From ad05cc3cb1533a56710bcaa5fd762f712b670ba9 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Thu, 1 Dec 2022 17:46:43 +0000
Subject: [PATCH] Swift: Separate out a FormatString library as well.

---
 swift/ql/lib/codeql/swift/FormatString.qll    | 74 +++++++++++++++++++
 .../UncontrolledFormatStringQuery.qll         | 70 +-----------------
 2 files changed, 75 insertions(+), 69 deletions(-)
 create mode 100644 swift/ql/lib/codeql/swift/FormatString.qll

diff --git a/swift/ql/lib/codeql/swift/FormatString.qll b/swift/ql/lib/codeql/swift/FormatString.qll
new file mode 100644
index 00000000000..4dbb127fc69
--- /dev/null
+++ b/swift/ql/lib/codeql/swift/FormatString.qll
@@ -0,0 +1,74 @@
+/**
+ * Provides classes and predicates for reasoning about string formatting.
+ */
+ 
+import swift
+
+/**
+ * A function that takes a `printf` style format argument.
+ */
+abstract class FormattingFunction extends AbstractFunctionDecl {
+  /**
+   * Gets the position of the format argument.
+   */
+  abstract int getFormatParameterIndex();
+}
+
+/**
+ * A call to a function that takes a `printf` style format argument.
+ */
+class FormattingFunctionCall extends CallExpr {
+  FormattingFunction target;
+
+  FormattingFunctionCall() { target = this.getStaticTarget() }
+
+  /**
+   * Gets the format expression used in this call.
+   */
+  Expr getFormat() { result = this.getArgument(target.getFormatParameterIndex()).getExpr() }
+}
+
+/**
+ * An initializer for `String`, `NSString` or `NSMutableString` that takes a
+ * `printf` style format argument.
+ */
+class StringInitWithFormat extends FormattingFunction, MethodDecl {
+  StringInitWithFormat() {
+    exists(string fName |
+      this.hasQualifiedName(["String", "NSString", "NSMutableString"], fName) and
+      fName.matches("init(format:%")
+    )
+  }
+
+  override int getFormatParameterIndex() { result = 0 }
+}
+
+/**
+ * The `localizedStringWithFormat` method of `String`, `NSString` and `NSMutableString`.
+ */
+class LocalizedStringWithFormat extends FormattingFunction, MethodDecl {
+  LocalizedStringWithFormat() {
+    this.hasQualifiedName(["String", "NSString", "NSMutableString"],
+      "localizedStringWithFormat(_:_:)")
+  }
+
+  override int getFormatParameterIndex() { result = 0 }
+}
+
+/**
+ * The functions `NSLog` and `NSLogv`.
+ */
+class NsLog extends FormattingFunction, FreeFunctionDecl {
+  NsLog() { this.getName() = ["NSLog(_:_:)", "NSLogv(_:_:)"] }
+
+  override int getFormatParameterIndex() { result = 0 }
+}
+
+/**
+ * The `NSException.raise` method.
+ */
+class NsExceptionRaise extends FormattingFunction, MethodDecl {
+  NsExceptionRaise() { this.hasQualifiedName("NSException", "raise(_:format:arguments:)") }
+
+  override int getFormatParameterIndex() { result = 1 }
+}
diff --git a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll
index b54b8d1cd70..b489572cb97 100644
--- a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll
+++ b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll
@@ -4,79 +4,11 @@
  */
  
 import swift
+import codeql.swift.StringFormat
 import codeql.swift.dataflow.DataFlow
 import codeql.swift.dataflow.TaintTracking
 import codeql.swift.dataflow.FlowSources
 
-/**
- * A function that takes a `printf` style format argument.
- */
-abstract class FormattingFunction extends AbstractFunctionDecl {
-  /**
-   * Gets the position of the format argument.
-   */
-  abstract int getFormatParameterIndex();
-}
-
-/**
- * An initializer for `String`, `NSString` or `NSMutableString` that takes a
- * `printf` style format argument.
- */
-class StringInitWithFormat extends FormattingFunction, MethodDecl {
-  StringInitWithFormat() {
-    exists(string fName |
-      this.hasQualifiedName(["String", "NSString", "NSMutableString"], fName) and
-      fName.matches("init(format:%")
-    )
-  }
-
-  override int getFormatParameterIndex() { result = 0 }
-}
-
-/**
- * The `localizedStringWithFormat` method of `String`, `NSString` and `NSMutableString`.
- */
-class LocalizedStringWithFormat extends FormattingFunction, MethodDecl {
-  LocalizedStringWithFormat() {
-    this.hasQualifiedName(["String", "NSString", "NSMutableString"],
-      "localizedStringWithFormat(_:_:)")
-  }
-
-  override int getFormatParameterIndex() { result = 0 }
-}
-
-/**
- * The functions `NSLog` and `NSLogv`.
- */
-class NsLog extends FormattingFunction, FreeFunctionDecl {
-  NsLog() { this.getName() = ["NSLog(_:_:)", "NSLogv(_:_:)"] }
-
-  override int getFormatParameterIndex() { result = 0 }
-}
-
-/**
- * The `NSException.raise` method.
- */
-class NsExceptionRaise extends FormattingFunction, MethodDecl {
-  NsExceptionRaise() { this.hasQualifiedName("NSException", "raise(_:format:arguments:)") }
-
-  override int getFormatParameterIndex() { result = 1 }
-}
-
-/**
- * A call to a function that takes a `printf` style format argument.
- */
-class FormattingFunctionCall extends CallExpr {
-  FormattingFunction target;
-
-  FormattingFunctionCall() { target = this.getStaticTarget() }
-
-  /**
-   * Gets the format expression used in this call.
-   */
-  Expr getFormat() { result = this.getArgument(target.getFormatParameterIndex()).getExpr() }
-}
-
 /**
  * A taint configuration for tainted data that reaches a format string.
  */