Geoffrey White
c0bc0d78cc
Swift: Accept test changes after merging main (again).
2022-08-31 17:58:10 +01:00
Geoffrey White
60fad4d652
Merge remote-tracking branch 'upstream/main' into swiftcleanup
2022-08-31 16:04:39 +01:00
Mathias Vorreiter Pedersen
a4209df239
Merge branch 'main' into swift-field-flow-2
2022-08-30 18:52:23 +01:00
Geoffrey White
3e4a6be53f
Swift: Add missing test annotations.
2022-08-30 18:12:26 +01:00
Geoffrey White
430a8e141d
Swift: Fix issues.
2022-08-30 18:04:12 +01:00
Paolo Tranquilli
38d65d3fae
Swift: make ConstructorDecl's name include params
...
In order to distinguish overloads of the constructor and for consistency
with other function calls, `ConstructorDecl` string representation uses
the name which includes parentheses and parameter labels.
For consistency also the destructor got the same change, which means
all `DestructorDecl`s will now show as `deinit()` rather than `deinit`.
2022-08-30 11:11:50 +02:00
Geoffrey White
2d57786dae
Merge branch 'main' into cleartext
2022-08-25 23:10:36 +01:00
Geoffrey White
2690732c75
Swift: Special cases to get taint flow working.
2022-08-25 22:15:19 +01:00
Geoffrey White
3126fb930d
Swift: Core Data support.
2022-08-25 22:15:18 +01:00
Geoffrey White
456ab980a5
Swift: Fix duplicate results.
2022-08-25 22:15:17 +01:00
Geoffrey White
0cd2efc1b1
Swift: CleartextTransmission query.
2022-08-25 22:15:16 +01:00
Geoffrey White
dacb7f5f25
Swift: Add a SensitiveExprs lib (and test it).
2022-08-25 22:15:15 +01:00
Geoffrey White
2aa6dd20ff
Swift: Make tests more accurate and don't use 'pwd' as a variable name (it has alternative meanings so is not a good test).
2022-08-25 22:15:14 +01:00
Geoffrey White
1c5283628b
Swift: Additional test cases.
2022-08-25 22:15:13 +01:00
Mathias Vorreiter Pedersen
80bf22cf6f
Swift: Accept test changes in query tests.
2022-08-24 14:52:36 +01:00
Mathias Vorreiter Pedersen
06a39d2b93
Swift: Accept test change.
2022-08-24 13:29:17 +01:00
Paolo Tranquilli
9b50336e47
Swift: synthesize MethodRefExpr
...
This introduces a `MethodRefExpr` node synthesized out of
`DotSyntaxCallExpr` under the `LookupExpr` hierarchy. This means that
much like
```free_function(1, 2)```
is a `CallExpr` with `getFunction` giving a `DeclRefExpr`,
```foo.method(1, 2)```
is now a `CallExpr` with `getFunction` giving a `MethodRefExpr`.
`ApplyExpr::getStaticTarget` has been made work with it (as well as
`ConstructorRefCallExpr` which for the moment has been left where it
is), a new `MethodApplyExpr` has been introduced deriving from it,
and control and data flow libraries have adapted.
A small but was fixed in `qlgen` where the default constructor for DB
types was not correctly subtracting derived IPA types depending on the
order of definitions in `schema.yml`.
There are still some occurrences of `DotSyntaxCallExpr`, and as already
mentioned the other `SelfApply` class (`ConstructorRefCallExpr`) was
left alone. Their treatment is left for a future PR.
2022-08-19 14:48:36 +02:00
Geoffrey White
dd51b7f356
Swift: Add many tests.
2022-08-16 10:04:00 +01:00
Geoffrey White
c1be060ef8
Swift: Create query + test stubs.
2022-08-11 16:10:18 +01:00
Mathias Vorreiter Pedersen
5ee11c3d7b
Swift: Accept test changes.
2022-08-09 15:12:42 +01:00
Mathias Vorreiter Pedersen
946b8c68a6
Swift: Accept test changes.
2022-08-05 11:19:00 +01:00
Mathias Vorreiter Pedersen
1c8090fa04
Merge pull request #9964 from geoffw0/cwe95
...
Swift: Query for CWE-79 / CWE-95
2022-08-05 10:38:33 +01:00
Geoffrey White
1ce06accbd
Swift: Fix capitalization issue?
2022-08-05 10:20:51 +01:00
Geoffrey White
39f1352847
Swift: Complete the rename.
2022-08-03 14:45:20 +01:00
Geoffrey White
81bd61288c
Swift: I think CWE-079 is the more accurate CWE for this query.
2022-08-03 14:45:19 +01:00
Geoffrey White
c635895644
Swift: Documentation.
2022-08-03 14:45:18 +01:00
Geoffrey White
651b73e21e
Swift: Check for tainted baseURL.
2022-08-03 09:42:48 +01:00
Geoffrey White
53ea65b045
Swift: Implement query.
2022-08-03 09:41:28 +01:00
Geoffrey White
2d76d6d51a
Swift: Tests for CWE-95.
2022-08-03 09:36:22 +01:00
Geoffrey White
72fd7179f6
Merge branch 'main' into stringlengthconflation6
2022-07-28 10:01:28 +01:00
Geoffrey White
fe69bbf17c
Swift: It turns out NSString.length always exactly matches String.utf16.count.
2022-07-27 17:54:57 +01:00
Geoffrey White
70ca37a3d0
Swift: Model utf8, utf16 a\nd unicodeScalars sources.
2022-07-27 17:39:04 +01:00
Geoffrey White
9e773302ed
Swift: Extend test cases.
2022-07-27 17:39:01 +01:00
Geoffrey White
39fb714ad1
Swift: Add test with substring declared differently.
2022-07-18 14:24:12 +01:00
Geoffrey White
34ffd1aac5
Swift: Support String.Index and flow through * /.
2022-07-01 14:59:50 +01:00
Geoffrey White
d60d2457c2
Swift: Add String.Index.init as a source as as well.
2022-07-01 14:59:50 +01:00
Geoffrey White
bc03f6959c
Swift: Detect String -> NSString results.
2022-07-01 14:59:50 +01:00
Geoffrey White
a306f312cd
Swift: Add a test of converting Range to NSRange.
2022-07-01 14:59:50 +01:00
Geoffrey White
416977dc50
Swift: Add test cases for removeFirst, removeLast.
2022-07-01 14:59:50 +01:00
Geoffrey White
68c76006bd
Swift: Allow trivial taint-like flow.
2022-06-30 11:52:57 +01:00
Geoffrey White
0251fb2d35
Swift: Add result annotations to test.
2022-06-30 11:52:44 +01:00
Geoffrey White
911d30bd9a
Swift: Proper query message.
2022-06-23 17:12:02 +01:00
Geoffrey White
19026e9ed5
Swift: Work around toString change.
2022-06-22 19:16:09 +01:00
Geoffrey White
da7f49155d
Swift: Use dataflow.
2022-06-22 19:16:09 +01:00
Geoffrey White
28d801fde3
Swift: CWE-135 query sources and sinks.
2022-06-22 19:16:08 +01:00
Geoffrey White
e07df0d0c8
Swift: make setters private in test.
2022-06-22 14:13:30 +01:00
Geoffrey White
f9e1e630f7
Swift: more accurate NSObject / NSString hierarchy in test.
2022-06-22 12:36:40 +01:00
Geoffrey White
8989210995
Swift: Fix some details so that the test works.
2022-06-21 14:22:35 +01:00
Geoffrey White
30557ebe55
Swift: Test for string length conflation query.
2022-06-20 14:38:52 +01:00
