hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Swift: fixes around DictionaryContent

Browse Source
This commit is contained in:
Robert Marsh
2023-08-15 19:34:27 +00:00
parent a9f5471e76
commit 79368c187c
4 changed files with 59 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
View File

@@ -747,24 +747,26 @@ predicate storeStep(Node node1, ContentSet c, Node node2) {
c.isSingleton(any(Content::ArrayContent ac))
)
or
// read of a dictionary value via subscript operator, with intermediate step
// assignment to a dictionary value via subscript operator, with intermediate step
// `dict[key] = value`
exists(AssignExpr assign, SubscriptExpr subscript |
subscript = assign.getDest() and
(
subscript.getArgument(0).getExpr() = node1.asExpr() and
node2.(DictionarySubscriptNode).getExpr() = subscript and
c.isSingleton(any(Content::TupleContent tc | tc.getIndex() = 1))
c.isSingleton(any(Content::TupleContent tc | tc.getIndex() = 0))
or
assign.getSource() = node1.asExpr() and
node2.(DictionarySubscriptNode).getExpr() = subscript and
c.isSingleton(any(Content::TupleContent tc | tc.getIndex() = 1))
or
node1.(DictionarySubscriptNode) = node1 and
node2.asExpr() = subscript and
node1.(DictionarySubscriptNode).getExpr() = subscript and
node2.(PostUpdateNode).getPreUpdateNode().asExpr() = subscript.getBase() and
c.isSingleton(any(Content::CollectionContent cc))
)
)
or
// creation of a dictionary `[key: value, ...]`
exists(DictionaryExpr dict |
node1.asExpr() = dict.getAnElement() and
node2.asExpr() = dict and
@@ -872,7 +874,11 @@ predicate readStep(Node node1, ContentSet c, Node node2) {
* in `x.f = newValue`.
*/
predicate clearsContent(Node n, ContentSet c) {
n = any(PostUpdateNode pun | storeStep(_, c, pun)).getPreUpdateNode()
n = any(PostUpdateNode pun | storeStep(_, c, pun)).getPreUpdateNode() and
(
c.isSingleton(any(Content::FieldContent fc)) or
c.isSingleton(any(Content::TupleContent tc))
)
}
/**

2
swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Array.qll
View File

@@ -9,7 +9,7 @@ private import codeql.swift.dataflow.ExternalFlow
* An instance of the `Array` type.
*/
class ArrayType extends Type {
ArrayType() { this.getName().matches("Array<%") or this.getName().matches("[%]") }
ArrayType() { this.getCanonicalType().getName().matches("Array<%") }
}
/**

49
swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
View File

@@ -404,25 +404,42 @@ edges
| test.swift:756:15:756:19 | .v2 [some:0] | test.swift:756:15:756:21 | ...! |
| test.swift:757:15:757:15 | mo1 [v3] | test.swift:732:9:732:9 | self [v3] |
| test.swift:757:15:757:15 | mo1 [v3] | test.swift:757:15:757:19 | .v3 |
| test.swift:767:5:767:5 | [post] dict1 [Array element] | test.swift:769:15:769:15 | dict1 [Array element] |
| test.swift:767:16:767:23 | call to source() | test.swift:767:5:767:5 | [post] dict1 [Array element] |
| test.swift:769:15:769:15 | dict1 [Array element] | test.swift:769:15:769:22 | ...[...] |
| test.swift:767:5:767:5 | [post] dict1 [Collection element, Tuple element at index 1] | test.swift:769:15:769:15 | dict1 [Collection element, Tuple element at index 1] |
| test.swift:767:5:767:12 | DictionarySubscriptNode [Tuple element at index 1] | test.swift:767:5:767:5 | [post] dict1 [Collection element, Tuple element at index 1] |
| test.swift:767:16:767:23 | call to source() | test.swift:767:5:767:12 | DictionarySubscriptNode [Tuple element at index 1] |
| test.swift:769:15:769:15 | dict1 [Collection element, Tuple element at index 1] | test.swift:769:15:769:22 | DictionarySubscriptNode [Tuple element at index 1] |
| test.swift:769:15:769:22 | DictionarySubscriptNode [Tuple element at index 1] | test.swift:769:15:769:22 | ...[...] |
| test.swift:779:17:779:29 | [...] [Collection element, Tuple element at index 1] | test.swift:780:15:780:15 | dict3 [Collection element, Tuple element at index 1] |
| test.swift:779:17:779:29 | [...] [Collection element, Tuple element at index 1] | test.swift:782:5:782:5 | dict3 [Collection element, Tuple element at index 1] |
| test.swift:779:17:779:29 | [...] [Collection element, Tuple element at index 1] | test.swift:785:15:785:15 | dict3 [Collection element, Tuple element at index 1] |
| test.swift:779:18:779:28 | (...) [Tuple element at index 1] | test.swift:779:17:779:29 | [...] [Collection element, Tuple element at index 1] |
| test.swift:779:21:779:28 | call to source() | test.swift:779:18:779:28 | (...) [Tuple element at index 1] |
| test.swift:780:15:780:15 | dict3 [Collection element, Tuple element at index 1] | test.swift:780:15:780:22 | DictionarySubscriptNode [Tuple element at index 1] |
| test.swift:780:15:780:22 | DictionarySubscriptNode [Tuple element at index 1] | test.swift:780:15:780:22 | ...[...] |
| test.swift:782:5:782:5 | dict3 [Collection element, Tuple element at index 1] | test.swift:785:15:785:15 | dict3 [Collection element, Tuple element at index 1] |
| test.swift:782:5:782:5 | [post] dict3 [Collection element, Tuple element at index 0] | test.swift:784:15:784:15 | dict3 [Collection element, Tuple element at index 0] |
| test.swift:782:5:782:5 | [post] dict3 [Collection element, Tuple element at index 1] | test.swift:785:15:785:15 | dict3 [Collection element, Tuple element at index 1] |
| test.swift:782:5:782:5 | dict3 [Collection element, Tuple element at index 1] | test.swift:782:5:782:19 | DictionarySubscriptNode [Tuple element at index 1] |
| test.swift:782:5:782:19 | DictionarySubscriptNode [Tuple element at index 0] | test.swift:782:5:782:5 | [post] dict3 [Collection element, Tuple element at index 0] |
| test.swift:782:5:782:19 | DictionarySubscriptNode [Tuple element at index 1] | test.swift:782:5:782:5 | [post] dict3 [Collection element, Tuple element at index 1] |
| test.swift:782:11:782:18 | call to source() | test.swift:782:5:782:19 | DictionarySubscriptNode [Tuple element at index 0] |
| test.swift:784:15:784:15 | dict3 [Collection element, Tuple element at index 0] | test.swift:784:15:784:35 | call to randomElement() [some:0, Tuple element at index 0] |
| test.swift:784:15:784:35 | call to randomElement() [some:0, Tuple element at index 0] | test.swift:784:15:784:36 | ...! [Tuple element at index 0] |
| test.swift:784:15:784:36 | ...! [Tuple element at index 0] | test.swift:784:15:784:38 | .0 |
| test.swift:785:15:785:15 | dict3 [Collection element, Tuple element at index 1] | test.swift:785:15:785:35 | call to randomElement() [some:0, Tuple element at index 1] |
| test.swift:785:15:785:35 | call to randomElement() [some:0, Tuple element at index 1] | test.swift:785:15:785:36 | ...! [Tuple element at index 1] |
| test.swift:785:15:785:36 | ...! [Tuple element at index 1] | test.swift:785:15:785:38 | .1 |
| test.swift:792:17:792:28 | [...] [Collection element, Tuple element at index 1] | test.swift:793:15:793:15 | dict4 [Collection element, Tuple element at index 1] |
| test.swift:792:17:792:28 | [...] [Collection element, Tuple element at index 1] | test.swift:794:15:794:15 | dict4 [Collection element, Tuple element at index 1] |
| test.swift:792:17:792:28 | [...] [Collection element, Tuple element at index 1] | test.swift:796:15:796:15 | dict4 [Collection element, Tuple element at index 1] |
| test.swift:792:18:792:27 | (...) [Tuple element at index 1] | test.swift:792:17:792:28 | [...] [Collection element, Tuple element at index 1] |
| test.swift:792:20:792:27 | call to source() | test.swift:792:18:792:27 | (...) [Tuple element at index 1] |
| test.swift:793:15:793:15 | [post] dict4 [Collection element, Tuple element at index 0] | test.swift:795:15:795:15 | dict4 [Collection element, Tuple element at index 0] |
| test.swift:793:15:793:15 | dict4 [Collection element, Tuple element at index 1] | test.swift:793:15:793:52 | call to updateValue(_:forKey:) [some:0] |
| test.swift:793:15:793:52 | call to updateValue(_:forKey:) [some:0] | test.swift:793:15:793:53 | ...! |
| test.swift:793:44:793:51 | call to source() | test.swift:793:15:793:15 | [post] dict4 [Collection element, Tuple element at index 0] |
| test.swift:794:15:794:15 | [post] dict4 [Collection element, Tuple element at index 1] | test.swift:796:15:796:15 | dict4 [Collection element, Tuple element at index 1] |
| test.swift:794:15:794:15 | dict4 [Collection element, Tuple element at index 1] | test.swift:794:15:794:52 | call to updateValue(_:forKey:) [some:0] |
| test.swift:794:15:794:52 | call to updateValue(_:forKey:) [some:0] | test.swift:794:15:794:53 | ...! |
| test.swift:794:33:794:40 | call to source() | test.swift:794:15:794:15 | [post] dict4 [Collection element, Tuple element at index 1] |
| test.swift:795:15:795:15 | dict4 [Collection element, Tuple element at index 0] | test.swift:795:15:795:35 | call to randomElement() [some:0, Tuple element at index 0] |
| test.swift:795:15:795:35 | call to randomElement() [some:0, Tuple element at index 0] | test.swift:795:15:795:36 | ...! [Tuple element at index 0] |
@@ -875,17 +892,28 @@ nodes
| test.swift:756:15:756:21 | ...! | semmle.label | ...! |
| test.swift:757:15:757:15 | mo1 [v3] | semmle.label | mo1 [v3] |
| test.swift:757:15:757:19 | .v3 | semmle.label | .v3 |
| test.swift:767:5:767:5 | [post] dict1 [Array element] | semmle.label | [post] dict1 [Array element] |
| test.swift:767:5:767:5 | [post] dict1 [Collection element, Tuple element at index 1] | semmle.label | [post] dict1 [Collection element, Tuple element at index 1] |
| test.swift:767:5:767:12 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test.swift:767:16:767:23 | call to source() | semmle.label | call to source() |
| test.swift:769:15:769:15 | dict1 [Array element] | semmle.label | dict1 [Array element] |
| test.swift:769:15:769:15 | dict1 [Collection element, Tuple element at index 1] | semmle.label | dict1 [Collection element, Tuple element at index 1] |
| test.swift:769:15:769:22 | ...[...] | semmle.label | ...[...] |
| test.swift:769:15:769:22 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test.swift:779:17:779:29 | [...] [Collection element, Tuple element at index 1] | semmle.label | [...] [Collection element, Tuple element at index 1] |
| test.swift:779:18:779:28 | (...) [Tuple element at index 1] | semmle.label | (...) [Tuple element at index 1] |
| test.swift:779:21:779:28 | call to source() | semmle.label | call to source() |
| test.swift:780:15:780:15 | dict3 [Collection element, Tuple element at index 1] | semmle.label | dict3 [Collection element, Tuple element at index 1] |
| test.swift:780:15:780:22 | ...[...] | semmle.label | ...[...] |
| test.swift:780:15:780:22 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test.swift:782:5:782:5 | [post] dict3 [Collection element, Tuple element at index 0] | semmle.label | [post] dict3 [Collection element, Tuple element at index 0] |
| test.swift:782:5:782:5 | [post] dict3 [Collection element, Tuple element at index 1] | semmle.label | [post] dict3 [Collection element, Tuple element at index 1] |
| test.swift:782:5:782:5 | dict3 [Collection element, Tuple element at index 1] | semmle.label | dict3 [Collection element, Tuple element at index 1] |
| test.swift:782:5:782:19 | DictionarySubscriptNode [Tuple element at index 0] | semmle.label | DictionarySubscriptNode [Tuple element at index 0] |
| test.swift:782:5:782:19 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test.swift:782:11:782:18 | call to source() | semmle.label | call to source() |
| test.swift:784:15:784:15 | dict3 [Collection element, Tuple element at index 0] | semmle.label | dict3 [Collection element, Tuple element at index 0] |
| test.swift:784:15:784:35 | call to randomElement() [some:0, Tuple element at index 0] | semmle.label | call to randomElement() [some:0, Tuple element at index 0] |
| test.swift:784:15:784:36 | ...! [Tuple element at index 0] | semmle.label | ...! [Tuple element at index 0] |
| test.swift:784:15:784:38 | .0 | semmle.label | .0 |
| test.swift:785:15:785:15 | dict3 [Collection element, Tuple element at index 1] | semmle.label | dict3 [Collection element, Tuple element at index 1] |
| test.swift:785:15:785:35 | call to randomElement() [some:0, Tuple element at index 1] | semmle.label | call to randomElement() [some:0, Tuple element at index 1] |
| test.swift:785:15:785:36 | ...! [Tuple element at index 1] | semmle.label | ...! [Tuple element at index 1] |
@@ -894,8 +922,14 @@ nodes
| test.swift:792:18:792:27 | (...) [Tuple element at index 1] | semmle.label | (...) [Tuple element at index 1] |
| test.swift:792:20:792:27 | call to source() | semmle.label | call to source() |
| test.swift:793:15:793:15 | [post] dict4 [Collection element, Tuple element at index 0] | semmle.label | [post] dict4 [Collection element, Tuple element at index 0] |
| test.swift:793:15:793:15 | dict4 [Collection element, Tuple element at index 1] | semmle.label | dict4 [Collection element, Tuple element at index 1] |
| test.swift:793:15:793:52 | call to updateValue(_:forKey:) [some:0] | semmle.label | call to updateValue(_:forKey:) [some:0] |
| test.swift:793:15:793:53 | ...! | semmle.label | ...! |
| test.swift:793:44:793:51 | call to source() | semmle.label | call to source() |
| test.swift:794:15:794:15 | [post] dict4 [Collection element, Tuple element at index 1] | semmle.label | [post] dict4 [Collection element, Tuple element at index 1] |
| test.swift:794:15:794:15 | dict4 [Collection element, Tuple element at index 1] | semmle.label | dict4 [Collection element, Tuple element at index 1] |
| test.swift:794:15:794:52 | call to updateValue(_:forKey:) [some:0] | semmle.label | call to updateValue(_:forKey:) [some:0] |
| test.swift:794:15:794:53 | ...! | semmle.label | ...! |
| test.swift:794:33:794:40 | call to source() | semmle.label | call to source() |
| test.swift:795:15:795:15 | dict4 [Collection element, Tuple element at index 0] | semmle.label | dict4 [Collection element, Tuple element at index 0] |
| test.swift:795:15:795:35 | call to randomElement() [some:0, Tuple element at index 0] | semmle.label | call to randomElement() [some:0, Tuple element at index 0] |
@@ -1054,7 +1088,10 @@ subpaths
| test.swift:757:15:757:19 | .v3 | test.swift:747:14:747:21 | call to source() | test.swift:757:15:757:19 | .v3 | result |
| test.swift:769:15:769:22 | ...[...] | test.swift:767:16:767:23 | call to source() | test.swift:769:15:769:22 | ...[...] | result |
| test.swift:780:15:780:22 | ...[...] | test.swift:779:21:779:28 | call to source() | test.swift:780:15:780:22 | ...[...] | result |
| test.swift:784:15:784:38 | .0 | test.swift:782:11:782:18 | call to source() | test.swift:784:15:784:38 | .0 | result |
| test.swift:785:15:785:38 | .1 | test.swift:779:21:779:28 | call to source() | test.swift:785:15:785:38 | .1 | result |
| test.swift:793:15:793:53 | ...! | test.swift:792:20:792:27 | call to source() | test.swift:793:15:793:53 | ...! | result |
| test.swift:794:15:794:53 | ...! | test.swift:792:20:792:27 | call to source() | test.swift:794:15:794:53 | ...! | result |
| test.swift:795:15:795:38 | .0 | test.swift:793:44:793:51 | call to source() | test.swift:795:15:795:38 | .0 | result |
| test.swift:796:15:796:38 | .1 | test.swift:792:20:792:27 | call to source() | test.swift:796:15:796:38 | .1 | result |
| test.swift:796:15:796:38 | .1 | test.swift:794:33:794:40 | call to source() | test.swift:796:15:796:38 | .1 | result |

8
swift/ql/test/library-tests/dataflow/dataflow/test.swift
View File

@@ -781,8 +781,8 @@ func testDictionary() {
dict3[source()] = 2
sink(arg: dict3.randomElement()!.0) // $ MISSING: flow=779
sink(arg: dict3.randomElement()!.1) // $ SPURIOUS: flow=779 MISSING: flow=782
sink(arg: dict3.randomElement()!.0) // $ flow=782
sink(arg: dict3.randomElement()!.1) // $ flow=779
for (key, value) in dict3 {
sink(arg: key) // $ MISSING: flow=782
@@ -790,8 +790,8 @@ func testDictionary() {
}
var dict4 = [1:source()]
sink(arg: dict4.updateValue(1, forKey: source())!)
sink(arg: dict4.updateValue(source(), forKey: 2)!)
sink(arg: dict4.updateValue(1, forKey: source())!) // $ flow=792
sink(arg: dict4.updateValue(source(), forKey: 2)!) // $ SPURIOUS: flow=792
sink(arg: dict4.randomElement()!.0) // $ flow=793
sink(arg: dict4.randomElement()!.1) // $ flow=792 flow=794
sink(arg: dict4.keys.randomElement()) // $ MISSING: flow=793