hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12307 from geoffw0/stringconflationtaint

Browse Source 
Swift: Update swift/string-length-conflation to taint tracking
This commit is contained in:
Geoffrey White
2023-03-03 17:27:15 +00:00
committed by GitHub
parent d4e02eb846 cb8f5979d1
commit 9aaf30691c
1 changed files with 2 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
swift/ql/src/queries/Security/CWE-135/StringLengthConflation.ql
View File

@@ -12,6 +12,7 @@
import swift
import codeql.swift.dataflow.DataFlow
import codeql.swift.dataflow.TaintTracking
import DataFlow::PathGraph
/**
@@ -52,7 +53,7 @@ class StringLengthConflationFlowState extends string {
* a `String` or an `NSString` object, to a sink of a different kind that
* expects an incompatible measure of length.
*/
class StringLengthConflationConfiguration extends DataFlow::Configuration {
class StringLengthConflationConfiguration extends TaintTracking::Configuration {
StringLengthConflationConfiguration() { this = "StringLengthConflationConfiguration" }
override predicate isSource(DataFlow::Node node, string flowstate) {
@@ -177,11 +178,6 @@ class StringLengthConflationConfiguration extends DataFlow::Configuration {
correctFlowState.(StringLengthConflationFlowState).getEquivClass()
)
}
override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
// allow flow through `+`, `-`, `*` etc.
node2.asExpr().(ArithmeticOperation).getAnOperand() = node1.asExpr()
}
}
from