From ea4c2e432100cb15e4ad5448d02c36153a6f9f95 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Mon, 27 Feb 2023 22:55:47 +0000
Subject: [PATCH] Swift: Add CSV extension points.

---
 .../swift/security/CleartextStorageDatabaseExtensions.qll | 8 ++++++++
 .../security/CleartextStoragePreferencesExtensions.qll    | 8 ++++++++
 .../swift/security/CleartextTransmissionExtensions.qll    | 8 ++++++++
 3 files changed, 24 insertions(+)

diff --git a/swift/ql/lib/codeql/swift/security/CleartextStorageDatabaseExtensions.qll b/swift/ql/lib/codeql/swift/security/CleartextStorageDatabaseExtensions.qll
index c361ca9315f..374d0e58663 100644
--- a/swift/ql/lib/codeql/swift/security/CleartextStorageDatabaseExtensions.qll
+++ b/swift/ql/lib/codeql/swift/security/CleartextStorageDatabaseExtensions.qll
@@ -6,6 +6,7 @@
 import swift
 import codeql.swift.security.SensitiveExprs
 import codeql.swift.dataflow.DataFlow
+import codeql.swift.dataflow.ExternalFlow
 
 /**
  * A dataflow sink for cleartext database storage vulnerabilities. That is,
@@ -150,3 +151,10 @@ private class CleartextStorageDatabaseArrayAdditionalTaintStep extends Cleartext
     )
   }
 }
+
+/**
+ * A sink defined in a CSV model.
+ */
+private class DefaultCleartextStorageDatabaseSink extends CleartextStorageDatabaseSink {
+  DefaultCleartextStorageDatabaseSink() { sinkNode(this, "database-store") }
+}
diff --git a/swift/ql/lib/codeql/swift/security/CleartextStoragePreferencesExtensions.qll b/swift/ql/lib/codeql/swift/security/CleartextStoragePreferencesExtensions.qll
index 3ce629a3a70..fc7fde14b37 100644
--- a/swift/ql/lib/codeql/swift/security/CleartextStoragePreferencesExtensions.qll
+++ b/swift/ql/lib/codeql/swift/security/CleartextStoragePreferencesExtensions.qll
@@ -6,6 +6,7 @@
 import swift
 import codeql.swift.security.SensitiveExprs
 import codeql.swift.dataflow.DataFlow
+import codeql.swift.dataflow.ExternalFlow
 
 /**
  * A dataflow sink for cleartext preferences storage vulnerabilities. That is,
@@ -78,3 +79,10 @@ private class CleartextStoragePreferencesEncryptionSanitizer extends CleartextSt
     this.asExpr() instanceof EncryptedExpr
   }
 }
+
+/**
+ * A sink defined in a CSV model.
+ */
+private class DefaultCleartextStoragePreferencesSink extends CleartextStoragePreferencesSink {
+  DefaultCleartextStoragePreferencesSink() { sinkNode(this, "preferences-store") }
+}
diff --git a/swift/ql/lib/codeql/swift/security/CleartextTransmissionExtensions.qll b/swift/ql/lib/codeql/swift/security/CleartextTransmissionExtensions.qll
index 60022d7ceb6..c9aa5a797a0 100644
--- a/swift/ql/lib/codeql/swift/security/CleartextTransmissionExtensions.qll
+++ b/swift/ql/lib/codeql/swift/security/CleartextTransmissionExtensions.qll
@@ -6,6 +6,7 @@
 import swift
 import codeql.swift.security.SensitiveExprs
 import codeql.swift.dataflow.DataFlow
+import codeql.swift.dataflow.ExternalFlow
 
 /**
  * A dataflow sink for cleartext transmission vulnerabilities. That is,
@@ -87,3 +88,10 @@ private class CleartextTransmissionEncryptionSanitizer extends CleartextTransmis
     this.asExpr() instanceof EncryptedExpr
   }
 }
+
+/**
+ * A sink defined in a CSV model.
+ */
+private class DefaultCleartextTransmissionSink extends CleartextTransmissionSink {
+  DefaultCleartextTransmissionSink() { sinkNode(this, "transmission") }
+}