourceString() | conversions.swift:95:12:95:12 | parent |
|
||||
| conversions.swift:94:31:94:44 | call to sourceString() | conversions.swift:96:12:96:12 | parent |
|
||||
| conversions.swift:94:31:94:44 | call to sourceString() | conversions.swift:98:40:98:40 | parent |
|
||||
@@ -189,6 +194,11 @@ nodes
|
||||
| conversions.swift:77:12:77:25 | call to sourceString() | semmle.label | call to sourceString() |
|
||||
| conversions.swift:78:12:78:33 | call to String.init(_:) | semmle.label | call to String.init(_:) |
|
||||
| conversions.swift:78:19:78:32 | call to sourceString() | semmle.label | call to sourceString() |
|
||||
| conversions.swift:86:12:86:35 | call to MyString.init(_:) | semmle.label | call to MyString.init(_:) |
|
||||
| conversions.swift:86:12:86:35 | call to MyString.init(_:) [some:0] | semmle.label | call to MyString.init(_:) [some:0] |
|
||||
| conversions.swift:86:12:86:36 | ...! | semmle.label | ...! |
|
||||
| conversions.swift:86:21:86:34 | call to sourceString() | semmle.label | call to sourceString() |
|
||||
| conversions.swift:87:12:87:12 | ms2 | semmle.label | ms2 |
|
||||
| conversions.swift:94:31:94:44 | call to sourceString() | semmle.label | call to sourceString() |
|
||||
| conversions.swift:95:12:95:12 | parent | semmle.label | parent |
|
||||
| conversions.swift:96:12:96:12 | parent | semmle.label | parent |
|
||||
@@ -351,6 +361,7 @@ subpaths
|
||||
| conversions.swift:73:12:73:26 | .significand | conversions.swift:73:12:73:24 | call to sourceFloat() | conversions.swift:73:12:73:26 | .significand | result |
|
||||
| conversions.swift:77:12:77:25 | call to sourceString() | conversions.swift:77:12:77:25 | call to sourceString() | conversions.swift:77:12:77:25 | call to sourceString() | result |
|
||||
| conversions.swift:78:12:78:33 | call to String.init(_:) | conversions.swift:78:19:78:32 | call to sourceString() | conversions.swift:78:12:78:33 | call to String.init(_:) | result |
|
||||
| conversions.swift:87:12:87:12 | ms2 | conversions.swift:86:21:86:34 | call to sourceString() | conversions.swift:87:12:87:12 | ms2 | result |
|
||||
| conversions.swift:95:12:95:12 | parent | conversions.swift:94:31:94:44 | call to sourceString() | conversions.swift:95:12:95:12 | parent | result |
|
||||
| conversions.swift:96:12:96:12 | parent | conversions.swift:94:31:94:44 | call to sourceString() | conversions.swift:96:12:96:12 | parent | result |
|
||||
| conversions.swift:99:12:99:12 | v3 | conversions.swift:94:31:94:44 | call to sourceString() | conversions.swift:99:12:99:12 | v3 | result |
|
||||
|
||||
@@ -84,7 +84,7 @@ func testConversions() {
|
||||
sink(arg: ms1.clean)
|
||||
|
||||
let ms2 = MyString(sourceString())!
|
||||
sink(arg: ms2) // $ MISSING: tainted=
|
||||
sink(arg: ms2) // $ tainted=86
|
||||
sink(arg: ms2.description) // $ MISSING: tainted=
|
||||
sink(arg: ms2.debugDescription) // $ MISSING: tainted=
|
||||
sink(arg: ms2.clean)
|
||||
|
||||
Reference in New Issue
Block a user