hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 05:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into redsun82/swift-linkage-awareness

Browse Source
This commit is contained in:
Paolo Tranquilli
2023-01-19 10:49:33 +01:00
committed by GitHub
parent f383fd1dc1 e6aebd9df0
commit 57ec5db1a9
49 changed files with 11594 additions and 1923 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
swift/extractor/config/SwiftExtractorConfiguration.h
View File

@@ -23,13 +23,6 @@ struct SwiftExtractorConfiguration {
// destination.
std::filesystem::path getTempTrapDir() const { return scratchDir / "swift-trap-temp"; }
// VFS (virtual file system) support.
// A temporary directory that contains VFS files used during extraction.
std::filesystem::path getVFSDir() const { return scratchDir / "swift-vfs"; }
// A temporary directory that contains temp VFS files before they moved into VFSDir.
std::filesystem::path getTempVFSDir() const { return scratchDir / "swift-vfs-temp"; }
// A temporary directory that contains build artifacts generated by the extractor during the
// overall extraction process.
std::filesystem::path getTempArtifactDir() const {

13
swift/extractor/infra/SwiftDispatcher.h
View File

@@ -355,19 +355,6 @@ class SwiftDispatcher {
return false;
}
static std::filesystem::path getFilePath(std::string_view path) {
// TODO: this needs more testing
// TODO: check canonicalization of names on a case insensitive filesystems
// TODO: make symlink resolution conditional on CODEQL_PRESERVE_SYMLINKS=true
std::error_code ec;
auto ret = std::filesystem::canonical(path, ec);
if (ec) {
std::cerr << "Cannot get real path: " << std::quoted(path) << ": " << ec.message() << "\n";
return {};
}
return ret;
}
virtual void visit(const swift::Decl* decl) = 0;
virtual void visit(const swift::Stmt* stmt) = 0;
virtual void visit(const swift::StmtCondition* cond) = 0;

41
swift/ql/lib/codeql/swift/controlflow/CfgNodes.qll
View File

@@ -91,20 +91,21 @@ class CfgNode extends ControlFlowNode, TElementNode {
/** Gets a split for this control flow node, if any. */
final Split getASplit() { result = splits.getASplit() }
}
private Expr getAst(ControlFlowElement n) {
result = n.asAstNode()
or
result = n.(PropertyGetterElement).getRef()
or
result = n.(PropertySetterElement).getAssignExpr()
or
result = n.(PropertyObserverElement).getAssignExpr()
or
result = n.(ClosureElement).getAst()
or
result = n.(KeyPathElement).getAst()
/** Gets the AST representation of this control flow node, if any. */
Expr getAst() {
result = n.asAstNode()
or
result = n.(PropertyGetterElement).getRef()
or
result = n.(PropertySetterElement).getAssignExpr()
or
result = n.(PropertyObserverElement).getAssignExpr()
or
result = n.(ClosureElement).getAst()
or
result = n.(KeyPathElement).getAst()
}
}
/** A control-flow node that wraps an AST expression. */
@@ -123,7 +124,7 @@ class PropertyGetterCfgNode extends CfgNode {
Expr getRef() { result = n.getRef() }
CfgNode getBase() { getAst(result.getNode()) = n.getBase() }
CfgNode getBase() { result.getAst() = n.getBase() }
AccessorDecl getAccessorDecl() { result = n.getAccessorDecl() }
}
@@ -134,9 +135,9 @@ class PropertySetterCfgNode extends CfgNode {
AssignExpr getAssignExpr() { result = n.getAssignExpr() }
CfgNode getBase() { getAst(result.getNode()) = n.getBase() }
CfgNode getBase() { result.getAst() = n.getBase() }
CfgNode getSource() { getAst(result.getNode()) = n.getAssignExpr().getSource() }
CfgNode getSource() { result.getAst() = n.getAssignExpr().getSource() }
AccessorDecl getAccessorDecl() { result = n.getAccessorDecl() }
}
@@ -146,9 +147,9 @@ class PropertyObserverCfgNode extends CfgNode {
AssignExpr getAssignExpr() { result = n.getAssignExpr() }
CfgNode getBase() { getAst(result.getNode()) = n.getBase() }
CfgNode getBase() { result.getAst() = n.getBase() }
CfgNode getSource() { getAst(result.getNode()) = n.getAssignExpr().getSource() }
CfgNode getSource() { result.getAst() = n.getAssignExpr().getSource() }
AccessorDecl getAccessorDecl() { result = n.getObserver() }
}
@@ -156,9 +157,9 @@ class PropertyObserverCfgNode extends CfgNode {
class ApplyExprCfgNode extends ExprCfgNode {
override ApplyExpr e;
CfgNode getArgument(int index) { getAst(result.getNode()) = e.getArgument(index).getExpr() }
CfgNode getArgument(int index) { result.getAst() = e.getArgument(index).getExpr() }
CfgNode getQualifier() { getAst(result.getNode()) = e.getQualifier() }
CfgNode getQualifier() { result.getAst() = e.getQualifier() }
AbstractFunctionDecl getStaticTarget() { result = e.getStaticTarget() }

25
swift/ql/lib/codeql/swift/dataflow/Ssa.qll
View File

@@ -30,9 +30,16 @@ module Ssa {
certain = true
)
or
exists(PatternBindingDecl decl, Pattern pattern |
// Any variable initialization through pattern matching. For example each `x*` in:
// ```
// var x1 = v
// let x2 = v
// let (x3, x4) = tuple
// if let x5 = optional { ... }
// guard let x6 = optional else { ... }
// ```
exists(Pattern pattern |
bb.getNode(i).getNode().asAstNode() = pattern and
decl.getAPattern() = pattern and
v.getParentPattern() = pattern and
certain = true
)
@@ -153,10 +160,16 @@ module Ssa {
pbd.getAPattern() = bb.getNode(blockIndex).getNode().asAstNode() and
init = var.getParentInitializer()
|
value.getNode().asAstNode() = init
or
// TODO: We should probably enumerate more cfg nodes here.
value.(PropertyGetterCfgNode).getRef() = init
value.getAst() = init
)
or
exists(SsaInput::BasicBlock bb, int blockIndex, ConditionElement ce, Expr init |
this.definesAt(_, bb, blockIndex) and
ce.getPattern() = bb.getNode(blockIndex).getNode().asAstNode() and
init = ce.getInitializer() and
strictcount(Ssa::WriteDefinition alt | alt.definesAt(_, bb, blockIndex)) = 1 // exclude cases where there are multiple writes from the same pattern, this is at best taint flow.
|
value.getAst() = init
)
}
}

12
swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplConsistency.qll
View File

@@ -45,6 +45,16 @@ module Consistency {
) {
none()
}
/** Holds if `(c, pos, p)` should be excluded from the consistency test `uniqueParameterNodeAtPosition`. */
predicate uniqueParameterNodeAtPositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
none()
}
/** Holds if `(c, pos, p)` should be excluded from the consistency test `uniqueParameterNodePosition`. */
predicate uniqueParameterNodePositionExclude(DataFlowCallable c, ParameterPosition pos, Node p) {
none()
}
}
private class RelevantNode extends Node {
@@ -246,6 +256,7 @@ module Consistency {
query predicate uniqueParameterNodeAtPosition(
DataFlowCallable c, ParameterPosition pos, Node p, string msg
) {
not any(ConsistencyConfiguration conf).uniqueParameterNodeAtPositionExclude(c, pos, p) and
isParameterNode(p, c, pos) and
not exists(unique(Node p0 | isParameterNode(p0, c, pos))) and
msg = "Parameters with overlapping positions."
@@ -254,6 +265,7 @@ module Consistency {
query predicate uniqueParameterNodePosition(
DataFlowCallable c, ParameterPosition pos, Node p, string msg
) {
not any(ConsistencyConfiguration conf).uniqueParameterNodePositionExclude(c, pos, p) and
isParameterNode(p, c, pos) and
not exists(unique(ParameterPosition pos0 | isParameterNode(p, c, pos0))) and
msg = "Parameter node with multiple positions."

15
swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
View File

@@ -38,6 +38,21 @@ class ConstantPasswordSink extends Expr {
call.getStaticTarget() = f and
call.getArgumentWithLabel("password").getExpr() = this
)
or
// RNCryptor (labelled arguments)
exists(ClassOrStructDecl c, MethodDecl f, CallExpr call |
c.getFullName() = ["RNCryptor", "RNEncryptor", "RNDecryptor"] and
c.getAMember() = f and
call.getStaticTarget() = f and
call.getArgumentWithLabel(["password", "withPassword", "forPassword"]).getExpr() = this
)
or
// RNCryptor (unlabelled arguments)
exists(MethodDecl f, CallExpr call |
f.hasQualifiedName("RNCryptor", "keyForPassword(_:salt:settings:)") and
call.getStaticTarget() = f and
call.getArgument(0).getExpr() = this
)
}
}

141
swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
View File

@@ -2,6 +2,8 @@ edges
| file://:0:0:0:0 | [summary param] this in signum() : | file://:0:0:0:0 | [summary] to write: return (return) in signum() : |
| file://:0:0:0:0 | self [a, x] : | file://:0:0:0:0 | .a [x] : |
| file://:0:0:0:0 | self [x] : | file://:0:0:0:0 | .x : |
| file://:0:0:0:0 | self [x] : | file://:0:0:0:0 | .x : |
| file://:0:0:0:0 | value : | file://:0:0:0:0 | [post] self [x] : |
| file://:0:0:0:0 | value : | file://:0:0:0:0 | [post] self [x] : |
| test.swift:6:19:6:26 | call to source() : | test.swift:7:15:7:15 | t1 |
| test.swift:6:19:6:26 | call to source() : | test.swift:9:15:9:15 | t1 |
@@ -100,6 +102,8 @@ edges
| test.swift:225:14:225:21 | call to source() : | test.swift:235:13:235:15 | .source_value |
| test.swift:225:14:225:21 | call to source() : | test.swift:238:13:238:15 | .source_value |
| test.swift:259:12:259:19 | call to source() : | test.swift:263:13:263:28 | call to optionalSource() : |
| test.swift:259:12:259:19 | call to source() : | test.swift:439:13:439:28 | call to optionalSource() : |
| test.swift:259:12:259:19 | call to source() : | test.swift:466:13:466:28 | call to optionalSource() : |
| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:265:15:265:15 | x |
| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:267:15:267:16 | ...! |
| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:271:15:271:16 | ...? : |
@@ -107,6 +111,11 @@ edges
| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:275:15:275:27 | ... ??(_:_:) ... |
| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:279:15:279:31 | ... ? ... : ... |
| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:280:15:280:38 | ... ? ... : ... |
| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:285:19:285:19 | z |
| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:291:16:291:17 | ...? : |
| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:300:15:300:15 | z1 |
| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:303:15:303:16 | ...! : |
| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:307:19:307:19 | z |
| test.swift:270:15:270:22 | call to source() : | file://:0:0:0:0 | [summary param] this in signum() : |
| test.swift:270:15:270:22 | call to source() : | test.swift:270:15:270:31 | call to signum() |
| test.swift:271:15:271:16 | ...? : | file://:0:0:0:0 | [summary param] this in signum() : |
@@ -114,30 +123,49 @@ edges
| test.swift:271:15:271:25 | call to signum() : | test.swift:271:15:271:25 | OptionalEvaluationExpr |
| test.swift:280:31:280:38 | call to source() : | test.swift:280:15:280:38 | ... ? ... : ... |
| test.swift:282:31:282:38 | call to source() : | test.swift:282:15:282:38 | ... ? ... : ... |
| test.swift:302:14:302:26 | (...) [Tuple element at index 1] : | test.swift:306:15:306:15 | t1 [Tuple element at index 1] : |
| test.swift:302:18:302:25 | call to source() : | test.swift:302:14:302:26 | (...) [Tuple element at index 1] : |
| test.swift:306:15:306:15 | t1 [Tuple element at index 1] : | test.swift:306:15:306:18 | .1 |
| test.swift:314:5:314:5 | [post] t1 [Tuple element at index 0] : | test.swift:317:15:317:15 | t1 [Tuple element at index 0] : |
| test.swift:314:12:314:19 | call to source() : | test.swift:314:5:314:5 | [post] t1 [Tuple element at index 0] : |
| test.swift:317:15:317:15 | t1 [Tuple element at index 0] : | test.swift:317:15:317:18 | .0 |
| test.swift:322:14:322:45 | (...) [Tuple element at index 0] : | test.swift:327:15:327:15 | t1 [Tuple element at index 0] : |
| test.swift:322:14:322:45 | (...) [Tuple element at index 0] : | test.swift:331:15:331:15 | t2 [Tuple element at index 0] : |
| test.swift:322:14:322:45 | (...) [Tuple element at index 1] : | test.swift:328:15:328:15 | t1 [Tuple element at index 1] : |
| test.swift:322:14:322:45 | (...) [Tuple element at index 1] : | test.swift:332:15:332:15 | t2 [Tuple element at index 1] : |
| test.swift:322:18:322:25 | call to source() : | test.swift:322:14:322:45 | (...) [Tuple element at index 0] : |
| test.swift:322:31:322:38 | call to source() : | test.swift:322:14:322:45 | (...) [Tuple element at index 1] : |
| test.swift:327:15:327:15 | t1 [Tuple element at index 0] : | test.swift:327:15:327:18 | .0 |
| test.swift:328:15:328:15 | t1 [Tuple element at index 1] : | test.swift:328:15:328:18 | .1 |
| test.swift:331:15:331:15 | t2 [Tuple element at index 0] : | test.swift:331:15:331:18 | .0 |
| test.swift:332:15:332:15 | t2 [Tuple element at index 1] : | test.swift:332:15:332:18 | .1 |
| test.swift:291:16:291:17 | ...? : | file://:0:0:0:0 | [summary param] this in signum() : |
| test.swift:291:16:291:17 | ...? : | test.swift:291:16:291:26 | call to signum() : |
| test.swift:291:16:291:26 | call to signum() : | test.swift:292:19:292:19 | z |
| test.swift:303:15:303:16 | ...! : | file://:0:0:0:0 | [summary param] this in signum() : |
| test.swift:303:15:303:16 | ...! : | test.swift:303:15:303:25 | call to signum() |
| test.swift:331:14:331:26 | (...) [Tuple element at index 1] : | test.swift:335:15:335:15 | t1 [Tuple element at index 1] : |
| test.swift:331:18:331:25 | call to source() : | test.swift:331:14:331:26 | (...) [Tuple element at index 1] : |
| test.swift:335:15:335:15 | t1 [Tuple element at index 1] : | test.swift:335:15:335:18 | .1 |
| test.swift:343:5:343:5 | [post] t1 [Tuple element at index 0] : | test.swift:346:15:346:15 | t1 [Tuple element at index 0] : |
| test.swift:343:12:343:19 | call to source() : | test.swift:343:5:343:5 | [post] t1 [Tuple element at index 0] : |
| test.swift:346:15:346:15 | t1 [Tuple element at index 0] : | test.swift:346:15:346:18 | .0 |
| test.swift:351:14:351:45 | (...) [Tuple element at index 0] : | test.swift:356:15:356:15 | t1 [Tuple element at index 0] : |
| test.swift:351:14:351:45 | (...) [Tuple element at index 0] : | test.swift:360:15:360:15 | t2 [Tuple element at index 0] : |
| test.swift:351:14:351:45 | (...) [Tuple element at index 1] : | test.swift:357:15:357:15 | t1 [Tuple element at index 1] : |
| test.swift:351:14:351:45 | (...) [Tuple element at index 1] : | test.swift:361:15:361:15 | t2 [Tuple element at index 1] : |
| test.swift:351:18:351:25 | call to source() : | test.swift:351:14:351:45 | (...) [Tuple element at index 0] : |
| test.swift:351:31:351:38 | call to source() : | test.swift:351:14:351:45 | (...) [Tuple element at index 1] : |
| test.swift:356:15:356:15 | t1 [Tuple element at index 0] : | test.swift:356:15:356:18 | .0 |
| test.swift:357:15:357:15 | t1 [Tuple element at index 1] : | test.swift:357:15:357:18 | .1 |
| test.swift:360:15:360:15 | t2 [Tuple element at index 0] : | test.swift:360:15:360:18 | .0 |
| test.swift:361:15:361:15 | t2 [Tuple element at index 1] : | test.swift:361:15:361:18 | .1 |
| test.swift:439:13:439:28 | call to optionalSource() : | test.swift:442:19:442:19 | a |
| test.swift:462:9:462:9 | self [x] : | file://:0:0:0:0 | self [x] : |
| test.swift:462:9:462:9 | value : | file://:0:0:0:0 | value : |
| test.swift:466:13:466:28 | call to optionalSource() : | test.swift:468:12:468:12 | x : |
| test.swift:468:5:468:5 | [post] cx [x] : | test.swift:472:20:472:20 | cx [x] : |
| test.swift:468:12:468:12 | x : | test.swift:462:9:462:9 | value : |
| test.swift:468:12:468:12 | x : | test.swift:468:5:468:5 | [post] cx [x] : |
| test.swift:472:20:472:20 | cx [x] : | test.swift:462:9:462:9 | self [x] : |
| test.swift:472:20:472:20 | cx [x] : | test.swift:472:20:472:23 | .x : |
| test.swift:472:20:472:23 | .x : | test.swift:473:15:473:15 | z1 |
nodes
| file://:0:0:0:0 | .a [x] : | semmle.label | .a [x] : |
| file://:0:0:0:0 | .x : | semmle.label | .x : |
| file://:0:0:0:0 | .x : | semmle.label | .x : |
| file://:0:0:0:0 | [post] self [x] : | semmle.label | [post] self [x] : |
| file://:0:0:0:0 | [post] self [x] : | semmle.label | [post] self [x] : |
| file://:0:0:0:0 | [summary param] this in signum() : | semmle.label | [summary param] this in signum() : |
| file://:0:0:0:0 | [summary] to write: return (return) in signum() : | semmle.label | [summary] to write: return (return) in signum() : |
| file://:0:0:0:0 | self [a, x] : | semmle.label | self [a, x] : |
| file://:0:0:0:0 | self [x] : | semmle.label | self [x] : |
| file://:0:0:0:0 | self [x] : | semmle.label | self [x] : |
| file://:0:0:0:0 | value : | semmle.label | value : |
| file://:0:0:0:0 | value : | semmle.label | value : |
| test.swift:6:19:6:26 | call to source() : | semmle.label | call to source() : |
| test.swift:7:15:7:15 | t1 | semmle.label | t1 |
@@ -258,26 +286,44 @@ nodes
| test.swift:280:31:280:38 | call to source() : | semmle.label | call to source() : |
| test.swift:282:15:282:38 | ... ? ... : ... | semmle.label | ... ? ... : ... |
| test.swift:282:31:282:38 | call to source() : | semmle.label | call to source() : |
| test.swift:302:14:302:26 | (...) [Tuple element at index 1] : | semmle.label | (...) [Tuple element at index 1] : |
| test.swift:302:18:302:25 | call to source() : | semmle.label | call to source() : |
| test.swift:306:15:306:15 | t1 [Tuple element at index 1] : | semmle.label | t1 [Tuple element at index 1] : |
| test.swift:306:15:306:18 | .1 | semmle.label | .1 |
| test.swift:314:5:314:5 | [post] t1 [Tuple element at index 0] : | semmle.label | [post] t1 [Tuple element at index 0] : |
| test.swift:314:12:314:19 | call to source() : | semmle.label | call to source() : |
| test.swift:317:15:317:15 | t1 [Tuple element at index 0] : | semmle.label | t1 [Tuple element at index 0] : |
| test.swift:317:15:317:18 | .0 | semmle.label | .0 |
| test.swift:322:14:322:45 | (...) [Tuple element at index 0] : | semmle.label | (...) [Tuple element at index 0] : |
| test.swift:322:14:322:45 | (...) [Tuple element at index 1] : | semmle.label | (...) [Tuple element at index 1] : |
| test.swift:322:18:322:25 | call to source() : | semmle.label | call to source() : |
| test.swift:322:31:322:38 | call to source() : | semmle.label | call to source() : |
| test.swift:327:15:327:15 | t1 [Tuple element at index 0] : | semmle.label | t1 [Tuple element at index 0] : |
| test.swift:327:15:327:18 | .0 | semmle.label | .0 |
| test.swift:328:15:328:15 | t1 [Tuple element at index 1] : | semmle.label | t1 [Tuple element at index 1] : |
| test.swift:328:15:328:18 | .1 | semmle.label | .1 |
| test.swift:331:15:331:15 | t2 [Tuple element at index 0] : | semmle.label | t2 [Tuple element at index 0] : |
| test.swift:331:15:331:18 | .0 | semmle.label | .0 |
| test.swift:332:15:332:15 | t2 [Tuple element at index 1] : | semmle.label | t2 [Tuple element at index 1] : |
| test.swift:332:15:332:18 | .1 | semmle.label | .1 |
| test.swift:285:19:285:19 | z | semmle.label | z |
| test.swift:291:16:291:17 | ...? : | semmle.label | ...? : |
| test.swift:291:16:291:26 | call to signum() : | semmle.label | call to signum() : |
| test.swift:292:19:292:19 | z | semmle.label | z |
| test.swift:300:15:300:15 | z1 | semmle.label | z1 |
| test.swift:303:15:303:16 | ...! : | semmle.label | ...! : |
| test.swift:303:15:303:25 | call to signum() | semmle.label | call to signum() |
| test.swift:307:19:307:19 | z | semmle.label | z |
| test.swift:331:14:331:26 | (...) [Tuple element at index 1] : | semmle.label | (...) [Tuple element at index 1] : |
| test.swift:331:18:331:25 | call to source() : | semmle.label | call to source() : |
| test.swift:335:15:335:15 | t1 [Tuple element at index 1] : | semmle.label | t1 [Tuple element at index 1] : |
| test.swift:335:15:335:18 | .1 | semmle.label | .1 |
| test.swift:343:5:343:5 | [post] t1 [Tuple element at index 0] : | semmle.label | [post] t1 [Tuple element at index 0] : |
| test.swift:343:12:343:19 | call to source() : | semmle.label | call to source() : |
| test.swift:346:15:346:15 | t1 [Tuple element at index 0] : | semmle.label | t1 [Tuple element at index 0] : |
| test.swift:346:15:346:18 | .0 | semmle.label | .0 |
| test.swift:351:14:351:45 | (...) [Tuple element at index 0] : | semmle.label | (...) [Tuple element at index 0] : |
| test.swift:351:14:351:45 | (...) [Tuple element at index 1] : | semmle.label | (...) [Tuple element at index 1] : |
| test.swift:351:18:351:25 | call to source() : | semmle.label | call to source() : |
| test.swift:351:31:351:38 | call to source() : | semmle.label | call to source() : |
| test.swift:356:15:356:15 | t1 [Tuple element at index 0] : | semmle.label | t1 [Tuple element at index 0] : |
| test.swift:356:15:356:18 | .0 | semmle.label | .0 |
| test.swift:357:15:357:15 | t1 [Tuple element at index 1] : | semmle.label | t1 [Tuple element at index 1] : |
| test.swift:357:15:357:18 | .1 | semmle.label | .1 |
| test.swift:360:15:360:15 | t2 [Tuple element at index 0] : | semmle.label | t2 [Tuple element at index 0] : |
| test.swift:360:15:360:18 | .0 | semmle.label | .0 |
| test.swift:361:15:361:15 | t2 [Tuple element at index 1] : | semmle.label | t2 [Tuple element at index 1] : |
| test.swift:361:15:361:18 | .1 | semmle.label | .1 |
| test.swift:439:13:439:28 | call to optionalSource() : | semmle.label | call to optionalSource() : |
| test.swift:442:19:442:19 | a | semmle.label | a |
| test.swift:462:9:462:9 | self [x] : | semmle.label | self [x] : |
| test.swift:462:9:462:9 | value : | semmle.label | value : |
| test.swift:466:13:466:28 | call to optionalSource() : | semmle.label | call to optionalSource() : |
| test.swift:468:5:468:5 | [post] cx [x] : | semmle.label | [post] cx [x] : |
| test.swift:468:12:468:12 | x : | semmle.label | x : |
| test.swift:472:20:472:20 | cx [x] : | semmle.label | cx [x] : |
| test.swift:472:20:472:23 | .x : | semmle.label | .x : |
| test.swift:473:15:473:15 | z1 | semmle.label | z1 |
subpaths
| test.swift:75:21:75:22 | &... : | test.swift:65:16:65:28 | arg1 : | test.swift:65:1:70:1 | arg2[return] : | test.swift:75:31:75:32 | [post] &... : |
| test.swift:114:19:114:19 | arg : | test.swift:109:9:109:14 | arg : | test.swift:110:12:110:12 | arg : | test.swift:114:12:114:22 | call to ... : |
@@ -306,6 +352,10 @@ subpaths
| test.swift:219:13:219:15 | .a [x] : | test.swift:163:7:163:7 | self [x] : | file://:0:0:0:0 | .x : | test.swift:219:13:219:17 | .x |
| test.swift:270:15:270:22 | call to source() : | file://:0:0:0:0 | [summary param] this in signum() : | file://:0:0:0:0 | [summary] to write: return (return) in signum() : | test.swift:270:15:270:31 | call to signum() |
| test.swift:271:15:271:16 | ...? : | file://:0:0:0:0 | [summary param] this in signum() : | file://:0:0:0:0 | [summary] to write: return (return) in signum() : | test.swift:271:15:271:25 | call to signum() : |
| test.swift:291:16:291:17 | ...? : | file://:0:0:0:0 | [summary param] this in signum() : | file://:0:0:0:0 | [summary] to write: return (return) in signum() : | test.swift:291:16:291:26 | call to signum() : |
| test.swift:303:15:303:16 | ...! : | file://:0:0:0:0 | [summary param] this in signum() : | file://:0:0:0:0 | [summary] to write: return (return) in signum() : | test.swift:303:15:303:25 | call to signum() |
| test.swift:468:12:468:12 | x : | test.swift:462:9:462:9 | value : | file://:0:0:0:0 | [post] self [x] : | test.swift:468:5:468:5 | [post] cx [x] : |
| test.swift:472:20:472:20 | cx [x] : | test.swift:462:9:462:9 | self [x] : | file://:0:0:0:0 | .x : | test.swift:472:20:472:23 | .x : |
#select
| test.swift:7:15:7:15 | t1 | test.swift:6:19:6:26 | call to source() : | test.swift:7:15:7:15 | t1 | result |
| test.swift:9:15:9:15 | t1 | test.swift:6:19:6:26 | call to source() : | test.swift:9:15:9:15 | t1 | result |
@@ -345,9 +395,16 @@ subpaths
| test.swift:280:15:280:38 | ... ? ... : ... | test.swift:259:12:259:19 | call to source() : | test.swift:280:15:280:38 | ... ? ... : ... | result |
| test.swift:280:15:280:38 | ... ? ... : ... | test.swift:280:31:280:38 | call to source() : | test.swift:280:15:280:38 | ... ? ... : ... | result |
| test.swift:282:15:282:38 | ... ? ... : ... | test.swift:282:31:282:38 | call to source() : | test.swift:282:15:282:38 | ... ? ... : ... | result |
| test.swift:306:15:306:18 | .1 | test.swift:302:18:302:25 | call to source() : | test.swift:306:15:306:18 | .1 | result |
| test.swift:317:15:317:18 | .0 | test.swift:314:12:314:19 | call to source() : | test.swift:317:15:317:18 | .0 | result |
| test.swift:327:15:327:18 | .0 | test.swift:322:18:322:25 | call to source() : | test.swift:327:15:327:18 | .0 | result |
| test.swift:328:15:328:18 | .1 | test.swift:322:31:322:38 | call to source() : | test.swift:328:15:328:18 | .1 | result |
| test.swift:331:15:331:18 | .0 | test.swift:322:18:322:25 | call to source() : | test.swift:331:15:331:18 | .0 | result |
| test.swift:332:15:332:18 | .1 | test.swift:322:31:322:38 | call to source() : | test.swift:332:15:332:18 | .1 | result |
| test.swift:285:19:285:19 | z | test.swift:259:12:259:19 | call to source() : | test.swift:285:19:285:19 | z | result |
| test.swift:292:19:292:19 | z | test.swift:259:12:259:19 | call to source() : | test.swift:292:19:292:19 | z | result |
| test.swift:300:15:300:15 | z1 | test.swift:259:12:259:19 | call to source() : | test.swift:300:15:300:15 | z1 | result |
| test.swift:303:15:303:25 | call to signum() | test.swift:259:12:259:19 | call to source() : | test.swift:303:15:303:25 | call to signum() | result |
| test.swift:307:19:307:19 | z | test.swift:259:12:259:19 | call to source() : | test.swift:307:19:307:19 | z | result |
| test.swift:335:15:335:18 | .1 | test.swift:331:18:331:25 | call to source() : | test.swift:335:15:335:18 | .1 | result |
| test.swift:346:15:346:18 | .0 | test.swift:343:12:343:19 | call to source() : | test.swift:346:15:346:18 | .0 | result |
| test.swift:356:15:356:18 | .0 | test.swift:351:18:351:25 | call to source() : | test.swift:356:15:356:18 | .0 | result |
| test.swift:357:15:357:18 | .1 | test.swift:351:31:351:38 | call to source() : | test.swift:357:15:357:18 | .1 | result |
| test.swift:360:15:360:18 | .0 | test.swift:351:18:351:25 | call to source() : | test.swift:360:15:360:18 | .0 | result |
| test.swift:361:15:361:18 | .1 | test.swift:351:31:351:38 | call to source() : | test.swift:361:15:361:18 | .1 | result |
| test.swift:442:19:442:19 | a | test.swift:259:12:259:19 | call to source() : | test.swift:442:19:442:19 | a | result |
| test.swift:473:15:473:15 | z1 | test.swift:259:12:259:19 | call to source() : | test.swift:473:15:473:15 | z1 | result |

2
swift/ql/test/library-tests/dataflow/dataflow/FlowConfig.qll
View File

@@ -10,7 +10,7 @@ class TestConfiguration extends DataFlow::Configuration {
TestConfiguration() { this = "TestConfiguration" }
override predicate isSource(DataFlow::Node src) {
src.asExpr().(CallExpr).getStaticTarget().getName() = "source()"
src.asExpr().(CallExpr).getStaticTarget().getName().matches("source%()")
}
override predicate isSink(DataFlow::Node sink) {

196
swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
View File

@@ -241,50 +241,152 @@
| test.swift:282:26:282:26 | y | test.swift:287:16:287:16 | y |
| test.swift:282:26:282:27 | ...! | test.swift:282:15:282:38 | ... ? ... : ... |
| test.swift:282:31:282:38 | call to source() | test.swift:282:15:282:38 | ... ? ... : ... |
| test.swift:284:16:284:16 | x | test.swift:290:16:290:16 | x |
| test.swift:287:16:287:16 | y | test.swift:293:16:293:16 | y |
| test.swift:290:16:290:16 | x | test.swift:290:16:290:17 | ...? |
| test.swift:290:16:290:26 | call to signum() | test.swift:290:16:290:26 | OptionalEvaluationExpr |
| test.swift:293:16:293:16 | y | test.swift:293:16:293:17 | ...? |
| test.swift:293:16:293:26 | call to signum() | test.swift:293:16:293:26 | OptionalEvaluationExpr |
| test.swift:302:9:302:9 | SSA def(t1) | test.swift:304:15:304:15 | t1 |
| test.swift:302:14:302:26 | (...) | test.swift:302:9:302:9 | SSA def(t1) |
| test.swift:304:15:304:15 | t1 | test.swift:305:15:305:15 | t1 |
| test.swift:305:15:305:15 | [post] t1 | test.swift:306:15:306:15 | t1 |
| test.swift:305:15:305:15 | t1 | test.swift:306:15:306:15 | t1 |
| test.swift:306:15:306:15 | [post] t1 | test.swift:308:5:308:5 | t1 |
| test.swift:306:15:306:15 | t1 | test.swift:308:5:308:5 | t1 |
| test.swift:308:5:308:5 | [post] t1 | test.swift:310:15:310:15 | t1 |
| test.swift:308:5:308:5 | t1 | test.swift:310:15:310:15 | t1 |
| test.swift:310:15:310:15 | t1 | test.swift:311:15:311:15 | t1 |
| test.swift:311:15:311:15 | [post] t1 | test.swift:312:15:312:15 | t1 |
| test.swift:311:15:311:15 | t1 | test.swift:312:15:312:15 | t1 |
| test.swift:312:15:312:15 | [post] t1 | test.swift:314:5:314:5 | t1 |
| test.swift:312:15:312:15 | t1 | test.swift:314:5:314:5 | t1 |
| test.swift:314:5:314:5 | [post] t1 | test.swift:316:15:316:15 | t1 |
| test.swift:314:5:314:5 | t1 | test.swift:316:15:316:15 | t1 |
| test.swift:316:15:316:15 | t1 | test.swift:317:15:317:15 | t1 |
| test.swift:317:15:317:15 | [post] t1 | test.swift:318:15:318:15 | t1 |
| test.swift:317:15:317:15 | t1 | test.swift:318:15:318:15 | t1 |
| test.swift:322:9:322:9 | SSA def(t1) | test.swift:323:14:323:14 | t1 |
| test.swift:322:14:322:45 | (...) | test.swift:322:9:322:9 | SSA def(t1) |
| test.swift:323:9:323:9 | SSA def(t2) | test.swift:330:15:330:15 | t2 |
| test.swift:323:14:323:14 | t1 | test.swift:323:9:323:9 | SSA def(t2) |
| test.swift:323:14:323:14 | t1 | test.swift:324:21:324:21 | t1 |
| test.swift:324:9:324:17 | SSA def(a) | test.swift:334:15:334:15 | a |
| test.swift:324:9:324:17 | SSA def(b) | test.swift:335:15:335:15 | b |
| test.swift:324:9:324:17 | SSA def(c) | test.swift:336:15:336:15 | c |
| test.swift:324:21:324:21 | t1 | test.swift:324:9:324:17 | SSA def(a) |
| test.swift:324:21:324:21 | t1 | test.swift:324:9:324:17 | SSA def(b) |
| test.swift:324:21:324:21 | t1 | test.swift:324:9:324:17 | SSA def(c) |
| test.swift:324:21:324:21 | t1 | test.swift:326:15:326:15 | t1 |
| test.swift:326:15:326:15 | t1 | test.swift:327:15:327:15 | t1 |
| test.swift:327:15:327:15 | [post] t1 | test.swift:328:15:328:15 | t1 |
| test.swift:327:15:327:15 | t1 | test.swift:328:15:328:15 | t1 |
| test.swift:328:15:328:15 | [post] t1 | test.swift:329:15:329:15 | t1 |
| test.swift:328:15:328:15 | t1 | test.swift:329:15:329:15 | t1 |
| test.swift:330:15:330:15 | t2 | test.swift:331:15:331:15 | t2 |
| test.swift:331:15:331:15 | [post] t2 | test.swift:332:15:332:15 | t2 |
| test.swift:331:15:331:15 | t2 | test.swift:332:15:332:15 | t2 |
| test.swift:332:15:332:15 | [post] t2 | test.swift:333:15:333:15 | t2 |
| test.swift:332:15:332:15 | t2 | test.swift:333:15:333:15 | t2 |
| test.swift:284:8:284:12 | SSA def(z) | test.swift:285:19:285:19 | z |
| test.swift:284:16:284:16 | x | test.swift:284:8:284:12 | SSA def(z) |
| test.swift:284:16:284:16 | x | test.swift:291:16:291:16 | x |
| test.swift:287:8:287:12 | SSA def(z) | test.swift:288:19:288:19 | z |
| test.swift:287:16:287:16 | y | test.swift:287:8:287:12 | SSA def(z) |
| test.swift:287:16:287:16 | y | test.swift:294:16:294:16 | y |
| test.swift:291:8:291:12 | SSA def(z) | test.swift:292:19:292:19 | z |
| test.swift:291:16:291:16 | x | test.swift:291:16:291:17 | ...? |
| test.swift:291:16:291:16 | x | test.swift:298:20:298:20 | x |
| test.swift:291:16:291:26 | OptionalEvaluationExpr | test.swift:291:8:291:12 | SSA def(z) |
| test.swift:291:16:291:26 | call to signum() | test.swift:291:16:291:26 | OptionalEvaluationExpr |
| test.swift:294:8:294:12 | SSA def(z) | test.swift:295:19:295:19 | z |
| test.swift:294:16:294:16 | y | test.swift:294:16:294:17 | ...? |
| test.swift:294:16:294:16 | y | test.swift:299:20:299:20 | y |
| test.swift:294:16:294:26 | OptionalEvaluationExpr | test.swift:294:8:294:12 | SSA def(z) |
| test.swift:294:16:294:26 | call to signum() | test.swift:294:16:294:26 | OptionalEvaluationExpr |
| test.swift:298:11:298:15 | SSA def(z1) | test.swift:300:15:300:15 | z1 |
| test.swift:298:20:298:20 | x | test.swift:298:11:298:15 | SSA def(z1) |
| test.swift:298:20:298:20 | x | test.swift:303:15:303:15 | x |
| test.swift:299:11:299:15 | SSA def(z2) | test.swift:301:15:301:15 | z2 |
| test.swift:299:20:299:20 | y | test.swift:299:11:299:15 | SSA def(z2) |
| test.swift:299:20:299:20 | y | test.swift:304:15:304:15 | y |
| test.swift:303:15:303:15 | x | test.swift:303:15:303:16 | ...! |
| test.swift:303:15:303:15 | x | test.swift:306:28:306:28 | x |
| test.swift:304:15:304:15 | y | test.swift:304:15:304:16 | ...! |
| test.swift:304:15:304:15 | y | test.swift:309:28:309:28 | y |
| test.swift:306:13:306:24 | SSA def(z) | test.swift:307:19:307:19 | z |
| test.swift:306:28:306:28 | x | test.swift:306:13:306:24 | SSA def(z) |
| test.swift:306:28:306:28 | x | test.swift:313:12:313:12 | x |
| test.swift:309:13:309:24 | SSA def(z) | test.swift:310:19:310:19 | z |
| test.swift:309:28:309:28 | y | test.swift:309:13:309:24 | SSA def(z) |
| test.swift:309:28:309:28 | y | test.swift:319:12:319:12 | y |
| test.swift:314:10:314:21 | SSA def(z) | test.swift:315:19:315:19 | z |
| test.swift:320:10:320:21 | SSA def(z) | test.swift:321:19:321:19 | z |
| test.swift:331:9:331:9 | SSA def(t1) | test.swift:333:15:333:15 | t1 |
| test.swift:331:14:331:26 | (...) | test.swift:331:9:331:9 | SSA def(t1) |
| test.swift:333:15:333:15 | t1 | test.swift:334:15:334:15 | t1 |
| test.swift:334:15:334:15 | [post] t1 | test.swift:335:15:335:15 | t1 |
| test.swift:334:15:334:15 | t1 | test.swift:335:15:335:15 | t1 |
| test.swift:335:15:335:15 | [post] t1 | test.swift:337:5:337:5 | t1 |
| test.swift:335:15:335:15 | t1 | test.swift:337:5:337:5 | t1 |
| test.swift:337:5:337:5 | [post] t1 | test.swift:339:15:339:15 | t1 |
| test.swift:337:5:337:5 | t1 | test.swift:339:15:339:15 | t1 |
| test.swift:339:15:339:15 | t1 | test.swift:340:15:340:15 | t1 |
| test.swift:340:15:340:15 | [post] t1 | test.swift:341:15:341:15 | t1 |
| test.swift:340:15:340:15 | t1 | test.swift:341:15:341:15 | t1 |
| test.swift:341:15:341:15 | [post] t1 | test.swift:343:5:343:5 | t1 |
| test.swift:341:15:341:15 | t1 | test.swift:343:5:343:5 | t1 |
| test.swift:343:5:343:5 | [post] t1 | test.swift:345:15:345:15 | t1 |
| test.swift:343:5:343:5 | t1 | test.swift:345:15:345:15 | t1 |
| test.swift:345:15:345:15 | t1 | test.swift:346:15:346:15 | t1 |
| test.swift:346:15:346:15 | [post] t1 | test.swift:347:15:347:15 | t1 |
| test.swift:346:15:346:15 | t1 | test.swift:347:15:347:15 | t1 |
| test.swift:351:9:351:9 | SSA def(t1) | test.swift:352:14:352:14 | t1 |
| test.swift:351:14:351:45 | (...) | test.swift:351:9:351:9 | SSA def(t1) |
| test.swift:352:9:352:9 | SSA def(t2) | test.swift:359:15:359:15 | t2 |
| test.swift:352:14:352:14 | t1 | test.swift:352:9:352:9 | SSA def(t2) |
| test.swift:352:14:352:14 | t1 | test.swift:353:21:353:21 | t1 |
| test.swift:353:9:353:17 | SSA def(a) | test.swift:363:15:363:15 | a |
| test.swift:353:9:353:17 | SSA def(b) | test.swift:364:15:364:15 | b |
| test.swift:353:9:353:17 | SSA def(c) | test.swift:365:15:365:15 | c |
| test.swift:353:21:353:21 | t1 | test.swift:353:9:353:17 | SSA def(a) |
| test.swift:353:21:353:21 | t1 | test.swift:353:9:353:17 | SSA def(b) |
| test.swift:353:21:353:21 | t1 | test.swift:353:9:353:17 | SSA def(c) |
| test.swift:353:21:353:21 | t1 | test.swift:355:15:355:15 | t1 |
| test.swift:355:15:355:15 | t1 | test.swift:356:15:356:15 | t1 |
| test.swift:356:15:356:15 | [post] t1 | test.swift:357:15:357:15 | t1 |
| test.swift:356:15:356:15 | t1 | test.swift:357:15:357:15 | t1 |
| test.swift:357:15:357:15 | [post] t1 | test.swift:358:15:358:15 | t1 |
| test.swift:357:15:357:15 | t1 | test.swift:358:15:358:15 | t1 |
| test.swift:359:15:359:15 | t2 | test.swift:360:15:360:15 | t2 |
| test.swift:360:15:360:15 | [post] t2 | test.swift:361:15:361:15 | t2 |
| test.swift:360:15:360:15 | t2 | test.swift:361:15:361:15 | t2 |
| test.swift:361:15:361:15 | [post] t2 | test.swift:362:15:362:15 | t2 |
| test.swift:361:15:361:15 | t2 | test.swift:362:15:362:15 | t2 |
| test.swift:375:9:375:13 | SSA def(a) | test.swift:377:12:377:12 | a |
| test.swift:375:22:375:23 | .myNone | test.swift:375:9:375:13 | SSA def(a) |
| test.swift:377:12:377:12 | a | test.swift:387:32:387:32 | a |
| test.swift:380:10:380:25 | SSA def(a) | test.swift:381:19:381:19 | a |
| test.swift:382:10:382:30 | SSA def(a) | test.swift:383:19:383:19 | a |
| test.swift:382:10:382:30 | SSA def(b) | test.swift:384:19:384:19 | b |
| test.swift:387:13:387:28 | SSA def(x) | test.swift:388:19:388:19 | x |
| test.swift:387:32:387:32 | a | test.swift:387:13:387:28 | SSA def(x) |
| test.swift:387:32:387:32 | a | test.swift:390:37:390:37 | a |
| test.swift:390:13:390:33 | SSA def(x) | test.swift:391:19:391:19 | x |
| test.swift:390:13:390:33 | SSA def(y) | test.swift:392:19:392:19 | y |
| test.swift:390:37:390:37 | a | test.swift:407:32:407:32 | a |
| test.swift:395:9:395:13 | SSA def(b) | test.swift:397:12:397:12 | b |
| test.swift:395:22:395:40 | call to ... | test.swift:395:9:395:13 | SSA def(b) |
| test.swift:400:10:400:25 | SSA def(a) | test.swift:401:19:401:19 | a |
| test.swift:402:10:402:30 | SSA def(a) | test.swift:403:19:403:19 | a |
| test.swift:402:10:402:30 | SSA def(b) | test.swift:404:19:404:19 | b |
| test.swift:407:13:407:28 | SSA def(x) | test.swift:408:19:408:19 | x |
| test.swift:407:32:407:32 | a | test.swift:407:13:407:28 | SSA def(x) |
| test.swift:407:32:407:32 | a | test.swift:410:37:410:37 | a |
| test.swift:410:13:410:33 | SSA def(x) | test.swift:411:19:411:19 | x |
| test.swift:410:13:410:33 | SSA def(y) | test.swift:412:19:412:19 | y |
| test.swift:410:37:410:37 | a | test.swift:427:32:427:32 | a |
| test.swift:415:9:415:9 | SSA def(c) | test.swift:417:12:417:12 | c |
| test.swift:415:13:415:38 | call to ... | test.swift:415:9:415:9 | SSA def(c) |
| test.swift:420:10:420:25 | SSA def(a) | test.swift:421:19:421:19 | a |
| test.swift:422:10:422:30 | SSA def(a) | test.swift:423:19:423:19 | a |
| test.swift:422:10:422:30 | SSA def(b) | test.swift:424:19:424:19 | b |
| test.swift:427:13:427:28 | SSA def(x) | test.swift:428:19:428:19 | x |
| test.swift:427:32:427:32 | a | test.swift:427:13:427:28 | SSA def(x) |
| test.swift:427:32:427:32 | a | test.swift:430:37:430:37 | a |
| test.swift:430:13:430:33 | SSA def(x) | test.swift:431:19:431:19 | x |
| test.swift:430:13:430:33 | SSA def(y) | test.swift:432:19:432:19 | y |
| test.swift:438:21:438:27 | SSA def(y) | test.swift:441:27:441:27 | y |
| test.swift:438:21:438:27 | SSA def(y) | test.swift:446:22:446:22 | y |
| test.swift:438:21:438:27 | y | test.swift:438:21:438:27 | SSA def(y) |
| test.swift:439:9:439:9 | SSA def(x) | test.swift:441:16:441:16 | x |
| test.swift:439:13:439:28 | call to optionalSource() | test.swift:439:9:439:9 | SSA def(x) |
| test.swift:441:8:441:12 | SSA def(a) | test.swift:442:19:442:19 | a |
| test.swift:441:16:441:16 | x | test.swift:441:8:441:12 | SSA def(a) |
| test.swift:441:16:441:16 | x | test.swift:446:19:446:19 | x |
| test.swift:441:19:441:23 | SSA def(b) | test.swift:443:19:443:19 | b |
| test.swift:441:27:441:27 | y | test.swift:441:19:441:23 | SSA def(b) |
| test.swift:441:27:441:27 | y | test.swift:446:22:446:22 | y |
| test.swift:446:9:446:9 | SSA def(tuple1) | test.swift:447:12:447:12 | tuple1 |
| test.swift:446:18:446:23 | (...) | test.swift:446:9:446:9 | SSA def(tuple1) |
| test.swift:448:10:448:37 | SSA def(a) | test.swift:449:19:449:19 | a |
| test.swift:448:10:448:37 | SSA def(b) | test.swift:450:19:450:19 | b |
| test.swift:455:8:455:17 | SSA def(x) | test.swift:456:19:456:19 | x |
| test.swift:455:8:455:17 | SSA def(y) | test.swift:457:19:457:19 | y |
| test.swift:461:7:461:7 | SSA def(self) | test.swift:461:7:461:7 | self[return] |
| test.swift:461:7:461:7 | SSA def(self) | test.swift:461:7:461:7 | self[return] |
| test.swift:461:7:461:7 | self | test.swift:461:7:461:7 | SSA def(self) |
| test.swift:461:7:461:7 | self | test.swift:461:7:461:7 | SSA def(self) |
| test.swift:462:9:462:9 | self | test.swift:462:9:462:9 | SSA def(self) |
| test.swift:462:9:462:9 | self | test.swift:462:9:462:9 | SSA def(self) |
| test.swift:462:9:462:9 | self | test.swift:462:9:462:9 | SSA def(self) |
| test.swift:462:9:462:9 | value | test.swift:462:9:462:9 | SSA def(value) |
| test.swift:465:33:465:39 | SSA def(y) | test.swift:470:12:470:12 | y |
| test.swift:465:33:465:39 | y | test.swift:465:33:465:39 | SSA def(y) |
| test.swift:466:9:466:9 | SSA def(x) | test.swift:468:12:468:12 | x |
| test.swift:466:13:466:28 | call to optionalSource() | test.swift:466:9:466:9 | SSA def(x) |
| test.swift:467:9:467:9 | SSA def(cx) | test.swift:468:5:468:5 | cx |
| test.swift:467:14:467:16 | call to C.init() | test.swift:467:9:467:9 | SSA def(cx) |
| test.swift:468:5:468:5 | [post] cx | test.swift:472:20:472:20 | cx |
| test.swift:468:5:468:5 | cx | test.swift:472:20:472:20 | cx |
| test.swift:469:9:469:9 | SSA def(cy) | test.swift:470:5:470:5 | cy |
| test.swift:469:14:469:16 | call to C.init() | test.swift:469:9:469:9 | SSA def(cy) |
| test.swift:470:5:470:5 | [post] cy | test.swift:474:20:474:20 | cy |
| test.swift:470:5:470:5 | cy | test.swift:474:20:474:20 | cy |
| test.swift:472:11:472:15 | SSA def(z1) | test.swift:473:15:473:15 | z1 |
| test.swift:472:20:472:23 | .x | test.swift:472:11:472:15 | SSA def(z1) |
| test.swift:474:11:474:15 | SSA def(z2) | test.swift:475:15:475:15 | z2 |
| test.swift:474:20:474:23 | .x | test.swift:474:11:474:15 | SSA def(z2) |

161
swift/ql/test/library-tests/dataflow/dataflow/test.swift
View File

@@ -282,17 +282,46 @@ func test_optionals(y: Int?) {
sink(arg: y != nil ? y! : source()) // $ flow=282
if let z = x {
sink(arg: z) // $ MISSING: flow=259
sink(arg: z) // $ flow=259
}
if let z = y {
sink(arg: z)
}
if let z = x?.signum() { // $ MISSING: flow=259
sink(arg: z)
if let z = x?.signum() {
sink(arg: z) // $ flow=259
}
if let z = y?.signum() {
sink(arg: z)
}
guard let z1 = x else { return }
guard let z2 = y else { return }
sink(arg: z1) // $ flow=259
sink(arg: z2)
sink(arg: x!.signum()) // $ flow=259
sink(arg: y!.signum())
if case .some(let z) = x {
sink(arg: z) // $ flow=259
}
if case .some(let z) = y {
sink(arg: z)
}
switch x {
case .some(let z):
sink(arg: z) // $ MISSING: flow=259
case .none:
()
}
switch y {
case .some(let z):
sink(arg: z)
case .none:
()
}
}
func sink(arg: (Int, Int)) {}
@@ -303,7 +332,7 @@ func testTuples() {
sink(arg: t1)
sink(arg: t1.0)
sink(arg: t1.1) // $ flow=302
sink(arg: t1.1) // $ flow=331
t1.1 = 2
@@ -314,7 +343,7 @@ func testTuples() {
t1.0 = source()
sink(arg: t1)
sink(arg: t1.0) // $ flow=314
sink(arg: t1.0) // $ flow=343
sink(arg: t1.1)
}
@@ -324,14 +353,124 @@ func testTuples2() {
let (a, b, c) = t1
sink(arg: t1)
sink(arg: t1.x) // $ flow=322
sink(arg: t1.y) // $ flow=322
sink(arg: t1.x) // $ flow=351
sink(arg: t1.y) // $ flow=351
sink(arg: t1.z)
sink(arg: t2)
sink(arg: t2.x) // $ flow=322
sink(arg: t2.y) // $ flow=322
sink(arg: t2.x) // $ flow=351
sink(arg: t2.y) // $ flow=351
sink(arg: t2.z)
sink(arg: a) // $ MISSING: flow=322
sink(arg: b) // $ MISSING: flow=322
sink(arg: a) // $ MISSING: flow=351
sink(arg: b) // $ MISSING: flow=351
sink(arg: c)
}
enum MyEnum {
case myNone
case mySingle(Int)
case myPair(Int, Int)
}
func testEnums() {
let a : MyEnum = .myNone
switch a {
case .myNone:
()
case .mySingle(let a):
sink(arg: a)
case .myPair(let a, let b):
sink(arg: a)
sink(arg: b)
}
if case .mySingle(let x) = a {
sink(arg: x)
}
if case .myPair(let x, let y) = a {
sink(arg: x)
sink(arg: y)
}
let b : MyEnum = .mySingle(source())
switch b {
case .myNone:
()
case .mySingle(let a):
sink(arg: a) // $ MISSING: flow=395
case .myPair(let a, let b):
sink(arg: a)
sink(arg: b)
}
if case .mySingle(let x) = a {
sink(arg: x) // $ MISSING: flow=395
}
if case .myPair(let x, let y) = a {
sink(arg: x)
sink(arg: y)
}
let c = MyEnum.myPair(0, source())
switch c {
case .myNone:
()
case .mySingle(let a):
sink(arg: a)
case .myPair(let a, let b):
sink(arg: a)
sink(arg: b) // $ MISSING: flow=415
}
if case .mySingle(let x) = a {
sink(arg: x)
}
if case .myPair(let x, let y) = a {
sink(arg: x)
sink(arg: y) // $ MISSING: flow=415
}
}
func source2() -> (Int, Int)? { return nil }
func testOptionals2(y: Int?) {
let x = optionalSource()
if let a = x, let b = y {
sink(arg: a) // $ flow=259
sink(arg: b)
}
let tuple1 = (x, y)
switch tuple1 {
case (.some(let a), .some(let b)):
sink(arg: a) // $ MISSING: flow=259
sink(arg: b)
default:
()
}
if let (x, y) = source2() {
sink(arg: x) // (taint but not data flow)
sink(arg: y) // (taint but not data flow)
}
}
class C {
var x: Int?
}
func testOptionalPropertyAccess(y: Int?) {
let x = optionalSource()
let cx = C()
cx.x = x
let cy = C()
cy.x = y
guard let z1 = cx.x else { return }
sink(arg: z1) // $ flow=259
guard let z2 = cy.x else { return }
sink(arg: z2)
}

4
swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected
View File

@@ -1276,9 +1276,13 @@
| url.swift:102:46:102:46 | [post] urlTainted | url.swift:120:46:120:46 | urlTainted |
| url.swift:102:46:102:46 | urlTainted | url.swift:102:15:102:56 | call to URL.init(string:relativeTo:) |
| url.swift:102:46:102:46 | urlTainted | url.swift:120:46:120:46 | urlTainted |
| url.swift:104:5:104:9 | SSA def(x) | url.swift:105:13:105:13 | x |
| url.swift:104:13:104:30 | call to URL.init(string:) | url.swift:104:5:104:9 | SSA def(x) |
| url.swift:104:25:104:25 | [post] clean | url.swift:113:26:113:26 | clean |
| url.swift:104:25:104:25 | clean | url.swift:104:13:104:30 | call to URL.init(string:) |
| url.swift:104:25:104:25 | clean | url.swift:113:26:113:26 | clean |
| url.swift:108:5:108:9 | SSA def(y) | url.swift:109:13:109:13 | y |
| url.swift:108:13:108:32 | call to URL.init(string:) | url.swift:108:5:108:9 | SSA def(y) |
| url.swift:108:25:108:25 | [post] tainted | url.swift:117:28:117:28 | tainted |
| url.swift:108:25:108:25 | tainted | url.swift:108:13:108:32 | call to URL.init(string:) |
| url.swift:108:25:108:25 | tainted | url.swift:117:28:117:28 | tainted |

9
swift/ql/test/library-tests/dataflow/taint/Taint.expected
View File

@@ -326,6 +326,7 @@ edges
| url.swift:43:2:46:55 | [summary param] 0 in dataTask(with:completionHandler:) : | file://:0:0:0:0 | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) : |
| url.swift:57:16:57:23 | call to source() : | url.swift:59:31:59:31 | tainted : |
| url.swift:57:16:57:23 | call to source() : | url.swift:83:24:83:24 | tainted : |
| url.swift:57:16:57:23 | call to source() : | url.swift:108:25:108:25 | tainted : |
| url.swift:57:16:57:23 | call to source() : | url.swift:117:28:117:28 | tainted : |
| url.swift:59:19:59:38 | call to URL.init(string:) : | url.swift:62:12:62:12 | urlTainted |
| url.swift:59:19:59:38 | call to URL.init(string:) : | url.swift:64:12:64:23 | .absoluteURL |
@@ -419,6 +420,9 @@ edges
| url.swift:102:15:102:56 | call to URL.init(string:relativeTo:) : | url.swift:102:15:102:67 | ...! |
| url.swift:102:46:102:46 | urlTainted : | url.swift:9:2:9:43 | [summary param] 1 in URL.init(string:relativeTo:) : |
| url.swift:102:46:102:46 | urlTainted : | url.swift:102:15:102:56 | call to URL.init(string:relativeTo:) : |
| url.swift:108:13:108:32 | call to URL.init(string:) : | url.swift:109:13:109:13 | y |
| url.swift:108:25:108:25 | tainted : | url.swift:8:2:8:25 | [summary param] 0 in URL.init(string:) : |
| url.swift:108:25:108:25 | tainted : | url.swift:108:13:108:32 | call to URL.init(string:) : |
| url.swift:117:16:117:35 | call to URL.init(string:) : | url.swift:118:12:118:12 | ...! |
| url.swift:117:28:117:28 | tainted : | url.swift:8:2:8:25 | [summary param] 0 in URL.init(string:) : |
| url.swift:117:28:117:28 | tainted : | url.swift:117:16:117:35 | call to URL.init(string:) : |
@@ -1061,6 +1065,9 @@ nodes
| url.swift:102:15:102:56 | call to URL.init(string:relativeTo:) : | semmle.label | call to URL.init(string:relativeTo:) : |
| url.swift:102:15:102:67 | ...! | semmle.label | ...! |
| url.swift:102:46:102:46 | urlTainted : | semmle.label | urlTainted : |
| url.swift:108:13:108:32 | call to URL.init(string:) : | semmle.label | call to URL.init(string:) : |
| url.swift:108:25:108:25 | tainted : | semmle.label | tainted : |
| url.swift:109:13:109:13 | y | semmle.label | y |
| url.swift:117:16:117:35 | call to URL.init(string:) : | semmle.label | call to URL.init(string:) : |
| url.swift:117:28:117:28 | tainted : | semmle.label | tainted : |
| url.swift:118:12:118:12 | ...! | semmle.label | ...! |
@@ -1261,6 +1268,7 @@ subpaths
| url.swift:100:43:100:43 | urlTainted : | url.swift:9:2:9:43 | [summary param] 1 in URL.init(string:relativeTo:) : | file://:0:0:0:0 | [summary] to write: return (return) in URL.init(string:relativeTo:) : | url.swift:100:12:100:53 | call to URL.init(string:relativeTo:) : |
| url.swift:101:46:101:46 | urlTainted : | url.swift:9:2:9:43 | [summary param] 1 in URL.init(string:relativeTo:) : | file://:0:0:0:0 | [summary] to write: return (return) in URL.init(string:relativeTo:) : | url.swift:101:15:101:56 | call to URL.init(string:relativeTo:) : |
| url.swift:102:46:102:46 | urlTainted : | url.swift:9:2:9:43 | [summary param] 1 in URL.init(string:relativeTo:) : | file://:0:0:0:0 | [summary] to write: return (return) in URL.init(string:relativeTo:) : | url.swift:102:15:102:56 | call to URL.init(string:relativeTo:) : |
| url.swift:108:25:108:25 | tainted : | url.swift:8:2:8:25 | [summary param] 0 in URL.init(string:) : | file://:0:0:0:0 | [summary] to write: return (return) in URL.init(string:) : | url.swift:108:13:108:32 | call to URL.init(string:) : |
| url.swift:117:28:117:28 | tainted : | url.swift:8:2:8:25 | [summary param] 0 in URL.init(string:) : | file://:0:0:0:0 | [summary] to write: return (return) in URL.init(string:) : | url.swift:117:16:117:35 | call to URL.init(string:) : |
| webview.swift:84:10:84:10 | source : | webview.swift:36:5:36:41 | [summary param] this in toObject() : | file://:0:0:0:0 | [summary] to write: return (return) in toObject() : | webview.swift:84:10:84:26 | call to toObject() |
| webview.swift:85:10:85:10 | source : | webview.swift:37:5:37:55 | [summary param] this in toObjectOf(_:) : | file://:0:0:0:0 | [summary] to write: return (return) in toObjectOf(_:) : | webview.swift:85:10:85:41 | call to toObjectOf(_:) |
@@ -1422,6 +1430,7 @@ subpaths
| url.swift:100:12:100:56 | .standardizedFileURL | url.swift:57:16:57:23 | call to source() : | url.swift:100:12:100:56 | .standardizedFileURL | result |
| url.swift:101:15:101:63 | ...! | url.swift:57:16:57:23 | call to source() : | url.swift:101:15:101:63 | ...! | result |
| url.swift:102:15:102:67 | ...! | url.swift:57:16:57:23 | call to source() : | url.swift:102:15:102:67 | ...! | result |
| url.swift:109:13:109:13 | y | url.swift:57:16:57:23 | call to source() : | url.swift:109:13:109:13 | y | result |
| url.swift:118:12:118:12 | ...! | url.swift:57:16:57:23 | call to source() : | url.swift:118:12:118:12 | ...! | result |
| url.swift:121:15:121:19 | ...! | url.swift:57:16:57:23 | call to source() : | url.swift:121:15:121:19 | ...! | result |
| webview.swift:77:10:77:41 | .body | webview.swift:77:11:77:18 | call to source() : | webview.swift:77:10:77:41 | .body | result |

2
swift/ql/test/library-tests/dataflow/taint/url.swift
View File

@@ -106,7 +106,7 @@ func taintThroughURL() {
}
if let y = URL(string: tainted) {
sink(arg: y) // $ MISSING: tainted=57
sink(arg: y) // $ tainted=57
}
var urlClean2 : URL!

57
swift/ql/test/query-tests/Security/CWE-259/ConstantPassword.expected
View File

@@ -1,9 +1,46 @@
edges
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:77:89:77:89 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:78:56:78:56 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:80:89:80:89 | myMaybePassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:81:56:81:56 | myMaybePassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:91:39:91:39 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:92:37:92:37 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:93:39:93:39 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:94:37:94:37 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:96:68:96:68 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:97:68:97:68 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:98:68:98:68 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:100:89:100:89 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:101:97:101:97 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:102:89:102:89 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:103:97:103:97 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:105:32:105:32 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:107:61:107:61 | myConstPassword |
| rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:108:97:108:97 | myConstPassword |
| test.swift:43:39:43:134 | [...] : | test.swift:51:30:51:30 | constantPassword |
| test.swift:43:39:43:134 | [...] : | test.swift:56:40:56:40 | constantPassword |
| test.swift:43:39:43:134 | [...] : | test.swift:62:40:62:40 | constantPassword |
| test.swift:43:39:43:134 | [...] : | test.swift:67:34:67:34 | constantPassword |
nodes
| rncryptor.swift:69:24:69:24 | abc123 : | semmle.label | abc123 : |
| rncryptor.swift:77:89:77:89 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:78:56:78:56 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:80:89:80:89 | myMaybePassword | semmle.label | myMaybePassword |
| rncryptor.swift:81:56:81:56 | myMaybePassword | semmle.label | myMaybePassword |
| rncryptor.swift:91:39:91:39 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:92:37:92:37 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:93:39:93:39 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:94:37:94:37 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:96:68:96:68 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:97:68:97:68 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:98:68:98:68 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:100:89:100:89 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:101:97:101:97 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:102:89:102:89 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:103:97:103:97 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:105:32:105:32 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:107:61:107:61 | myConstPassword | semmle.label | myConstPassword |
| rncryptor.swift:108:97:108:97 | myConstPassword | semmle.label | myConstPassword |
| test.swift:43:39:43:134 | [...] : | semmle.label | [...] : |
| test.swift:51:30:51:30 | constantPassword | semmle.label | constantPassword |
| test.swift:56:40:56:40 | constantPassword | semmle.label | constantPassword |
@@ -11,7 +48,25 @@ nodes
| test.swift:67:34:67:34 | constantPassword | semmle.label | constantPassword |
subpaths
#select
| rncryptor.swift:77:89:77:89 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:77:89:77:89 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:78:56:78:56 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:78:56:78:56 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:80:89:80:89 | myMaybePassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:80:89:80:89 | myMaybePassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:81:56:81:56 | myMaybePassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:81:56:81:56 | myMaybePassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:91:39:91:39 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:91:39:91:39 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:92:37:92:37 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:92:37:92:37 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:93:39:93:39 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:93:39:93:39 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:94:37:94:37 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:94:37:94:37 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:96:68:96:68 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:96:68:96:68 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:97:68:97:68 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:97:68:97:68 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:98:68:98:68 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:98:68:98:68 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:100:89:100:89 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:100:89:100:89 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:101:97:101:97 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:101:97:101:97 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:102:89:102:89 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:102:89:102:89 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:103:97:103:97 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:103:97:103:97 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:105:32:105:32 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:105:32:105:32 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:107:61:107:61 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:107:61:107:61 | myConstPassword | The value 'abc123' is used as a constant password. |
| rncryptor.swift:108:97:108:97 | myConstPassword | rncryptor.swift:69:24:69:24 | abc123 : | rncryptor.swift:108:97:108:97 | myConstPassword | The value 'abc123' is used as a constant password. |
| test.swift:51:30:51:30 | constantPassword | test.swift:43:39:43:134 | [...] : | test.swift:51:30:51:30 | constantPassword | The value '[...]' is used as a constant password. |
| test.swift:56:40:56:40 | constantPassword | test.swift:43:39:43:134 | [...] : | test.swift:56:40:56:40 | constantPassword | The value '[...]' is used as a constant password. |
| test.swift:62:40:62:40 | constantPassword | test.swift:43:39:43:134 | [...] : | test.swift:62:40:62:40 | constantPassword | The value '[...]' is used as a constant password. |
| test.swift:67:34:67:34 | constantPassword | test.swift:43:39:43:134 | [...] : | test.swift:67:34:67:34 | constantPassword | The value '[...]' is used as a constant password. |
| test.swift:67:34:67:34 | constantPassword | test.swift:43:39:43:134 | [...] : | test.swift:67:34:67:34 | constantPassword | The value '[...]' is used as a constant password. |

109
swift/ql/test/query-tests/Security/CWE-259/rncryptor.swift Normal file
View File

@@ -0,0 +1,109 @@
// --- stubs ---
class Data {
init<S>(_ elements: S) {}
}
class NSObject
{
}
struct _RNCryptorSettings {
// ...
}
typealias RNCryptorSettings = _RNCryptorSettings
let kRNCryptorAES256Settings = RNCryptorSettings()
struct _RNCryptorKeyDerivationSettings {
// ...
}
typealias RNCryptorKeyDerivationSettings = _RNCryptorKeyDerivationSettings
typealias RNCryptorHandler = () -> Void // simplified
class RNCryptor : NSObject
{
func key(forPassword password: String?, salt: Data?, settings keySettings: RNCryptorKeyDerivationSettings) -> Data? { return nil }
func keyForPassword(_ password: String?, salt: Data?, settings keySettings: RNCryptorKeyDerivationSettings) -> Data? { return nil }
}
class RNEncryptor : RNCryptor
{
override init() {}
init(settings: RNCryptorSettings, password: String?, handler: RNCryptorHandler?) {}
init(settings: RNCryptorSettings, password: String, iv anIV: Data?, encryptionSalt anEncryptionSalt: Data?, hmacSalt anHMACSalt: Data?, handler: RNCryptorHandler?) {}
init(settings: RNCryptorSettings, password: String, IV anIV: Data?, encryptionSalt anEncryptionSalt: Data?, HMACSalt anHMACSalt: Data?, handler: RNCryptorHandler?) {}
func encryptData(_ data: Data?, with settings: RNCryptorSettings, password: String?) throws -> Data { return Data(0) }
func encryptData(_ data: Data?, withSettings settings: RNCryptorSettings, password: String?) throws -> Data { return Data(0) }
func encryptData(_ data: Data?, with settings: RNCryptorSettings, password: String?, iv anIV: Data?, encryptionSalt anEncryptionSalt: Data?, hmacSalt anHMACSalt: Data?) throws -> Data { return Data(0) }
func encryptData(_ data: Data?, withSettings settings: RNCryptorSettings, password: String?, IV anIV: Data?, encryptionSalt anEncryptionSalt: Data?, HMACSalt anHMACSalt: Data?) throws -> Data { return Data(0) }
}
class RNDecryptor : RNCryptor
{
override init() {}
init(password: String?, handler: RNCryptorHandler?) {}
func decryptData(_ data: Data?, withPassword password: String?) throws -> Data { return Data(0) }
func decryptData(_ theCipherText: Data?, withSettings settings: RNCryptorSettings, password aPassword: String?) throws -> Data { return Data(0) }
}
// --- tests ---
func getARandomPassword() -> String {
let charset = "abcdefghijklmnopqrstuvwxyz1234567890"
return String("............".map{_ in charset.randomElement()!})
}
func test(cond: Bool) {
let myEncryptor = RNEncryptor()
let myDecryptor = RNDecryptor()
let myData = Data(0)
let myRandomPassword = getARandomPassword()
let myConstPassword = "abc123"
let myMaybePassword = cond ? myRandomPassword : myConstPassword
// reasonable usage
let a = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myRandomPassword) // GOOD
let _ = try? myDecryptor.decryptData(a, withPassword: myRandomPassword) // GOOD
let b = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myConstPassword) // BAD
let _ = try? myDecryptor.decryptData(b, withPassword: myConstPassword) // BAD
let c = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myMaybePassword) // BAD
let _ = try? myDecryptor.decryptData(c, withPassword: myMaybePassword) // BAD
// all methods
let myKeyDerivationSettings = RNCryptorKeyDerivationSettings()
let myHandler = {}
let myIV = Data(0)
let mySalt = Data(0)
let mySalt2 = Data(0)
let _ = myEncryptor.key(forPassword: myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // BAD
let _ = myEncryptor.keyForPassword(myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // BAD
let _ = myDecryptor.key(forPassword: myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // BAD
let _ = myDecryptor.keyForPassword(myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // BAD
let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myConstPassword, handler: myHandler) // BAD
let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myConstPassword, iv: myIV, encryptionSalt: mySalt, hmacSalt: mySalt2, handler: myHandler) // BAD
let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myConstPassword, IV: myIV, encryptionSalt: mySalt, HMACSalt: mySalt2, handler: myHandler) // BAD
let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myConstPassword) // BAD
let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myConstPassword) // BAD
let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myConstPassword, iv: myIV, encryptionSalt: mySalt, hmacSalt: mySalt2) // BAD
let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myConstPassword, IV: myIV, encryptionSalt: mySalt, HMACSalt: mySalt2) // BAD
let _ = RNDecryptor(password: myConstPassword, handler: myHandler) // BAD
let _ = try? myDecryptor.decryptData(myData, withPassword: myConstPassword) // BAD
let _ = try? myDecryptor.decryptData(myData, withSettings: kRNCryptorAES256Settings, password: myConstPassword) // BAD
}