hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 00:35:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

Swift: Add source model for UITextField.

Browse Source
This commit is contained in:
Geoffrey White
2023-04-25 23:11:26 +01:00
parent 22507c1566
commit e16277ef43
3 changed files with 20 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll
View File

@@ -79,6 +79,7 @@ private import internal.FlowSummaryImplSpecific
* ensuring that they are visible to the taint tracking / data flow library.
*/
private module Frameworks {
private import codeql.swift.frameworks.Alamofire.Alamofire
private import codeql.swift.frameworks.StandardLibrary.Collection
private import codeql.swift.frameworks.StandardLibrary.CustomUrlSchemes
private import codeql.swift.frameworks.StandardLibrary.Data
@@ -94,7 +95,7 @@ private module Frameworks {
private import codeql.swift.frameworks.StandardLibrary.Url
private import codeql.swift.frameworks.StandardLibrary.UrlSession
private import codeql.swift.frameworks.StandardLibrary.WebView
private import codeql.swift.frameworks.Alamofire.Alamofire
private import codeql.swift.frameworks.UIKit.UITextField
private import codeql.swift.security.CleartextLoggingExtensions
private import codeql.swift.security.CleartextStorageDatabaseExtensions
private import codeql.swift.security.ECBEncryptionExtensions

15
swift/ql/lib/codeql/swift/frameworks/UIKit/UITextField.qll Normal file
View File

@@ -0,0 +1,15 @@
/**
* Provides models for the `UITextField` Swift class.
*/
import swift
private import codeql.swift.dataflow.ExternalFlow
/**
* A model for `UITextField` members that are flow sources.
*/
private class UITextFieldSource extends SourceModelCsv {
override predicate row(string row) {
row = [";UITextField;true;text;;;;local", ";UITextField;true;attributedText;;;;local"]
}
}

6
swift/ql/test/library-tests/dataflow/flowsources/uikit.swift
View File

@@ -23,8 +23,8 @@ class UITextField: UIControl {
// --- tests ---
func testUITextField(textField: UITextField) {
_ = textField.text // $ MISSING: source=local
_ = textField.attributedText // $ MISSING: source=local
_ = textField.text // $ source=local
_ = textField.attributedText // $ source=local
_ = textField.placeholder // GOOD (not input)
_ = textField.text?.uppercased() // $ MISSING: source=local
_ = textField.text?.uppercased() // $ source=local
}