Merge pull request #13115 from geoffw0/swift-csv-labels

Swift: Accept standardized CSV sink labels

swift/ql/lib/codeql/swift/security/CleartextLoggingExtensions.qll

@@ -26,7 +26,7 @@ class CleartextLoggingAdditionalFlowStep extends Unit {
  * A sink defined in a CSV model.
  */
 private class DefaultCleartextLoggingSink extends CleartextLoggingSink {
-  DefaultCleartextLoggingSink() { sinkNode(this, "logging") }
+  DefaultCleartextLoggingSink() { sinkNode(this, "log-injection") }
 }
 
 /**
@@ -80,25 +80,25 @@ private class LoggingSinks extends SinkModelCsv {
   override predicate row(string row) {
     row =
       [
-        ";;false;print(_:separator:terminator:);;;Argument[0].ArrayElement;logging",
-        ";;false;print(_:separator:terminator:);;;Argument[1..2];logging",
-        ";;false;print(_:separator:terminator:toStream:);;;Argument[0].ArrayElement;logging",
-        ";;false;print(_:separator:terminator:toStream:);;;Argument[1..2];logging",
-        ";;false;NSLog(_:_:);;;Argument[0];logging",
-        ";;false;NSLog(_:_:);;;Argument[1].ArrayElement;logging",
-        ";;false;NSLogv(_:_:);;;Argument[0];logging",
-        ";;false;NSLogv(_:_:);;;Argument[1].ArrayElement;logging",
-        ";;false;vfprintf(_:_:_:);;;Agument[1..2];logging",
-        ";Logger;true;log(_:);;;Argument[0];logging",
-        ";Logger;true;log(level:_:);;;Argument[1];logging",
-        ";Logger;true;trace(_:);;;Argument[1];logging",
-        ";Logger;true;debug(_:);;;Argument[1];logging",
-        ";Logger;true;info(_:);;;Argument[1];logging",
-        ";Logger;true;notice(_:);;;Argument[1];logging",
-        ";Logger;true;warning(_:);;;Argument[1];logging",
-        ";Logger;true;error(_:);;;Argument[1];logging",
-        ";Logger;true;critical(_:);;;Argument[1];logging",
-        ";Logger;true;fault(_:);;;Argument[1];logging",
+        ";;false;print(_:separator:terminator:);;;Argument[0].ArrayElement;log-injection",
+        ";;false;print(_:separator:terminator:);;;Argument[1..2];log-injection",
+        ";;false;print(_:separator:terminator:toStream:);;;Argument[0].ArrayElement;log-injection",
+        ";;false;print(_:separator:terminator:toStream:);;;Argument[1..2];log-injection",
+        ";;false;NSLog(_:_:);;;Argument[0];log-injection",
+        ";;false;NSLog(_:_:);;;Argument[1].ArrayElement;log-injection",
+        ";;false;NSLogv(_:_:);;;Argument[0];log-injection",
+        ";;false;NSLogv(_:_:);;;Argument[1].ArrayElement;log-injection",
+        ";;false;vfprintf(_:_:_:);;;Agument[1..2];log-injection",
+        ";Logger;true;log(_:);;;Argument[0];log-injection",
+        ";Logger;true;log(level:_:);;;Argument[1];log-injection",
+        ";Logger;true;trace(_:);;;Argument[1];log-injection",
+        ";Logger;true;debug(_:);;;Argument[1];log-injection",
+        ";Logger;true;info(_:);;;Argument[1];log-injection",
+        ";Logger;true;notice(_:);;;Argument[1];log-injection",
+        ";Logger;true;warning(_:);;;Argument[1];log-injection",
+        ";Logger;true;error(_:);;;Argument[1];log-injection",
+        ";Logger;true;critical(_:);;;Argument[1];log-injection",
+        ";Logger;true;fault(_:);;;Argument[1];log-injection",
       ]
   }
 }

swift/ql/lib/codeql/swift/security/SqlInjectionExtensions.qll

@@ -151,5 +151,5 @@ private class GrdbDefaultSqlInjectionSink extends SqlInjectionSink {
  * A sink defined in a CSV model.
  */
 private class DefaultSqlInjectionSink extends SqlInjectionSink {
-  DefaultSqlInjectionSink() { sinkNode(this, "sql") }
+  DefaultSqlInjectionSink() { sinkNode(this, "sql-injection") }
 }

swift/ql/lib/codeql/swift/security/UncontrolledFormatStringExtensions.qll

@@ -39,6 +39,6 @@ private class DefaultUncontrolledFormatStringSink extends UncontrolledFormatStri
     this.asExpr() = any(FormattingFunctionCall fc).getFormat()
     or
     // a sink defined in a CSV model.
-    sinkNode(this, "uncontrolled-format-string")
+    sinkNode(this, "format-string")
   }
 }

swift/ql/lib/codeql/swift/security/UnsafeJsEvalExtensions.qll

@@ -144,5 +144,5 @@ private class DefaultUnsafeJsEvalAdditionalFlowStep extends UnsafeJsEvalAddition
  * A sink defined in a CSV model.
  */
 private class DefaultUnsafeJsEvalSink extends UnsafeJsEvalSink {
-  DefaultUnsafeJsEvalSink() { sinkNode(this, "js-eval") }
+  DefaultUnsafeJsEvalSink() { sinkNode(this, "code-injection") }
 }