Swift: add tests for flow through constructors

2026-04-26 01:05:15 +02:00 · 2023-03-06 20:39:58 +00:00
parent f3f5f6eacf
commit 9731989421
5 changed files with 63 additions and 1 deletions
--- a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
+++ b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
@@ -155,6 +155,13 @@ edges
 | test.swift:472:20:472:20 | cx [x] :  | test.swift:472:20:472:23 | .x :  |
 | test.swift:472:20:472:23 | .x :  | test.swift:473:15:473:15 | z1 |
 | test.swift:479:14:479:21 | call to source() :  | test.swift:479:13:479:21 | call to +(_:) |
+| test.swift:489:10:489:13 | s :  | test.swift:490:13:490:13 | s :  |
+| test.swift:490:7:490:7 | [post] self [str] :  | test.swift:489:5:491:5 | self[return] [str] :  |
+| test.swift:490:13:490:13 | s :  | test.swift:490:7:490:7 | [post] self [str] :  |
+| test.swift:496:7:496:7 | [post] self [str] :  | test.swift:497:17:497:17 | self [str] :  |
+| test.swift:496:20:496:28 | call to source3() :  | test.swift:489:10:489:13 | s :  |
+| test.swift:496:20:496:28 | call to source3() :  | test.swift:496:7:496:7 | [post] self [str] :  |
+| test.swift:497:17:497:17 | self [str] :  | test.swift:497:17:497:17 | .str |
 nodes
 | file://:0:0:0:0 | .a [x] :  | semmle.label | .a [x] :  |
 | file://:0:0:0:0 | .x :  | semmle.label | .x :  |
@@ -328,6 +335,14 @@ nodes
 | test.swift:479:13:479:21 | call to +(_:) | semmle.label | call to +(_:) |
 | test.swift:479:14:479:21 | call to source() :  | semmle.label | call to source() :  |
 | test.swift:480:14:480:21 | call to source() | semmle.label | call to source() |
+| test.swift:489:5:491:5 | self[return] [str] :  | semmle.label | self[return] [str] :  |
+| test.swift:489:10:489:13 | s :  | semmle.label | s :  |
+| test.swift:490:7:490:7 | [post] self [str] :  | semmle.label | [post] self [str] :  |
+| test.swift:490:13:490:13 | s :  | semmle.label | s :  |
+| test.swift:496:7:496:7 | [post] self [str] :  | semmle.label | [post] self [str] :  |
+| test.swift:496:20:496:28 | call to source3() :  | semmle.label | call to source3() :  |
+| test.swift:497:17:497:17 | .str | semmle.label | .str |
+| test.swift:497:17:497:17 | self [str] :  | semmle.label | self [str] :  |
 subpaths
 | test.swift:75:21:75:22 | &... :  | test.swift:65:16:65:28 | arg1 :  | test.swift:65:1:70:1 | arg2[return] :  | test.swift:75:31:75:32 | [post] &... :  |
 | test.swift:114:19:114:19 | arg :  | test.swift:109:9:109:14 | arg :  | test.swift:110:12:110:12 | arg :  | test.swift:114:12:114:22 | call to ... :  |
@@ -360,6 +375,8 @@ subpaths
 | test.swift:303:15:303:16 | ...! :  | file://:0:0:0:0 | [summary param] this in signum() :  | file://:0:0:0:0 | [summary] to write: return (return) in signum() :  | test.swift:303:15:303:25 | call to signum() |
 | test.swift:468:12:468:12 | x :  | test.swift:462:9:462:9 | value :  | file://:0:0:0:0 | [post] self [x] :  | test.swift:468:5:468:5 | [post] cx [x] :  |
 | test.swift:472:20:472:20 | cx [x] :  | test.swift:462:9:462:9 | self [x] :  | file://:0:0:0:0 | .x :  | test.swift:472:20:472:23 | .x :  |
+| test.swift:496:20:496:28 | call to source3() :  | test.swift:489:10:489:13 | s :  | test.swift:489:5:491:5 | self[return] [str] :  | test.swift:496:7:496:7 | [post] self [str] :  |
+| test.swift:496:20:496:28 | call to source3() :  | test.swift:489:10:489:13 | s :  | test.swift:490:7:490:7 | [post] self [str] :  | test.swift:496:7:496:7 | [post] self [str] :  |
 #select
 | test.swift:7:15:7:15 | t1 | test.swift:6:19:6:26 | call to source() :  | test.swift:7:15:7:15 | t1 | result |
 | test.swift:9:15:9:15 | t1 | test.swift:6:19:6:26 | call to source() :  | test.swift:9:15:9:15 | t1 | result |
@@ -414,3 +431,4 @@ subpaths
 | test.swift:473:15:473:15 | z1 | test.swift:259:12:259:19 | call to source() :  | test.swift:473:15:473:15 | z1 | result |
 | test.swift:479:13:479:21 | call to +(_:) | test.swift:479:14:479:21 | call to source() :  | test.swift:479:13:479:21 | call to +(_:) | result |
 | test.swift:480:14:480:21 | call to source() | test.swift:480:14:480:21 | call to source() | test.swift:480:14:480:21 | call to source() | result |
+| test.swift:497:17:497:17 | .str | test.swift:496:20:496:28 | call to source3() :  | test.swift:497:17:497:17 | .str | result |
--- a/swift/ql/test/library-tests/dataflow/dataflow/DataFlowInline.expected
+++ b/swift/ql/test/library-tests/dataflow/dataflow/DataFlowInline.expected
@@ -0,0 +1 @@
+| test.swift:497:17:497:17 | .str | Unexpected result: flow=496 |
--- a/swift/ql/test/library-tests/dataflow/dataflow/FlowConfig.qll
+++ b/swift/ql/test/library-tests/dataflow/dataflow/FlowConfig.qll
@@ -15,7 +15,7 @@ class TestConfiguration extends DataFlow::Configuration {

  override predicate isSink(DataFlow::Node sink) {
    exists(CallExpr sinkCall |
-      sinkCall.getStaticTarget().getName() = ["sink(arg:)", "sink(opt:)"] and
+      sinkCall.getStaticTarget().getName() = ["sink(arg:)", "sink(opt:)", "sink(str:)"] and
      sinkCall.getAnArgument().getExpr() = sink.asExpr()
    )
  }
--- a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
+++ b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
@@ -391,3 +391,23 @@
 | test.swift:474:11:474:15 | SSA def(z2) | test.swift:475:15:475:15 | z2 |
 | test.swift:474:20:474:23 | .x | test.swift:474:11:474:15 | SSA def(z2) |
 | test.swift:479:14:479:21 | call to source() | test.swift:479:13:479:21 | call to +(_:) |
+| test.swift:487:7:487:7 | SSA def(self) | test.swift:487:7:487:7 | self[return] |
+| test.swift:487:7:487:7 | self | test.swift:487:7:487:7 | SSA def(self) |
+| test.swift:488:9:488:9 | self | test.swift:488:9:488:9 | SSA def(self) |
+| test.swift:488:9:488:9 | self | test.swift:488:9:488:9 | SSA def(self) |
+| test.swift:488:9:488:9 | self | test.swift:488:9:488:9 | SSA def(self) |
+| test.swift:488:9:488:9 | value | test.swift:488:9:488:9 | SSA def(value) |
+| test.swift:489:5:489:5 | SSA def(self) | test.swift:490:7:490:7 | self |
+| test.swift:489:5:489:5 | self | test.swift:489:5:489:5 | SSA def(self) |
+| test.swift:489:10:489:13 | SSA def(s) | test.swift:490:13:490:13 | s |
+| test.swift:489:10:489:13 | s | test.swift:489:10:489:13 | SSA def(s) |
+| test.swift:490:7:490:7 | [post] self | test.swift:489:5:491:5 | self[return] |
+| test.swift:490:7:490:7 | self | test.swift:489:5:491:5 | self[return] |
+| test.swift:495:17:495:17 | SSA def(self) | test.swift:496:7:496:7 | self |
+| test.swift:495:17:495:17 | self | test.swift:495:17:495:17 | SSA def(self) |
+| test.swift:496:7:496:7 | [post] self | test.swift:497:17:497:17 | self |
+| test.swift:496:7:496:7 | self | test.swift:497:17:497:17 | self |
+| test.swift:497:17:497:17 | [post] self | test.swift:495:17:498:5 | self[return] |
+| test.swift:497:17:497:17 | self | test.swift:495:17:498:5 | self[return] |
+| test.swift:501:21:501:27 | SSA def(path) | test.swift:503:37:503:37 | path |
+| test.swift:501:21:501:27 | path | test.swift:501:21:501:27 | SSA def(path) |
--- a/swift/ql/test/library-tests/dataflow/dataflow/test.swift
+++ b/swift/ql/test/library-tests/dataflow/dataflow/test.swift
@@ -479,3 +479,26 @@ func testIdentityArithmetic() {
  sink(arg: +source()) // $ flow=479
  sink(arg: (source())) // $ flow=480
 }
+
+func sink(str: String) {}
+
+func source3() -> String { return "" }
+
+class MyClass {
+    var str: String
+    init(s: String) {
+      str = s
+    }
+}
+
+extension MyClass {
+    convenience init(contentsOfFile: String) {
+      self.init(s: source3()) // taint should flow from the source String(contentsOfFile:) into MyClass
+      sink(str: str)
+    }
+}
+
+func extensionInits(path: String) {
+  sink(str: MyClass(s: source3()).str)
+  sink(str: MyClass(contentsOfFile: path).str)
+}
				`@@ -0,0 +1 @@`
				`\| test.swift:497:17:497:17 \| .str \| Unexpected result: flow=496 \|`