hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #14661 from geoffw0/commandinject4

Browse Source 
Swift: Fix defaultImplicitTaintRead on fields
This commit is contained in:
Mathias Vorreiter Pedersen
2023-11-08 15:52:18 +00:00
committed by GitHub
parent 6b434d10ce 48c3db2290
commit 68e7f84c23
4 changed files with 262 additions and 193 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
swift/ql/lib/codeql/swift/dataflow/internal/TaintTrackingPublic.qll
View File

@@ -32,8 +32,12 @@ predicate defaultImplicitTaintRead(DataFlow::Node node, DataFlow::ContentSet cs)
// So when the node is a `PostUpdateNode` we allow any sequence of implicit read steps of an appropriate
// type to make sure we arrive at the sink with an empty access path.
exists(NominalTypeDecl d, Decl cx |
node.(DataFlow::PostUpdateNode).getPreUpdateNode().asExpr().getType().getUnderlyingType() =
d.getType().getABaseType*() and
node.(DataFlow::PostUpdateNode)
.getPreUpdateNode()
.asExpr()
.getType()
.getUnderlyingType()
.getABaseType*() = d.getType() and
cx.asNominalTypeDecl() = d and
cs.getAReadContent().(DataFlow::Content::FieldContent).getField() = cx.getAMember()
)