Geoffrey White
245e8fbc92
Swift: Use SensitiveDataHeuristics.qll in SensitiveCredential.
2023-05-15 18:14:52 +01:00
Geoffrey White
a91c45049e
Swift: Add some special cases to preserve (for now) result quality.
2023-05-15 18:06:33 +01:00
Geoffrey White
e2080c5d00
Swift: SensitiveDataHeuristics.qll expects function names without an (argument:list:).
2023-05-15 17:45:56 +01:00
Geoffrey White
35e2e5d785
Swift: Use SensitiveDataHeuristics.qll in regexpProbablySafe.
2023-05-15 17:44:54 +01:00
Geoffrey White
4781881a6a
Swift: Improve mobile/phone number regexp.
2023-05-15 15:30:30 +01:00
Geoffrey White
a0cba8cb6b
Swift: Address boolean value FPs.
2023-05-15 14:24:18 +01:00
Geoffrey White
27c8eb301e
Swift: Fix URL-related FPs.
2023-05-15 14:08:43 +01:00
Geoffrey White
e59d7e0345
Swift: Remove assumption that 'username' is not sensitive (in the tests).
2023-05-15 13:58:44 +01:00
Geoffrey White
dba951111a
Swift: Add more sensitive data test cases.
2023-05-15 13:58:44 +01:00
Geoffrey White
7251e90633
Merge pull request #12941 from geoffw0/textsource
...
Swift: Add taint sources for UITextField
2023-05-11 11:11:45 +01:00
Geoffrey White
68501b0082
Merge branch 'main' into textsource
2023-05-11 09:14:38 +01:00
Kasper Svendsen
1f0cb9eeb8
Swift: Enable implicit this receiver warnings
2023-05-11 08:35:59 +02:00
Geoffrey White
d7382053ca
Merge branch 'main' into swifttodos
2023-05-09 10:06:45 +01:00
Geoffrey White
08b6755c55
Swift: Simplify hasActualResult.
2023-05-09 09:03:32 +01:00
Geoffrey White
e4382677c2
Merge branch 'main' into modernsec3
2023-05-05 13:07:01 +01:00
Geoffrey White
d92ecbb3cf
Swift: Standardize on 'barrier' tover 'santerminology now we use ConfigSig dataflow.
2023-05-05 10:03:18 +01:00
Geoffrey White
9317174742
Swift: Improve the LibXML2 tests for XXE and remove the TODO comment.
2023-05-04 12:28:55 +01:00
Geoffrey White
a698f3fcb9
Merge branch 'main' into modernsec3
2023-05-02 17:35:08 +01:00
Geoffrey White
bb6aa11ce5
Swift: Additional test case.
2023-05-02 17:12:44 +01:00
Geoffrey White
ca50f1117e
Swift: Hide locationless results in the inlineexpectations test (there's no way to make them expected).
2023-05-02 16:57:29 +01:00
Geoffrey White
664500d2e6
Swift: Fix member variable sinks in swift/hardcoded-key.
2023-05-02 11:26:21 +01:00
Geoffrey White
adbd2c467d
Swift: Fix member variable sinks in swift/path-ionjection.
2023-05-02 11:26:20 +01:00
Paolo Tranquilli
0aed7d56c2
Swift: more mangling
2023-05-02 10:45:42 +02:00
Paolo Tranquilli
b269bd5010
Swift: mangle builtin and tuple types
2023-05-02 09:49:48 +02:00
Nora Dimitrijević
c81ea9d747
Merge branch 'main' into swift/rename-functions
2023-05-01 11:03:26 +02:00
Mathias Vorreiter Pedersen
d114388470
Swift: Implement 'isAbnormalExitType' and accept test changes.
2023-04-26 15:36:52 +01:00
Nora Dimitrijević
16fc42a53f
Swift: fix formatting
2023-04-26 16:01:57 +02:00
Nora Dimitrijević
91a151ec2a
Swift: update tests
2023-04-26 15:47:20 +02:00
Mathias Vorreiter Pedersen
6dc6e13caa
Swift: Hide 'DynamicSelfType' from the main AST.
2023-04-26 13:58:54 +01:00
Mathias Vorreiter Pedersen
11aff55a97
Swift: Add default implicit read steps when selecting PostUpdateNodes as sinks.
2023-04-26 13:58:48 +01:00
Anders Schack-Mulligen
74242638e2
Swift: One more expected output fix.
2023-04-26 14:10:13 +02:00
Anders Schack-Mulligen
9fe5462b1b
Swift: Update more expected output.
2023-04-26 13:41:50 +02:00
Anders Schack-Mulligen
6b049cb37a
Swift: Update expected output.
2023-04-26 13:15:39 +02:00
Geoffrey White
33a6e722f6
Swift: Add a test for UISearchTextField.
2023-04-25 23:31:20 +01:00
Geoffrey White
e16277ef43
Swift: Add source model for UITextField.
2023-04-25 23:14:24 +01:00
Geoffrey White
22507c1566
Swift: Add a test for UITextField.
2023-04-25 22:47:48 +01:00
Alex Denisov
125aab8107
Swift: rework fetching and dispatching
...
* visiting now happens in a later stage than fetching labels. While
fetching a list of entities to be visited is created, and then acted
upon in actual extraction. This partially flattens the recursive
nature of `fetchLabel` into a loop inside `SwiftVisitor::extract`.
Recursion in `fetchLabel` will only happen on labels fetched while
naming an entity (calling into `SwiftMangler`).
* The choice whether to name a declaration or type has been moved from
the translators to `SwiftMangler`. Acting on this choice is contained
in `SwiftDispatcher::createLabel`.
* The choice whether to emit a body of a declaration has been moved from
`DeclTranslator` to the dispatcher. This choice is also contained in
`SwiftDispatcher::createLabel`.
* The simple functionality of the `LabelStore` has been moved to the
`SwiftDispatcher` as well.
2023-04-25 11:15:27 +02:00
Geoffrey White
bfbd45a220
Swift: Fix CSV field sinks.
2023-04-20 18:14:34 +01:00
Geoffrey White
d317ad80e5
Swift: Convert to CSV sinks.
2023-04-20 17:53:00 +01:00
Nora Dimitrijević
1f861fda25
Merge pull request #12736 from d10c/swift/capture-flow
...
Swift: Closure Capture Helper APIs
2023-04-20 18:45:56 +02:00
Geoffrey White
380bf21a38
Swift: Update InsecureTLSExtensions.ql sinks to not depend on AssignExpr.
2023-04-20 17:15:48 +01:00
Geoffrey White
c1a95d57bb
Swift: Add some test cases.
2023-04-20 17:15:47 +01:00
Geoffrey White
7285704807
Merge pull request #12876 from geoffw0/extensiondecl
...
Swift: Improve ExtensionDecl.toString
2023-04-19 16:41:48 +01:00
Geoffrey White
a3c66b6032
Merge pull request #12833 from geoffw0/addmodels
...
Swift: Add some sink models
2023-04-19 14:18:29 +01:00
Geoffrey White
49dccaa89d
Swift: Fix other tests.
2023-04-19 14:16:24 +01:00
Geoffrey White
e9ffefaa96
Swift: Improve ExtensionDecl.toString.
2023-04-19 13:38:04 +01:00
Geoffrey White
c092851c28
Swift: Add a test for ExtensionDecls.
2023-04-19 11:50:49 +01:00
Mathias Vorreiter Pedersen
8d62d5916e
Merge pull request #12807 from MathiasVP/dataflow-for-keypaths
...
Swift: Dataflow for keypaths
2023-04-19 10:00:49 +01:00
Geoffrey White
c7ea08aa73
Swift: Fix inline expectations.
2023-04-18 17:32:38 +01:00
Nora Dimitrijević
7f675d8c3b
Swift: more CapturedDecl test cases
2023-04-18 16:50:38 +02:00
