mirror of
https://github.com/github/codeql.git
synced 2026-04-23 15:55:18 +02:00
Merge pull request #13115 from geoffw0/swift-csv-labels
Swift: Accept standardized CSV sink labels
This commit is contained in:
@@ -26,7 +26,7 @@ class CleartextLoggingAdditionalFlowStep extends Unit {
|
||||
* A sink defined in a CSV model.
|
||||
*/
|
||||
private class DefaultCleartextLoggingSink extends CleartextLoggingSink {
|
||||
DefaultCleartextLoggingSink() { sinkNode(this, "logging") }
|
||||
DefaultCleartextLoggingSink() { sinkNode(this, "log-injection") }
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -80,25 +80,25 @@ private class LoggingSinks extends SinkModelCsv {
|
||||
override predicate row(string row) {
|
||||
row =
|
||||
[
|
||||
";;false;print(_:separator:terminator:);;;Argument[0].ArrayElement;logging",
|
||||
";;false;print(_:separator:terminator:);;;Argument[1..2];logging",
|
||||
";;false;print(_:separator:terminator:toStream:);;;Argument[0].ArrayElement;logging",
|
||||
";;false;print(_:separator:terminator:toStream:);;;Argument[1..2];logging",
|
||||
";;false;NSLog(_:_:);;;Argument[0];logging",
|
||||
";;false;NSLog(_:_:);;;Argument[1].ArrayElement;logging",
|
||||
";;false;NSLogv(_:_:);;;Argument[0];logging",
|
||||
";;false;NSLogv(_:_:);;;Argument[1].ArrayElement;logging",
|
||||
";;false;vfprintf(_:_:_:);;;Agument[1..2];logging",
|
||||
";Logger;true;log(_:);;;Argument[0];logging",
|
||||
";Logger;true;log(level:_:);;;Argument[1];logging",
|
||||
";Logger;true;trace(_:);;;Argument[1];logging",
|
||||
";Logger;true;debug(_:);;;Argument[1];logging",
|
||||
";Logger;true;info(_:);;;Argument[1];logging",
|
||||
";Logger;true;notice(_:);;;Argument[1];logging",
|
||||
";Logger;true;warning(_:);;;Argument[1];logging",
|
||||
";Logger;true;error(_:);;;Argument[1];logging",
|
||||
";Logger;true;critical(_:);;;Argument[1];logging",
|
||||
";Logger;true;fault(_:);;;Argument[1];logging",
|
||||
";;false;print(_:separator:terminator:);;;Argument[0].ArrayElement;log-injection",
|
||||
";;false;print(_:separator:terminator:);;;Argument[1..2];log-injection",
|
||||
";;false;print(_:separator:terminator:toStream:);;;Argument[0].ArrayElement;log-injection",
|
||||
";;false;print(_:separator:terminator:toStream:);;;Argument[1..2];log-injection",
|
||||
";;false;NSLog(_:_:);;;Argument[0];log-injection",
|
||||
";;false;NSLog(_:_:);;;Argument[1].ArrayElement;log-injection",
|
||||
";;false;NSLogv(_:_:);;;Argument[0];log-injection",
|
||||
";;false;NSLogv(_:_:);;;Argument[1].ArrayElement;log-injection",
|
||||
";;false;vfprintf(_:_:_:);;;Agument[1..2];log-injection",
|
||||
";Logger;true;log(_:);;;Argument[0];log-injection",
|
||||
";Logger;true;log(level:_:);;;Argument[1];log-injection",
|
||||
";Logger;true;trace(_:);;;Argument[1];log-injection",
|
||||
";Logger;true;debug(_:);;;Argument[1];log-injection",
|
||||
";Logger;true;info(_:);;;Argument[1];log-injection",
|
||||
";Logger;true;notice(_:);;;Argument[1];log-injection",
|
||||
";Logger;true;warning(_:);;;Argument[1];log-injection",
|
||||
";Logger;true;error(_:);;;Argument[1];log-injection",
|
||||
";Logger;true;critical(_:);;;Argument[1];log-injection",
|
||||
";Logger;true;fault(_:);;;Argument[1];log-injection",
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
@@ -151,5 +151,5 @@ private class GrdbDefaultSqlInjectionSink extends SqlInjectionSink {
|
||||
* A sink defined in a CSV model.
|
||||
*/
|
||||
private class DefaultSqlInjectionSink extends SqlInjectionSink {
|
||||
DefaultSqlInjectionSink() { sinkNode(this, "sql") }
|
||||
DefaultSqlInjectionSink() { sinkNode(this, "sql-injection") }
|
||||
}
|
||||
|
||||
@@ -39,6 +39,6 @@ private class DefaultUncontrolledFormatStringSink extends UncontrolledFormatStri
|
||||
this.asExpr() = any(FormattingFunctionCall fc).getFormat()
|
||||
or
|
||||
// a sink defined in a CSV model.
|
||||
sinkNode(this, "uncontrolled-format-string")
|
||||
sinkNode(this, "format-string")
|
||||
}
|
||||
}
|
||||
|
||||
@@ -144,5 +144,5 @@ private class DefaultUnsafeJsEvalAdditionalFlowStep extends UnsafeJsEvalAddition
|
||||
* A sink defined in a CSV model.
|
||||
*/
|
||||
private class DefaultUnsafeJsEvalSink extends UnsafeJsEvalSink {
|
||||
DefaultUnsafeJsEvalSink() { sinkNode(this, "js-eval") }
|
||||
DefaultUnsafeJsEvalSink() { sinkNode(this, "code-injection") }
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user