hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 02:35:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Swift: Port the qhelp examples to Swift.

Browse Source
This commit is contained in:
Geoffrey White
2023-10-27 12:42:59 +01:00
parent 9a95b9bcda
commit 7cf5210063
5 changed files with 24 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
swift/ql/src/queries/Security/CWE-020/MissingRegexAnchor.qhelp
View File

@@ -42,7 +42,7 @@
</p>
<sample src="examples/MissingRegExpAnchor_BAD.js"/>
<sample src="examples/MissingRegExpAnchorBad.swift"/>
<p>
@@ -54,7 +54,7 @@
</p>
<sample src="examples/MissingRegExpAnchor_GOOD.js"/>
<sample src="examples/MissingRegExpAnchorGood.swift"/>
<p>

11
swift/ql/src/queries/Security/CWE-020/MissingRegexAnchorBad.swift Normal file
View File

@@ -0,0 +1,11 @@
func handleUrl(_ urlString: String) {
// get the 'url=' parameter from the URL
let components = URLComponents(string: urlString)
let redirectParam = components?.queryItems?.first(where: { $0.name == "url" })
// check we trust the host
let regex = try Regex(#"https?://www\.example\.com"#) // BAD: the host of `url` may be controlled by an attacker
if let match = redirectParam?.value?.firstMatch(of: regex) {
// ... trust the URL ...
}
}

11
swift/ql/src/queries/Security/CWE-020/MissingRegexAnchorGood.swift Normal file
View File

@@ -0,0 +1,11 @@
func handleUrl(_ urlString: String) {
// get the 'url=' parameter from the URL
let components = URLComponents(string: urlString)
let redirectParam = components?.queryItems?.first(where: { $0.name == "url" })
// check we trust the host
let regex = try Regex(#"^https?://www\.example\.com"#) // GOOD: the host of `url` can not be controlled by an attacker
if let match = redirectParam?.value?.firstMatch(of: regex) {
// ... trust the URL ...
}
}

7
swift/ql/src/queries/Security/CWE-020/MissingRegexAnchor_BAD.js
View File

@@ -1,7 +0,0 @@
app.get("/some/path", function(req, res) {
let url = req.param("url");
// BAD: the host of `url` may be controlled by an attacker
if (url.match(/https?:\/\/www\.example\.com\//)) {
res.redirect(url);
}
});

7
swift/ql/src/queries/Security/CWE-020/MissingRegexAnchor_GOOD.js
View File

@@ -1,7 +0,0 @@
app.get("/some/path", function(req, res) {
let url = req.param("url");
// GOOD: the host of `url` can not be controlled by an attacker
if (url.match(/^https?:\/\/www\.example\.com\//)) {
res.redirect(url);
}
});