From e08eac03d8c7c0c561cecb715e7fe525d1013a66 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 28 Nov 2024 17:44:34 +0000 Subject: [PATCH 1/3] Swift: Fix for Int.description. --- swift/ql/lib/codeql/swift/frameworks/StandardLibrary/String.qll | 2 +- .../library-tests/dataflow/taint/libraries/TaintInline.expected | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/String.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/String.qll index b773177f152..0642003923b 100644 --- a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/String.qll +++ b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/String.qll @@ -167,7 +167,7 @@ private class StringFieldsInheritTaint extends TaintInheritingContent, "precomposedStringWithCompatibilityMapping", "removingPercentEncoding" ] or - namedTypeDecl.getFullName() = "CustomStringConvertible" and + namedTypeDecl.getFullName() = ["CustomStringConvertible", "BinaryInteger"] and fieldDecl.getName() = "description" or namedTypeDecl.getFullName() = "CustomDebugStringConvertible" and diff --git a/swift/ql/test/library-tests/dataflow/taint/libraries/TaintInline.expected b/swift/ql/test/library-tests/dataflow/taint/libraries/TaintInline.expected index 5fcb458d4fc..4ba731519c4 100644 --- a/swift/ql/test/library-tests/dataflow/taint/libraries/TaintInline.expected +++ b/swift/ql/test/library-tests/dataflow/taint/libraries/TaintInline.expected @@ -1,5 +1,4 @@ testFailures | optionset.swift:60:49:61:1 | // $ tainted=60\n | Missing result: tainted=60 | | optionset.swift:65:58:66:1 | // $ tainted=65\n | Missing result: tainted=65 | -| string.swift:599:35:600:1 | // $ tainted=599\n | Missing result: tainted=599 | failures From 1fc112e7a7d68f53720e93f9c4c2f43a5629b98e Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 28 Nov 2024 18:14:04 +0000 Subject: [PATCH 2/3] Swift: Fix for OptionSet. --- .../swift/frameworks/StandardLibrary/RawRepresentable.qll | 5 ++++- .../dataflow/taint/libraries/TaintInline.expected | 2 -- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/RawRepresentable.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/RawRepresentable.qll index 8d56ffb4dfd..bc468d3c4f8 100644 --- a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/RawRepresentable.qll +++ b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/RawRepresentable.qll @@ -12,7 +12,10 @@ private import codeql.swift.dataflow.FlowSteps */ private class RawRepresentableSummaries extends SummaryModelCsv { override predicate row(string row) { - row = ";RawRepresentable;true;init(rawValue:);;;Argument[0];ReturnValue;taint" + row = [ + ";RawRepresentable;true;init(rawValue:);;;Argument[0];ReturnValue;taint", + ";OptionSet;true;init(rawValue:);;;Argument[0];ReturnValue;taint" + ] } } diff --git a/swift/ql/test/library-tests/dataflow/taint/libraries/TaintInline.expected b/swift/ql/test/library-tests/dataflow/taint/libraries/TaintInline.expected index 4ba731519c4..8ec8033d086 100644 --- a/swift/ql/test/library-tests/dataflow/taint/libraries/TaintInline.expected +++ b/swift/ql/test/library-tests/dataflow/taint/libraries/TaintInline.expected @@ -1,4 +1,2 @@ testFailures -| optionset.swift:60:49:61:1 | // $ tainted=60\n | Missing result: tainted=60 | -| optionset.swift:65:58:66:1 | // $ tainted=65\n | Missing result: tainted=65 | failures From e9deec7217f70db573d081bd9c6b9415f6b762c1 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 29 Nov 2024 16:03:06 +0000 Subject: [PATCH 3/3] Rust: Autoformat. --- .../frameworks/StandardLibrary/RawRepresentable.qll | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/RawRepresentable.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/RawRepresentable.qll index bc468d3c4f8..bbd583a32a4 100644 --- a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/RawRepresentable.qll +++ b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/RawRepresentable.qll @@ -12,10 +12,11 @@ private import codeql.swift.dataflow.FlowSteps */ private class RawRepresentableSummaries extends SummaryModelCsv { override predicate row(string row) { - row = [ - ";RawRepresentable;true;init(rawValue:);;;Argument[0];ReturnValue;taint", - ";OptionSet;true;init(rawValue:);;;Argument[0];ReturnValue;taint" - ] + row = + [ + ";RawRepresentable;true;init(rawValue:);;;Argument[0];ReturnValue;taint", + ";OptionSet;true;init(rawValue:);;;Argument[0];ReturnValue;taint" + ] } }