Swift: # -> //

2026-04-28 10:15:14 +02:00 · 2023-07-17 09:12:01 +01:00
parent 2870bc2ee0
commit 4644b7184b
2 changed files with 4 additions and 4 deletions
--- a/swift/ql/src/queries/Security/CWE-730/RegexInjectionBad.swift
+++ b/swift/ql/src/queries/Security/CWE-730/RegexInjectionBad.swift
@@ -1,10 +1,10 @@
 func processRemoteInput(remoteInput: String) {
  ...

-  # BAD: Unsanitized user input is used to construct a regular expression
+  // BAD: Unsanitized user input is used to construct a regular expression
  let regex1 = try Regex(remoteInput)

-  # BAD: Unsanitized user input is used to construct a regular expression
+  // BAD: Unsanitized user input is used to construct a regular expression
  let regexStr = "abc|\(remoteInput)"
  let regex2 = try NSRegularExpression(pattern: regexStr)

--- a/swift/ql/src/queries/Security/CWE-730/RegexInjectionGood.swift
+++ b/swift/ql/src/queries/Security/CWE-730/RegexInjectionGood.swift
@@ -1,10 +1,10 @@
 func processRemoteInput(remoteInput: String) {
  ...

-  # GOOD: Regular expression is not derived from user input
+  // GOOD: Regular expression is not derived from user input
  let regex1 = try Regex(myRegex)

-  # GOOD: User input is sanitized before being used to construct a regular expression
+  // GOOD: User input is sanitized before being used to construct a regular expression
  let escapedInput = NSRegularExpression.escapedPattern(for: remoteInput)
  let regexStr = "abc|\(escapedInput)"
  let regex2 = try NSRegularExpression(pattern: regexStr)