From 3f1dc8e5c79ea14f84aba30c0cfda1660a4ed5ce Mon Sep 17 00:00:00 2001
From: Jami Cogswell <jcogs33@Jamis-MacBook-Pro.local>
Date: Mon, 5 Jun 2023 09:21:32 -0400
Subject: [PATCH] Shared: add outdated Swift sink kinds

---
 .../semmle/code/csharp/dataflow/SharedModelValidation.qll   | 6 +++++-
 go/ql/lib/semmle/go/dataflow/SharedModelValidation.qll      | 6 +++++-
 .../lib/semmle/code/java/dataflow/SharedModelValidation.qll | 6 +++++-
 .../frameworks/data/internal/SharedModelValidation.qll      | 6 +++++-
 .../frameworks/data/internal/SharedModelValidation.qll      | 6 +++++-
 .../ruby/frameworks/data/internal/SharedModelValidation.qll | 6 +++++-
 .../ql/lib/codeql/swift/dataflow/SharedModelValidation.qll  | 6 +++++-
 7 files changed, 35 insertions(+), 7 deletions(-)

diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/SharedModelValidation.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/SharedModelValidation.qll
index e68b8241897..40aad9caef7 100644
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/SharedModelValidation.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/SharedModelValidation.qll
@@ -47,7 +47,7 @@ class OutdatedSinkKind extends string {
         "sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
         "pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
         "write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
-        "code", "html", "remote"
+        "code", "html", "remote", "uncontrolled-format-string", "js-eval"
       ]
   }
 
@@ -55,6 +55,8 @@ class OutdatedSinkKind extends string {
     this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
     result = this + "-injection"
     or
+    this = "js-eval" and result = "code-injection"
+    or
     this = "url-redirect" and result = "url-redirection"
     or
     this = "ssti" and result = "template-injection"
@@ -78,6 +80,8 @@ class OutdatedSinkKind extends string {
     this = ["open-url", "jdbc-url"] and result = "request-forgery"
     or
     this = "command-line-injection" and result = "command-injection"
+    or
+    this = "uncontrolled-format-string" and result = "format-string"
   }
 
   string outdatedMessage() {
diff --git a/go/ql/lib/semmle/go/dataflow/SharedModelValidation.qll b/go/ql/lib/semmle/go/dataflow/SharedModelValidation.qll
index e68b8241897..40aad9caef7 100644
--- a/go/ql/lib/semmle/go/dataflow/SharedModelValidation.qll
+++ b/go/ql/lib/semmle/go/dataflow/SharedModelValidation.qll
@@ -47,7 +47,7 @@ class OutdatedSinkKind extends string {
         "sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
         "pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
         "write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
-        "code", "html", "remote"
+        "code", "html", "remote", "uncontrolled-format-string", "js-eval"
       ]
   }
 
@@ -55,6 +55,8 @@ class OutdatedSinkKind extends string {
     this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
     result = this + "-injection"
     or
+    this = "js-eval" and result = "code-injection"
+    or
     this = "url-redirect" and result = "url-redirection"
     or
     this = "ssti" and result = "template-injection"
@@ -78,6 +80,8 @@ class OutdatedSinkKind extends string {
     this = ["open-url", "jdbc-url"] and result = "request-forgery"
     or
     this = "command-line-injection" and result = "command-injection"
+    or
+    this = "uncontrolled-format-string" and result = "format-string"
   }
 
   string outdatedMessage() {
diff --git a/java/ql/lib/semmle/code/java/dataflow/SharedModelValidation.qll b/java/ql/lib/semmle/code/java/dataflow/SharedModelValidation.qll
index e68b8241897..40aad9caef7 100644
--- a/java/ql/lib/semmle/code/java/dataflow/SharedModelValidation.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/SharedModelValidation.qll
@@ -47,7 +47,7 @@ class OutdatedSinkKind extends string {
         "sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
         "pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
         "write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
-        "code", "html", "remote"
+        "code", "html", "remote", "uncontrolled-format-string", "js-eval"
       ]
   }
 
@@ -55,6 +55,8 @@ class OutdatedSinkKind extends string {
     this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
     result = this + "-injection"
     or
+    this = "js-eval" and result = "code-injection"
+    or
     this = "url-redirect" and result = "url-redirection"
     or
     this = "ssti" and result = "template-injection"
@@ -78,6 +80,8 @@ class OutdatedSinkKind extends string {
     this = ["open-url", "jdbc-url"] and result = "request-forgery"
     or
     this = "command-line-injection" and result = "command-injection"
+    or
+    this = "uncontrolled-format-string" and result = "format-string"
   }
 
   string outdatedMessage() {
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/data/internal/SharedModelValidation.qll b/javascript/ql/lib/semmle/javascript/frameworks/data/internal/SharedModelValidation.qll
index e68b8241897..40aad9caef7 100644
--- a/javascript/ql/lib/semmle/javascript/frameworks/data/internal/SharedModelValidation.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/data/internal/SharedModelValidation.qll
@@ -47,7 +47,7 @@ class OutdatedSinkKind extends string {
         "sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
         "pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
         "write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
-        "code", "html", "remote"
+        "code", "html", "remote", "uncontrolled-format-string", "js-eval"
       ]
   }
 
@@ -55,6 +55,8 @@ class OutdatedSinkKind extends string {
     this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
     result = this + "-injection"
     or
+    this = "js-eval" and result = "code-injection"
+    or
     this = "url-redirect" and result = "url-redirection"
     or
     this = "ssti" and result = "template-injection"
@@ -78,6 +80,8 @@ class OutdatedSinkKind extends string {
     this = ["open-url", "jdbc-url"] and result = "request-forgery"
     or
     this = "command-line-injection" and result = "command-injection"
+    or
+    this = "uncontrolled-format-string" and result = "format-string"
   }
 
   string outdatedMessage() {
diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/SharedModelValidation.qll b/python/ql/lib/semmle/python/frameworks/data/internal/SharedModelValidation.qll
index e68b8241897..40aad9caef7 100644
--- a/python/ql/lib/semmle/python/frameworks/data/internal/SharedModelValidation.qll
+++ b/python/ql/lib/semmle/python/frameworks/data/internal/SharedModelValidation.qll
@@ -47,7 +47,7 @@ class OutdatedSinkKind extends string {
         "sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
         "pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
         "write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
-        "code", "html", "remote"
+        "code", "html", "remote", "uncontrolled-format-string", "js-eval"
       ]
   }
 
@@ -55,6 +55,8 @@ class OutdatedSinkKind extends string {
     this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
     result = this + "-injection"
     or
+    this = "js-eval" and result = "code-injection"
+    or
     this = "url-redirect" and result = "url-redirection"
     or
     this = "ssti" and result = "template-injection"
@@ -78,6 +80,8 @@ class OutdatedSinkKind extends string {
     this = ["open-url", "jdbc-url"] and result = "request-forgery"
     or
     this = "command-line-injection" and result = "command-injection"
+    or
+    this = "uncontrolled-format-string" and result = "format-string"
   }
 
   string outdatedMessage() {
diff --git a/ruby/ql/lib/codeql/ruby/frameworks/data/internal/SharedModelValidation.qll b/ruby/ql/lib/codeql/ruby/frameworks/data/internal/SharedModelValidation.qll
index e68b8241897..40aad9caef7 100644
--- a/ruby/ql/lib/codeql/ruby/frameworks/data/internal/SharedModelValidation.qll
+++ b/ruby/ql/lib/codeql/ruby/frameworks/data/internal/SharedModelValidation.qll
@@ -47,7 +47,7 @@ class OutdatedSinkKind extends string {
         "sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
         "pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
         "write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
-        "code", "html", "remote"
+        "code", "html", "remote", "uncontrolled-format-string", "js-eval"
       ]
   }
 
@@ -55,6 +55,8 @@ class OutdatedSinkKind extends string {
     this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
     result = this + "-injection"
     or
+    this = "js-eval" and result = "code-injection"
+    or
     this = "url-redirect" and result = "url-redirection"
     or
     this = "ssti" and result = "template-injection"
@@ -78,6 +80,8 @@ class OutdatedSinkKind extends string {
     this = ["open-url", "jdbc-url"] and result = "request-forgery"
     or
     this = "command-line-injection" and result = "command-injection"
+    or
+    this = "uncontrolled-format-string" and result = "format-string"
   }
 
   string outdatedMessage() {
diff --git a/swift/ql/lib/codeql/swift/dataflow/SharedModelValidation.qll b/swift/ql/lib/codeql/swift/dataflow/SharedModelValidation.qll
index e68b8241897..40aad9caef7 100644
--- a/swift/ql/lib/codeql/swift/dataflow/SharedModelValidation.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/SharedModelValidation.qll
@@ -47,7 +47,7 @@ class OutdatedSinkKind extends string {
         "sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
         "pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
         "write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
-        "code", "html", "remote"
+        "code", "html", "remote", "uncontrolled-format-string", "js-eval"
       ]
   }
 
@@ -55,6 +55,8 @@ class OutdatedSinkKind extends string {
     this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
     result = this + "-injection"
     or
+    this = "js-eval" and result = "code-injection"
+    or
     this = "url-redirect" and result = "url-redirection"
     or
     this = "ssti" and result = "template-injection"
@@ -78,6 +80,8 @@ class OutdatedSinkKind extends string {
     this = ["open-url", "jdbc-url"] and result = "request-forgery"
     or
     this = "command-line-injection" and result = "command-injection"
+    or
+    this = "uncontrolled-format-string" and result = "format-string"
   }
 
   string outdatedMessage() {