mirror of
https://github.com/github/codeql.git
synced 2026-05-30 02:51:24 +02:00
Compare commits
8 Commits
revert-172
...
criemen/fi
| Author | SHA1 | Date | |
|---|---|---|---|
|
e5c14dca5a | ||
|
|
22e1921391 | ||
|
|
b589fcad11 | ||
|
|
80b6135a64 | ||
|
|
3a864d3de2 | ||
|
|
085bf2f662 | ||
|
|
6a7d8b5301 | ||
|
|
7d500cf58c |
@@ -450,7 +450,7 @@ void test_qualifiers()
|
||||
b.member = source();
|
||||
sink(b); // $ ir MISSING: ast
|
||||
sink(b.member); // $ ast,ir
|
||||
sink(b.getMember()); // $ ir MISSING: ast
|
||||
sink(b.getMember()); // $ MISSING: ir ast
|
||||
|
||||
c = new MyClass2(0);
|
||||
|
||||
|
||||
@@ -115,8 +115,8 @@ void test_vector_swap() {
|
||||
v3.swap(v4);
|
||||
|
||||
sink(v1);
|
||||
sink(v2); // $ ir MISSING:ast
|
||||
sink(v3); // $ ir MISSING:ast
|
||||
sink(v2); // $ MISSING:ir ast
|
||||
sink(v3); // $ MISSING:ir ast
|
||||
sink(v4);
|
||||
}
|
||||
|
||||
|
||||
@@ -220,26 +220,26 @@ open class LoggerBase(val logCounter: LogCounter) {
|
||||
logStream.write(logMessage.toJsonLine())
|
||||
}
|
||||
|
||||
fun trace(tw: TrapWriter, msg: String) {
|
||||
fun trace(dtw: DiagnosticTrapWriter, msg: String) {
|
||||
if (verbosity >= 4) {
|
||||
val logMessage = LogMessage("TRACE", msg)
|
||||
tw.writeComment(logMessage.toText())
|
||||
dtw.writeComment(logMessage.toText())
|
||||
logStream.write(logMessage.toJsonLine())
|
||||
}
|
||||
}
|
||||
|
||||
fun debug(tw: TrapWriter, msg: String) {
|
||||
fun debug(dtw: DiagnosticTrapWriter, msg: String) {
|
||||
if (verbosity >= 4) {
|
||||
val logMessage = LogMessage("DEBUG", msg)
|
||||
tw.writeComment(logMessage.toText())
|
||||
dtw.writeComment(logMessage.toText())
|
||||
logStream.write(logMessage.toJsonLine())
|
||||
}
|
||||
}
|
||||
|
||||
fun info(tw: TrapWriter, msg: String) {
|
||||
fun info(dtw: DiagnosticTrapWriter, msg: String) {
|
||||
if (verbosity >= 3) {
|
||||
val logMessage = LogMessage("INFO", msg)
|
||||
tw.writeComment(logMessage.toText())
|
||||
dtw.writeComment(logMessage.toText())
|
||||
logStream.write(logMessage.toJsonLine())
|
||||
}
|
||||
}
|
||||
@@ -279,7 +279,7 @@ open class LoggerBase(val logCounter: LogCounter) {
|
||||
}
|
||||
}
|
||||
|
||||
open class Logger(val loggerBase: LoggerBase, open val dtw: DiagnosticTrapWriter) {
|
||||
open class Logger(val loggerBase: LoggerBase, val dtw: DiagnosticTrapWriter) {
|
||||
fun flush() {
|
||||
dtw.flush()
|
||||
loggerBase.flush()
|
||||
|
||||
@@ -36,19 +36,14 @@ edges
|
||||
| apply.kt:6:28:6:41 | $this$apply : String | apply.kt:6:35:6:38 | this | provenance | |
|
||||
| apply.kt:7:14:7:25 | taint(...) : String | apply.kt:7:14:7:40 | apply(...) | provenance | MaD:31 |
|
||||
| list.kt:6:9:6:9 | l [post update] : List [<element>] : String | list.kt:7:14:7:14 | l | provenance | |
|
||||
| list.kt:6:9:6:9 | l [post update] : List [<element>] : String | list.kt:8:14:8:14 | l : List | provenance | |
|
||||
| list.kt:6:9:6:9 | l [post update] : List [<element>] : String | list.kt:8:14:8:14 | l : List [<element>] : String | provenance | |
|
||||
| list.kt:6:9:6:9 | l [post update] : List [<element>] : String | list.kt:9:19:9:19 | l : List [<element>] : String | provenance | |
|
||||
| list.kt:6:9:6:9 | l [post update] : List [<element>] : String | list.kt:10:18:10:18 | s | provenance | |
|
||||
| list.kt:6:16:6:25 | taint(...) : String | list.kt:6:9:6:9 | l [post update] : List [<element>] : String | provenance | MaD:27 |
|
||||
| list.kt:8:14:8:14 | l : List | list.kt:8:14:8:17 | get(...) | provenance | MaD:26 |
|
||||
| list.kt:8:14:8:14 | l : List [<element>] : String | list.kt:8:14:8:17 | get(...) | provenance | MaD:26 |
|
||||
| list.kt:9:19:9:19 | l : List [<element>] : String | list.kt:10:18:10:18 | s | provenance | |
|
||||
| list.kt:13:17:13:40 | {...} : String[] [[]] : String | list.kt:14:14:14:14 | a | provenance | |
|
||||
| list.kt:13:17:13:40 | {...} : String[] [[]] : String | list.kt:15:14:15:14 | a : String[] [[]] : String | provenance | |
|
||||
| list.kt:13:17:13:40 | {...} : String[] [[]] : String | list.kt:15:14:15:17 | ...[...] | provenance | |
|
||||
| list.kt:13:17:13:40 | {...} : String[] [[]] : String | list.kt:16:19:16:19 | a : String[] [[]] : String | provenance | |
|
||||
| list.kt:13:17:13:40 | {...} : String[] [[]] : String | list.kt:17:18:17:18 | s | provenance | |
|
||||
| list.kt:13:25:13:34 | taint(...) : String | list.kt:13:17:13:40 | {...} : String[] [[]] : String | provenance | |
|
||||
| list.kt:15:14:15:14 | a : String[] [[]] : String | list.kt:15:14:15:17 | ...[...] | provenance | |
|
||||
| list.kt:16:19:16:19 | a : String[] [[]] : String | list.kt:17:18:17:18 | s | provenance | |
|
||||
@@ -134,7 +129,6 @@ nodes
|
||||
| list.kt:6:9:6:9 | l [post update] : List [<element>] : String | semmle.label | l [post update] : List [<element>] : String |
|
||||
| list.kt:6:16:6:25 | taint(...) : String | semmle.label | taint(...) : String |
|
||||
| list.kt:7:14:7:14 | l | semmle.label | l |
|
||||
| list.kt:8:14:8:14 | l : List | semmle.label | l : List |
|
||||
| list.kt:8:14:8:14 | l : List [<element>] : String | semmle.label | l : List [<element>] : String |
|
||||
| list.kt:8:14:8:17 | get(...) | semmle.label | get(...) |
|
||||
| list.kt:9:19:9:19 | l : List [<element>] : String | semmle.label | l : List [<element>] : String |
|
||||
|
||||
@@ -36,19 +36,14 @@ edges
|
||||
| apply.kt:6:28:6:41 | $this$apply : String | apply.kt:6:35:6:38 | this | provenance | |
|
||||
| apply.kt:7:14:7:25 | taint(...) : String | apply.kt:7:14:7:40 | apply(...) | provenance | MaD:31 |
|
||||
| list.kt:6:9:6:9 | l [post update] : List [<element>] : String | list.kt:7:14:7:14 | l | provenance | |
|
||||
| list.kt:6:9:6:9 | l [post update] : List [<element>] : String | list.kt:8:14:8:14 | l : List | provenance | |
|
||||
| list.kt:6:9:6:9 | l [post update] : List [<element>] : String | list.kt:8:14:8:14 | l : List [<element>] : String | provenance | |
|
||||
| list.kt:6:9:6:9 | l [post update] : List [<element>] : String | list.kt:9:19:9:19 | l : List [<element>] : String | provenance | |
|
||||
| list.kt:6:9:6:9 | l [post update] : List [<element>] : String | list.kt:10:18:10:18 | s | provenance | |
|
||||
| list.kt:6:16:6:25 | taint(...) : String | list.kt:6:9:6:9 | l [post update] : List [<element>] : String | provenance | MaD:27 |
|
||||
| list.kt:8:14:8:14 | l : List | list.kt:8:14:8:17 | get(...) | provenance | MaD:26 |
|
||||
| list.kt:8:14:8:14 | l : List [<element>] : String | list.kt:8:14:8:17 | get(...) | provenance | MaD:26 |
|
||||
| list.kt:9:19:9:19 | l : List [<element>] : String | list.kt:10:18:10:18 | s | provenance | |
|
||||
| list.kt:13:17:13:40 | {...} : String[] [[]] : String | list.kt:14:14:14:14 | a | provenance | |
|
||||
| list.kt:13:17:13:40 | {...} : String[] [[]] : String | list.kt:15:14:15:14 | a : String[] [[]] : String | provenance | |
|
||||
| list.kt:13:17:13:40 | {...} : String[] [[]] : String | list.kt:15:14:15:17 | ...[...] | provenance | |
|
||||
| list.kt:13:17:13:40 | {...} : String[] [[]] : String | list.kt:16:19:16:19 | a : String[] [[]] : String | provenance | |
|
||||
| list.kt:13:17:13:40 | {...} : String[] [[]] : String | list.kt:17:18:17:18 | s | provenance | |
|
||||
| list.kt:13:25:13:34 | taint(...) : String | list.kt:13:17:13:40 | {...} : String[] [[]] : String | provenance | |
|
||||
| list.kt:15:14:15:14 | a : String[] [[]] : String | list.kt:15:14:15:17 | ...[...] | provenance | |
|
||||
| list.kt:16:19:16:19 | a : String[] [[]] : String | list.kt:17:18:17:18 | s | provenance | |
|
||||
@@ -134,7 +129,6 @@ nodes
|
||||
| list.kt:6:9:6:9 | l [post update] : List [<element>] : String | semmle.label | l [post update] : List [<element>] : String |
|
||||
| list.kt:6:16:6:25 | taint(...) : String | semmle.label | taint(...) : String |
|
||||
| list.kt:7:14:7:14 | l | semmle.label | l |
|
||||
| list.kt:8:14:8:14 | l : List | semmle.label | l : List |
|
||||
| list.kt:8:14:8:14 | l : List [<element>] : String | semmle.label | l : List [<element>] : String |
|
||||
| list.kt:8:14:8:17 | get(...) | semmle.label | get(...) |
|
||||
| list.kt:9:19:9:19 | l : List [<element>] : String | semmle.label | l : List [<element>] : String |
|
||||
|
||||
@@ -6,8 +6,7 @@ edges
|
||||
| FileService.java:20:31:20:43 | intent : Intent | FileService.java:21:28:21:33 | intent : Intent | provenance | |
|
||||
| FileService.java:21:28:21:33 | intent : Intent | FileService.java:21:28:21:64 | getStringExtra(...) : String | provenance | MaD:2 |
|
||||
| FileService.java:21:28:21:64 | getStringExtra(...) : String | FileService.java:25:42:25:50 | localPath : String | provenance | |
|
||||
| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] | FileService.java:40:41:40:55 | params : Object[] | provenance | Config |
|
||||
| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : String | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] | provenance | |
|
||||
| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : String | FileService.java:40:41:40:55 | params : Object[] | provenance | Config |
|
||||
| FileService.java:25:42:25:50 | localPath : String | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : String | provenance | |
|
||||
| FileService.java:25:42:25:50 | localPath : String | FileService.java:32:13:32:28 | sourceUri : String | provenance | |
|
||||
| FileService.java:32:13:32:28 | sourceUri : String | FileService.java:35:17:35:25 | sourceUri : String | provenance | |
|
||||
@@ -33,7 +32,6 @@ nodes
|
||||
| FileService.java:20:31:20:43 | intent : Intent | semmle.label | intent : Intent |
|
||||
| FileService.java:21:28:21:33 | intent : Intent | semmle.label | intent : Intent |
|
||||
| FileService.java:21:28:21:64 | getStringExtra(...) : String | semmle.label | getStringExtra(...) : String |
|
||||
| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] | semmle.label | makeParamsToExecute(...) : Object[] |
|
||||
| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : String | semmle.label | makeParamsToExecute(...) : Object[] [[]] : String |
|
||||
| FileService.java:25:42:25:50 | localPath : String | semmle.label | localPath : String |
|
||||
| FileService.java:32:13:32:28 | sourceUri : String | semmle.label | sourceUri : String |
|
||||
|
||||
27
java/ql/test/library-tests/dataflow/implicit-read/A.java
Normal file
27
java/ql/test/library-tests/dataflow/implicit-read/A.java
Normal file
@@ -0,0 +1,27 @@
|
||||
public class A {
|
||||
String field;
|
||||
|
||||
static String source(String name) {
|
||||
return name;
|
||||
}
|
||||
|
||||
static void sink(Object o) {}
|
||||
|
||||
static String step(Object o) {
|
||||
return "";
|
||||
}
|
||||
|
||||
static Object getA() {
|
||||
A a = new A();
|
||||
a.field = source("source");
|
||||
return a;
|
||||
}
|
||||
|
||||
static void test() {
|
||||
Object object = getA();
|
||||
|
||||
sink(step(object)); // $ hasTaintFlow=source
|
||||
sink(object);
|
||||
sink(((A)object).field); // $ hasTaintFlow=source
|
||||
}
|
||||
}
|
||||
22
java/ql/test/library-tests/dataflow/implicit-read/test.ql
Normal file
22
java/ql/test/library-tests/dataflow/implicit-read/test.ql
Normal file
@@ -0,0 +1,22 @@
|
||||
import java
|
||||
import TestUtilities.InlineFlowTest
|
||||
|
||||
module TestConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) { DefaultFlowConfig::isSource(source) }
|
||||
|
||||
predicate isSink(DataFlow::Node sink) { DefaultFlowConfig::isSink(sink) }
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
|
||||
exists(MethodCall call |
|
||||
call.getMethod().getName() = "step" and
|
||||
node1.asExpr() = call.getArgument(0) and
|
||||
node2.asExpr() = call
|
||||
)
|
||||
}
|
||||
|
||||
predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet content) {
|
||||
isAdditionalFlowStep(node, _) and content instanceof DataFlow::FieldContent
|
||||
}
|
||||
}
|
||||
|
||||
import TaintFlowTest<TestConfig>
|
||||
@@ -745,12 +745,9 @@ edges
|
||||
| ArrayUtilsTest.java:68:27:68:57 | {...} : int[] [[]] : Number | ArrayUtilsTest.java:69:56:69:66 | taintedInts : int[] [[]] : Number | provenance | |
|
||||
| ArrayUtilsTest.java:68:39:68:55 | taint(...) : Number | ArrayUtilsTest.java:68:27:68:57 | {...} : int[] [[]] : Number | provenance | |
|
||||
| ArrayUtilsTest.java:69:36:69:67 | toObject(...) : Integer[] [[]] : Number | ArrayUtilsTest.java:70:12:70:27 | taintedBoxedInts | provenance | |
|
||||
| ArrayUtilsTest.java:69:36:69:67 | toObject(...) : Integer[] [[]] : Number | ArrayUtilsTest.java:71:35:71:50 | taintedBoxedInts : Integer[] | provenance | |
|
||||
| ArrayUtilsTest.java:69:36:69:67 | toObject(...) : Integer[] [[]] : Number | ArrayUtilsTest.java:71:35:71:50 | taintedBoxedInts : Integer[] [[]] : Number | provenance | |
|
||||
| ArrayUtilsTest.java:69:56:69:66 | taintedInts : int[] [[]] : Number | ArrayUtilsTest.java:69:36:69:67 | toObject(...) : Integer[] [[]] : Number | provenance | MaD:53 |
|
||||
| ArrayUtilsTest.java:71:12:71:51 | toPrimitive(...) : int[] [[]] : Number | ArrayUtilsTest.java:71:12:71:51 | toPrimitive(...) | provenance | |
|
||||
| ArrayUtilsTest.java:71:12:71:51 | toPrimitive(...) : int[] [[]] : Object | ArrayUtilsTest.java:71:12:71:51 | toPrimitive(...) | provenance | |
|
||||
| ArrayUtilsTest.java:71:35:71:50 | taintedBoxedInts : Integer[] | ArrayUtilsTest.java:71:12:71:51 | toPrimitive(...) : int[] [[]] : Object | provenance | MaD:54 |
|
||||
| ArrayUtilsTest.java:71:35:71:50 | taintedBoxedInts : Integer[] [[]] : Number | ArrayUtilsTest.java:71:12:71:51 | toPrimitive(...) : int[] [[]] : Number | provenance | MaD:54 |
|
||||
| ArrayUtilsTest.java:72:12:72:70 | toPrimitive(...) : int[] [[]] : Number | ArrayUtilsTest.java:72:12:72:70 | toPrimitive(...) | provenance | |
|
||||
| ArrayUtilsTest.java:72:53:72:69 | taint(...) : Number | ArrayUtilsTest.java:72:12:72:70 | toPrimitive(...) : int[] [[]] : Number | provenance | MaD:55 |
|
||||
@@ -3434,8 +3431,6 @@ nodes
|
||||
| ArrayUtilsTest.java:70:12:70:27 | taintedBoxedInts | semmle.label | taintedBoxedInts |
|
||||
| ArrayUtilsTest.java:71:12:71:51 | toPrimitive(...) | semmle.label | toPrimitive(...) |
|
||||
| ArrayUtilsTest.java:71:12:71:51 | toPrimitive(...) : int[] [[]] : Number | semmle.label | toPrimitive(...) : int[] [[]] : Number |
|
||||
| ArrayUtilsTest.java:71:12:71:51 | toPrimitive(...) : int[] [[]] : Object | semmle.label | toPrimitive(...) : int[] [[]] : Object |
|
||||
| ArrayUtilsTest.java:71:35:71:50 | taintedBoxedInts : Integer[] | semmle.label | taintedBoxedInts : Integer[] |
|
||||
| ArrayUtilsTest.java:71:35:71:50 | taintedBoxedInts : Integer[] [[]] : Number | semmle.label | taintedBoxedInts : Integer[] [[]] : Number |
|
||||
| ArrayUtilsTest.java:72:12:72:70 | toPrimitive(...) | semmle.label | toPrimitive(...) |
|
||||
| ArrayUtilsTest.java:72:12:72:70 | toPrimitive(...) : int[] [[]] : Number | semmle.label | toPrimitive(...) : int[] [[]] : Number |
|
||||
|
||||
@@ -173,6 +173,11 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
|
||||
Node asNode() { this = TNodeNormal(result) }
|
||||
|
||||
/** Gets the corresponding Node if this is a normal node or its post-implicit read node. */
|
||||
Node asNodeOrImplicitRead() {
|
||||
this = TNodeNormal(result) or this = TNodeImplicitRead(result, true)
|
||||
}
|
||||
|
||||
predicate isImplicitReadNode(Node n, boolean hasRead) { this = TNodeImplicitRead(n, hasRead) }
|
||||
|
||||
ParameterNode asParamReturnNode() { this = TParamReturnNode(result, _) }
|
||||
@@ -260,7 +265,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
|
||||
private predicate outBarrier(NodeEx node) {
|
||||
exists(Node n |
|
||||
node.asNode() = n and
|
||||
node.asNodeOrImplicitRead() = n and
|
||||
Config::isBarrierOut(n)
|
||||
|
|
||||
Config::isSink(n, _)
|
||||
@@ -272,7 +277,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
pragma[nomagic]
|
||||
private predicate outBarrier(NodeEx node, FlowState state) {
|
||||
exists(Node n |
|
||||
node.asNode() = n and
|
||||
node.asNodeOrImplicitRead() = n and
|
||||
Config::isBarrierOut(n, state)
|
||||
|
|
||||
Config::isSink(n, state)
|
||||
@@ -318,7 +323,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
|
||||
pragma[nomagic]
|
||||
private predicate sinkNodeWithState(NodeEx node, FlowState state) {
|
||||
Config::isSink(node.asNode(), state) and
|
||||
Config::isSink(node.asNodeOrImplicitRead(), state) and
|
||||
not fullBarrier(node) and
|
||||
not stateBarrier(node, state)
|
||||
}
|
||||
@@ -380,26 +385,19 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
*/
|
||||
private predicate additionalLocalFlowStep(NodeEx node1, NodeEx node2, string model) {
|
||||
exists(Node n1, Node n2 |
|
||||
node1.asNode() = n1 and
|
||||
node1.asNodeOrImplicitRead() = n1 and
|
||||
node2.asNode() = n2 and
|
||||
Config::isAdditionalFlowStep(pragma[only_bind_into](n1), pragma[only_bind_into](n2), model) and
|
||||
getNodeEnclosingCallable(n1) = getNodeEnclosingCallable(n2) and
|
||||
stepFilter(node1, node2)
|
||||
)
|
||||
or
|
||||
exists(Node n |
|
||||
node1.isImplicitReadNode(n, true) and
|
||||
node2.asNode() = n and
|
||||
not fullBarrier(node2) and
|
||||
model = ""
|
||||
)
|
||||
}
|
||||
|
||||
private predicate additionalLocalStateStep(
|
||||
NodeEx node1, FlowState s1, NodeEx node2, FlowState s2
|
||||
) {
|
||||
exists(Node n1, Node n2 |
|
||||
node1.asNode() = n1 and
|
||||
node1.asNodeOrImplicitRead() = n1 and
|
||||
node2.asNode() = n2 and
|
||||
Config::isAdditionalFlowStep(pragma[only_bind_into](n1), s1, pragma[only_bind_into](n2), s2) and
|
||||
getNodeEnclosingCallable(n1) = getNodeEnclosingCallable(n2) and
|
||||
@@ -425,7 +423,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
*/
|
||||
private predicate additionalJumpStep(NodeEx node1, NodeEx node2, string model) {
|
||||
exists(Node n1, Node n2 |
|
||||
node1.asNode() = n1 and
|
||||
node1.asNodeOrImplicitRead() = n1 and
|
||||
node2.asNode() = n2 and
|
||||
Config::isAdditionalFlowStep(pragma[only_bind_into](n1), pragma[only_bind_into](n2), model) and
|
||||
getNodeEnclosingCallable(n1) != getNodeEnclosingCallable(n2) and
|
||||
@@ -436,7 +434,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
|
||||
private predicate additionalJumpStateStep(NodeEx node1, FlowState s1, NodeEx node2, FlowState s2) {
|
||||
exists(Node n1, Node n2 |
|
||||
node1.asNode() = n1 and
|
||||
node1.asNodeOrImplicitRead() = n1 and
|
||||
node2.asNode() = n2 and
|
||||
Config::isAdditionalFlowStep(pragma[only_bind_into](n1), s1, pragma[only_bind_into](n2), s2) and
|
||||
getNodeEnclosingCallable(n1) != getNodeEnclosingCallable(n2) and
|
||||
@@ -729,7 +727,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
additional predicate sinkNode(NodeEx node, FlowState state) {
|
||||
fwdFlow(node) and
|
||||
fwdFlowState(state) and
|
||||
Config::isSink(node.asNode())
|
||||
Config::isSink(node.asNodeOrImplicitRead())
|
||||
or
|
||||
fwdFlow(node) and
|
||||
fwdFlowState(state) and
|
||||
@@ -1052,7 +1050,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
|
||||
private predicate sinkModel(NodeEx node, string model) {
|
||||
sinkNode(node, _) and
|
||||
exists(Node n | n = node.asNode() |
|
||||
exists(Node n | n = node.asNodeOrImplicitRead() |
|
||||
knownSinkModel(n, model)
|
||||
or
|
||||
not knownSinkModel(n, _) and model = ""
|
||||
@@ -2599,7 +2597,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
TPathNodeSink(NodeEx node, FlowState state) {
|
||||
exists(PathNodeMid sink |
|
||||
sink.isAtSink() and
|
||||
node = sink.getNodeEx() and
|
||||
node = sink.toNormalSinkNodeEx() and
|
||||
state = sink.getState()
|
||||
)
|
||||
} or
|
||||
@@ -2726,6 +2724,16 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
)
|
||||
}
|
||||
|
||||
/** If this node corresponds to a sink, gets the normal node for that sink. */
|
||||
pragma[nomagic]
|
||||
NodeEx toNormalSinkNodeEx() {
|
||||
exists(Node n |
|
||||
pragma[only_bind_out](node.asNodeOrImplicitRead()) = n and
|
||||
(Config::isSink(n) or Config::isSink(n, _)) and
|
||||
result.asNode() = n
|
||||
)
|
||||
}
|
||||
|
||||
override PathNodeImpl getASuccessorImpl(string label) {
|
||||
// an intermediate step to another intermediate node
|
||||
exists(string l2 | result = this.getSuccMid(l2) |
|
||||
@@ -2817,7 +2825,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
PathNodeSink projectToSink(string model) {
|
||||
this.isAtSink() and
|
||||
sinkModel(node, model) and
|
||||
result.getNodeEx() = node and
|
||||
result.getNodeEx() = this.toNormalSinkNodeEx() and
|
||||
result.getState() = state
|
||||
}
|
||||
}
|
||||
@@ -4844,7 +4852,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
|
||||
private predicate revSinkNode(NodeEx node, FlowState state) {
|
||||
sinkNodeWithState(node, state)
|
||||
or
|
||||
Config::isSink(node.asNode()) and
|
||||
Config::isSink(node.asNodeOrImplicitRead()) and
|
||||
relevantState(state) and
|
||||
not fullBarrier(node) and
|
||||
not stateBarrier(node, state)
|
||||
|
||||
@@ -9,18 +9,13 @@ edges
|
||||
| conversions.swift:37:19:37:29 | call to sourceInt() | conversions.swift:37:12:37:30 | call to String.init(_:) | provenance | |
|
||||
| conversions.swift:39:12:39:30 | [...] [Collection element] | conversions.swift:40:12:40:12 | arr | provenance | |
|
||||
| conversions.swift:39:12:39:30 | [...] [Collection element] | conversions.swift:41:12:41:12 | arr [Collection element] | provenance | |
|
||||
| conversions.swift:39:12:39:30 | [...] [Collection element] | conversions.swift:41:12:41:17 | ...[...] | provenance | |
|
||||
| conversions.swift:39:12:39:30 | [...] [Collection element] | conversions.swift:42:20:42:20 | arr | provenance | |
|
||||
| conversions.swift:39:12:39:30 | [...] [Collection element] | conversions.swift:42:20:42:20 | arr [Collection element] | provenance | |
|
||||
| conversions.swift:39:12:39:30 | [...] [Collection element] | conversions.swift:43:20:43:20 | arr | provenance | |
|
||||
| conversions.swift:39:12:39:30 | [...] [Collection element] | conversions.swift:43:20:43:20 | arr [Collection element] | provenance | |
|
||||
| conversions.swift:39:19:39:29 | call to sourceInt() | conversions.swift:39:12:39:30 | [...] [Collection element] | provenance | |
|
||||
| conversions.swift:41:12:41:12 | arr [Collection element] | conversions.swift:41:12:41:17 | ...[...] | provenance | |
|
||||
| conversions.swift:42:12:42:23 | call to Array<Element>.init(_:) [Collection element] | conversions.swift:42:12:42:23 | call to Array<Element>.init(_:) | provenance | |
|
||||
| conversions.swift:42:20:42:20 | arr | conversions.swift:42:12:42:23 | call to Array<Element>.init(_:) [Collection element] | provenance | |
|
||||
| conversions.swift:42:20:42:20 | arr [Collection element] | conversions.swift:42:12:42:23 | call to Array<Element>.init(_:) [Collection element] | provenance | |
|
||||
| conversions.swift:43:12:43:23 | call to Array<Element>.init(_:) [Collection element] | conversions.swift:43:12:43:26 | ...[...] | provenance | |
|
||||
| conversions.swift:43:20:43:20 | arr | conversions.swift:43:12:43:23 | call to Array<Element>.init(_:) [Collection element] | provenance | |
|
||||
| conversions.swift:43:20:43:20 | arr [Collection element] | conversions.swift:43:12:43:23 | call to Array<Element>.init(_:) [Collection element] | provenance | |
|
||||
| conversions.swift:44:12:44:39 | call to Array<Element>.init(_:) [Collection element] | conversions.swift:44:12:44:39 | call to Array<Element>.init(_:) | provenance | |
|
||||
| conversions.swift:44:20:44:33 | call to sourceString() | conversions.swift:44:20:44:35 | .utf8 | provenance | |
|
||||
@@ -106,32 +101,23 @@ edges
|
||||
| conversions.swift:171:14:171:33 | call to sourceArray(_:) | conversions.swift:185:31:185:31 | arr1 | provenance | |
|
||||
| conversions.swift:172:14:172:26 | [...] [Collection element] | conversions.swift:174:13:174:13 | arr2 | provenance | |
|
||||
| conversions.swift:172:14:172:26 | [...] [Collection element] | conversions.swift:176:13:176:13 | arr2 [Collection element] | provenance | |
|
||||
| conversions.swift:172:14:172:26 | [...] [Collection element] | conversions.swift:176:13:176:19 | ...[...] | provenance | |
|
||||
| conversions.swift:172:14:172:26 | [...] [Collection element] | conversions.swift:179:25:179:25 | arr2 | provenance | |
|
||||
| conversions.swift:172:14:172:26 | [...] [Collection element] | conversions.swift:179:25:179:25 | arr2 [Collection element] | provenance | |
|
||||
| conversions.swift:172:14:172:26 | [...] [Collection element] | conversions.swift:186:31:186:31 | arr2 | provenance | |
|
||||
| conversions.swift:172:14:172:26 | [...] [Collection element] | conversions.swift:186:31:186:31 | arr2 [Collection element] | provenance | |
|
||||
| conversions.swift:172:15:172:25 | call to sourceInt() | conversions.swift:172:14:172:26 | [...] [Collection element] | provenance | |
|
||||
| conversions.swift:176:13:176:13 | arr2 [Collection element] | conversions.swift:176:13:176:19 | ...[...] | provenance | |
|
||||
| conversions.swift:178:19:178:29 | call to Array<Element>.init(_:) [Collection element] | conversions.swift:180:13:180:13 | arr1b | provenance | |
|
||||
| conversions.swift:178:19:178:29 | call to Array<Element>.init(_:) [Collection element] | conversions.swift:182:13:182:13 | arr1b [Collection element] | provenance | |
|
||||
| conversions.swift:178:19:178:29 | call to Array<Element>.init(_:) [Collection element] | conversions.swift:182:13:182:20 | ...[...] | provenance | |
|
||||
| conversions.swift:178:25:178:25 | arr1 | conversions.swift:178:19:178:29 | call to Array<Element>.init(_:) [Collection element] | provenance | |
|
||||
| conversions.swift:179:19:179:29 | call to Array<Element>.init(_:) [Collection element] | conversions.swift:181:13:181:13 | arr2b | provenance | |
|
||||
| conversions.swift:179:19:179:29 | call to Array<Element>.init(_:) [Collection element] | conversions.swift:183:13:183:13 | arr2b [Collection element] | provenance | |
|
||||
| conversions.swift:179:19:179:29 | call to Array<Element>.init(_:) [Collection element] | conversions.swift:183:13:183:20 | ...[...] | provenance | |
|
||||
| conversions.swift:179:25:179:25 | arr2 | conversions.swift:179:19:179:29 | call to Array<Element>.init(_:) [Collection element] | provenance | |
|
||||
| conversions.swift:179:25:179:25 | arr2 [Collection element] | conversions.swift:179:19:179:29 | call to Array<Element>.init(_:) [Collection element] | provenance | |
|
||||
| conversions.swift:182:13:182:13 | arr1b [Collection element] | conversions.swift:182:13:182:20 | ...[...] | provenance | |
|
||||
| conversions.swift:183:13:183:13 | arr2b [Collection element] | conversions.swift:183:13:183:20 | ...[...] | provenance | |
|
||||
| conversions.swift:185:15:185:35 | call to ContiguousArray<Element>.init(_:) [Collection element] | conversions.swift:187:13:187:13 | arr1c | provenance | |
|
||||
| conversions.swift:185:15:185:35 | call to ContiguousArray<Element>.init(_:) [Collection element] | conversions.swift:189:13:189:13 | arr1c [Collection element] | provenance | |
|
||||
| conversions.swift:185:15:185:35 | call to ContiguousArray<Element>.init(_:) [Collection element] | conversions.swift:189:13:189:20 | ...[...] | provenance | |
|
||||
| conversions.swift:185:31:185:31 | arr1 | conversions.swift:185:15:185:35 | call to ContiguousArray<Element>.init(_:) [Collection element] | provenance | |
|
||||
| conversions.swift:186:15:186:35 | call to ContiguousArray<Element>.init(_:) [Collection element] | conversions.swift:188:13:188:13 | arr2c | provenance | |
|
||||
| conversions.swift:186:15:186:35 | call to ContiguousArray<Element>.init(_:) [Collection element] | conversions.swift:190:13:190:13 | arr2c [Collection element] | provenance | |
|
||||
| conversions.swift:186:15:186:35 | call to ContiguousArray<Element>.init(_:) [Collection element] | conversions.swift:190:13:190:20 | ...[...] | provenance | |
|
||||
| conversions.swift:186:31:186:31 | arr2 | conversions.swift:186:15:186:35 | call to ContiguousArray<Element>.init(_:) [Collection element] | provenance | |
|
||||
| conversions.swift:186:31:186:31 | arr2 [Collection element] | conversions.swift:186:15:186:35 | call to ContiguousArray<Element>.init(_:) [Collection element] | provenance | |
|
||||
| conversions.swift:189:13:189:13 | arr1c [Collection element] | conversions.swift:189:13:189:20 | ...[...] | provenance | |
|
||||
| conversions.swift:190:13:190:13 | arr2c [Collection element] | conversions.swift:190:13:190:20 | ...[...] | provenance | |
|
||||
@@ -277,11 +263,9 @@ nodes
|
||||
| conversions.swift:41:12:41:17 | ...[...] | semmle.label | ...[...] |
|
||||
| conversions.swift:42:12:42:23 | call to Array<Element>.init(_:) | semmle.label | call to Array<Element>.init(_:) |
|
||||
| conversions.swift:42:12:42:23 | call to Array<Element>.init(_:) [Collection element] | semmle.label | call to Array<Element>.init(_:) [Collection element] |
|
||||
| conversions.swift:42:20:42:20 | arr | semmle.label | arr |
|
||||
| conversions.swift:42:20:42:20 | arr [Collection element] | semmle.label | arr [Collection element] |
|
||||
| conversions.swift:43:12:43:23 | call to Array<Element>.init(_:) [Collection element] | semmle.label | call to Array<Element>.init(_:) [Collection element] |
|
||||
| conversions.swift:43:12:43:26 | ...[...] | semmle.label | ...[...] |
|
||||
| conversions.swift:43:20:43:20 | arr | semmle.label | arr |
|
||||
| conversions.swift:43:20:43:20 | arr [Collection element] | semmle.label | arr [Collection element] |
|
||||
| conversions.swift:44:12:44:39 | call to Array<Element>.init(_:) | semmle.label | call to Array<Element>.init(_:) |
|
||||
| conversions.swift:44:12:44:39 | call to Array<Element>.init(_:) [Collection element] | semmle.label | call to Array<Element>.init(_:) [Collection element] |
|
||||
@@ -409,7 +393,6 @@ nodes
|
||||
| conversions.swift:178:19:178:29 | call to Array<Element>.init(_:) [Collection element] | semmle.label | call to Array<Element>.init(_:) [Collection element] |
|
||||
| conversions.swift:178:25:178:25 | arr1 | semmle.label | arr1 |
|
||||
| conversions.swift:179:19:179:29 | call to Array<Element>.init(_:) [Collection element] | semmle.label | call to Array<Element>.init(_:) [Collection element] |
|
||||
| conversions.swift:179:25:179:25 | arr2 | semmle.label | arr2 |
|
||||
| conversions.swift:179:25:179:25 | arr2 [Collection element] | semmle.label | arr2 [Collection element] |
|
||||
| conversions.swift:180:13:180:13 | arr1b | semmle.label | arr1b |
|
||||
| conversions.swift:181:13:181:13 | arr2b | semmle.label | arr2b |
|
||||
@@ -420,7 +403,6 @@ nodes
|
||||
| conversions.swift:185:15:185:35 | call to ContiguousArray<Element>.init(_:) [Collection element] | semmle.label | call to ContiguousArray<Element>.init(_:) [Collection element] |
|
||||
| conversions.swift:185:31:185:31 | arr1 | semmle.label | arr1 |
|
||||
| conversions.swift:186:15:186:35 | call to ContiguousArray<Element>.init(_:) [Collection element] | semmle.label | call to ContiguousArray<Element>.init(_:) [Collection element] |
|
||||
| conversions.swift:186:31:186:31 | arr2 | semmle.label | arr2 |
|
||||
| conversions.swift:186:31:186:31 | arr2 [Collection element] | semmle.label | arr2 [Collection element] |
|
||||
| conversions.swift:187:13:187:13 | arr1c | semmle.label | arr1c |
|
||||
| conversions.swift:188:13:188:13 | arr2c | semmle.label | arr2c |
|
||||
|
||||
@@ -28,7 +28,7 @@ func testSet(ix: Int) {
|
||||
sink(arg: taintedSet.max()!) // $ tainted=t1
|
||||
sink(arg: taintedSet.firstIndex(of: source("t2"))!)
|
||||
sink(arg: taintedSet[taintedSet.firstIndex(of: source("t3"))!]) // $ tainted=t1
|
||||
sink(arg: taintedSet.first!) // $ tainted=t1
|
||||
sink(arg: taintedSet.first!) // $ MISSING: tainted=t1
|
||||
for elem in taintedSet {
|
||||
sink(arg: elem) // $ tainted=t1
|
||||
}
|
||||
@@ -100,7 +100,7 @@ func testSet(ix: Int) {
|
||||
sink(arg: taintedSet.sorted().randomElement()!) // $ tainted=t1
|
||||
sink(arg: taintedSet.shuffled().randomElement()!) // $ tainted=t1
|
||||
|
||||
sink(arg: taintedSet.lazy[taintedSet.firstIndex(of: source("t11"))!]) // $ tainted=t1
|
||||
sink(arg: taintedSet.lazy[taintedSet.firstIndex(of: source("t11"))!]) // $ MISSING: tainted=t1
|
||||
|
||||
var it = taintedSet.makeIterator()
|
||||
sink(arg: it.next()!) // $ tainted=t1
|
||||
|
||||
@@ -41,16 +41,14 @@ edges
|
||||
| UnsafeJsEval.swift:286:51:286:51 | stringBytes [Collection element] | UnsafeJsEval.swift:287:60:287:60 | stringBytes [Collection element] | provenance | |
|
||||
| UnsafeJsEval.swift:287:16:287:98 | call to JSStringRetain(_:) | UnsafeJsEval.swift:291:17:291:17 | jsstr | provenance | |
|
||||
| UnsafeJsEval.swift:287:31:287:97 | call to JSStringCreateWithCharacters(_:_:) | UnsafeJsEval.swift:287:16:287:98 | call to JSStringRetain(_:) | provenance | |
|
||||
| UnsafeJsEval.swift:287:60:287:60 | stringBytes | UnsafeJsEval.swift:287:60:287:72 | .baseAddress | provenance | Config |
|
||||
| UnsafeJsEval.swift:287:60:287:60 | stringBytes [Collection element] | UnsafeJsEval.swift:287:60:287:60 | stringBytes | provenance | |
|
||||
| UnsafeJsEval.swift:287:60:287:60 | stringBytes [Collection element] | UnsafeJsEval.swift:287:60:287:72 | .baseAddress | provenance | Config |
|
||||
| UnsafeJsEval.swift:287:60:287:72 | .baseAddress | UnsafeJsEval.swift:287:31:287:97 | call to JSStringCreateWithCharacters(_:_:) | provenance | |
|
||||
| UnsafeJsEval.swift:299:13:299:13 | string | UnsafeJsEval.swift:300:3:300:10 | .utf8CString | provenance | |
|
||||
| UnsafeJsEval.swift:300:3:300:10 | .utf8CString | UnsafeJsEval.swift:300:48:300:48 | stringBytes [Collection element] | provenance | |
|
||||
| UnsafeJsEval.swift:300:48:300:48 | stringBytes [Collection element] | UnsafeJsEval.swift:301:61:301:61 | stringBytes [Collection element] | provenance | |
|
||||
| UnsafeJsEval.swift:301:16:301:85 | call to JSStringRetain(_:) | UnsafeJsEval.swift:305:17:305:17 | jsstr | provenance | |
|
||||
| UnsafeJsEval.swift:301:31:301:84 | call to JSStringCreateWithUTF8CString(_:) | UnsafeJsEval.swift:301:16:301:85 | call to JSStringRetain(_:) | provenance | |
|
||||
| UnsafeJsEval.swift:301:61:301:61 | stringBytes | UnsafeJsEval.swift:301:61:301:73 | .baseAddress | provenance | Config |
|
||||
| UnsafeJsEval.swift:301:61:301:61 | stringBytes [Collection element] | UnsafeJsEval.swift:301:61:301:61 | stringBytes | provenance | |
|
||||
| UnsafeJsEval.swift:301:61:301:61 | stringBytes [Collection element] | UnsafeJsEval.swift:301:61:301:73 | .baseAddress | provenance | Config |
|
||||
| UnsafeJsEval.swift:301:61:301:73 | .baseAddress | UnsafeJsEval.swift:301:31:301:84 | call to JSStringCreateWithUTF8CString(_:) | provenance | |
|
||||
| UnsafeJsEval.swift:318:24:318:87 | call to String.init(contentsOf:) | UnsafeJsEval.swift:320:44:320:74 | ... .+(_:_:) ... | provenance | |
|
||||
nodes
|
||||
@@ -80,7 +78,6 @@ nodes
|
||||
| UnsafeJsEval.swift:286:51:286:51 | stringBytes [Collection element] | semmle.label | stringBytes [Collection element] |
|
||||
| UnsafeJsEval.swift:287:16:287:98 | call to JSStringRetain(_:) | semmle.label | call to JSStringRetain(_:) |
|
||||
| UnsafeJsEval.swift:287:31:287:97 | call to JSStringCreateWithCharacters(_:_:) | semmle.label | call to JSStringCreateWithCharacters(_:_:) |
|
||||
| UnsafeJsEval.swift:287:60:287:60 | stringBytes | semmle.label | stringBytes |
|
||||
| UnsafeJsEval.swift:287:60:287:60 | stringBytes [Collection element] | semmle.label | stringBytes [Collection element] |
|
||||
| UnsafeJsEval.swift:287:60:287:72 | .baseAddress | semmle.label | .baseAddress |
|
||||
| UnsafeJsEval.swift:291:17:291:17 | jsstr | semmle.label | jsstr |
|
||||
@@ -89,7 +86,6 @@ nodes
|
||||
| UnsafeJsEval.swift:300:48:300:48 | stringBytes [Collection element] | semmle.label | stringBytes [Collection element] |
|
||||
| UnsafeJsEval.swift:301:16:301:85 | call to JSStringRetain(_:) | semmle.label | call to JSStringRetain(_:) |
|
||||
| UnsafeJsEval.swift:301:31:301:84 | call to JSStringCreateWithUTF8CString(_:) | semmle.label | call to JSStringCreateWithUTF8CString(_:) |
|
||||
| UnsafeJsEval.swift:301:61:301:61 | stringBytes | semmle.label | stringBytes |
|
||||
| UnsafeJsEval.swift:301:61:301:61 | stringBytes [Collection element] | semmle.label | stringBytes [Collection element] |
|
||||
| UnsafeJsEval.swift:301:61:301:73 | .baseAddress | semmle.label | .baseAddress |
|
||||
| UnsafeJsEval.swift:305:17:305:17 | jsstr | semmle.label | jsstr |
|
||||
|
||||
@@ -26,10 +26,7 @@ edges
|
||||
| cryptoswift.swift:94:18:94:36 | call to getConstantString() | cryptoswift.swift:155:26:155:26 | keyString | provenance | |
|
||||
| cryptoswift.swift:94:18:94:36 | call to getConstantString() | cryptoswift.swift:164:24:164:24 | keyString | provenance | |
|
||||
| cryptoswift.swift:94:18:94:36 | call to getConstantString() | cryptoswift.swift:166:24:166:24 | keyString | provenance | |
|
||||
| file://:0:0:0:0 | [post] self | misc.swift:30:7:30:7 | self [Return] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [encryptionKey] | file://:0:0:0:0 | [post] self | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [encryptionKey] | file://:0:0:0:0 | [post] self | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [encryptionKey] | misc.swift:30:7:30:7 | self [Return] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [encryptionKey] | misc.swift:30:7:30:7 | self [Return] [encryptionKey] | provenance | |
|
||||
| file://:0:0:0:0 | value | file://:0:0:0:0 | [post] self [encryptionKey] | provenance | |
|
||||
| grdb.swift:21:20:21:20 | abc123 | grdb.swift:27:23:27:23 | constString | provenance | |
|
||||
@@ -45,11 +42,9 @@ edges
|
||||
| misc.swift:57:24:57:24 | abcdef123456 | misc.swift:57:19:57:38 | call to Data.init(_:) | provenance | |
|
||||
| misc.swift:66:2:66:2 | [post] config [encryptionKey] | misc.swift:66:2:66:2 | [post] config | provenance | |
|
||||
| misc.swift:66:25:66:25 | myConstKey | misc.swift:30:7:30:7 | value | provenance | |
|
||||
| misc.swift:66:25:66:25 | myConstKey | misc.swift:66:2:66:2 | [post] config | provenance | |
|
||||
| misc.swift:66:25:66:25 | myConstKey | misc.swift:66:2:66:2 | [post] config [encryptionKey] | provenance | |
|
||||
| misc.swift:70:2:70:18 | [post] getter for .config [encryptionKey] | misc.swift:70:2:70:18 | [post] getter for .config | provenance | |
|
||||
| misc.swift:70:41:70:41 | myConstKey | misc.swift:30:7:30:7 | value | provenance | |
|
||||
| misc.swift:70:41:70:41 | myConstKey | misc.swift:70:2:70:18 | [post] getter for .config | provenance | |
|
||||
| misc.swift:70:41:70:41 | myConstKey | misc.swift:70:2:70:18 | [post] getter for .config [encryptionKey] | provenance | |
|
||||
| misc.swift:73:14:73:20 | k1 | misc.swift:76:26:76:29 | .utf8 | provenance | |
|
||||
| misc.swift:73:28:73:34 | k2 | misc.swift:77:26:77:29 | .utf8 | provenance | |
|
||||
@@ -117,7 +112,6 @@ nodes
|
||||
| cryptoswift.swift:165:24:165:24 | key | semmle.label | key |
|
||||
| cryptoswift.swift:166:24:166:24 | keyString | semmle.label | keyString |
|
||||
| file://:0:0:0:0 | [post] self | semmle.label | [post] self |
|
||||
| file://:0:0:0:0 | [post] self | semmle.label | [post] self |
|
||||
| file://:0:0:0:0 | [post] self [encryptionKey] | semmle.label | [post] self [encryptionKey] |
|
||||
| file://:0:0:0:0 | value | semmle.label | value |
|
||||
| grdb.swift:21:20:21:20 | abc123 | semmle.label | abc123 |
|
||||
@@ -128,7 +122,6 @@ nodes
|
||||
| grdb.swift:29:23:29:23 | constData | semmle.label | constData |
|
||||
| grdb.swift:31:26:31:26 | constString | semmle.label | constString |
|
||||
| grdb.swift:33:26:33:26 | constData | semmle.label | constData |
|
||||
| misc.swift:30:7:30:7 | self [Return] | semmle.label | self [Return] |
|
||||
| misc.swift:30:7:30:7 | self [Return] [encryptionKey] | semmle.label | self [Return] [encryptionKey] |
|
||||
| misc.swift:30:7:30:7 | value | semmle.label | value |
|
||||
| misc.swift:57:19:57:38 | call to Data.init(_:) | semmle.label | call to Data.init(_:) |
|
||||
@@ -175,9 +168,7 @@ nodes
|
||||
| sqlite3_c_api.swift:49:36:49:36 | buffer | semmle.label | buffer |
|
||||
| sqlite3_c_api.swift:50:38:50:38 | buffer | semmle.label | buffer |
|
||||
subpaths
|
||||
| misc.swift:66:25:66:25 | myConstKey | misc.swift:30:7:30:7 | value | misc.swift:30:7:30:7 | self [Return] | misc.swift:66:2:66:2 | [post] config |
|
||||
| misc.swift:66:25:66:25 | myConstKey | misc.swift:30:7:30:7 | value | misc.swift:30:7:30:7 | self [Return] [encryptionKey] | misc.swift:66:2:66:2 | [post] config [encryptionKey] |
|
||||
| misc.swift:70:41:70:41 | myConstKey | misc.swift:30:7:30:7 | value | misc.swift:30:7:30:7 | self [Return] | misc.swift:70:2:70:18 | [post] getter for .config |
|
||||
| misc.swift:70:41:70:41 | myConstKey | misc.swift:30:7:30:7 | value | misc.swift:30:7:30:7 | self [Return] [encryptionKey] | misc.swift:70:2:70:18 | [post] getter for .config [encryptionKey] |
|
||||
#select
|
||||
| SQLite.swift:43:13:43:13 | hardcoded_key | SQLite.swift:43:13:43:13 | hardcoded_key | SQLite.swift:43:13:43:13 | hardcoded_key | The key 'hardcoded_key' has been initialized with hard-coded values from $@. | SQLite.swift:43:13:43:13 | hardcoded_key | hardcoded_key |
|
||||
|
||||
@@ -5,33 +5,26 @@ edges
|
||||
| InsecureTLS.swift:23:7:23:7 | value | file://:0:0:0:0 | value | provenance | |
|
||||
| InsecureTLS.swift:40:3:40:3 | [post] config [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:40:3:40:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:40:47:40:70 | .TLSv10 | InsecureTLS.swift:19:7:19:7 | value | provenance | |
|
||||
| InsecureTLS.swift:40:47:40:70 | .TLSv10 | InsecureTLS.swift:40:3:40:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:40:47:40:70 | .TLSv10 | InsecureTLS.swift:40:3:40:3 | [post] config [tlsMinimumSupportedProtocolVersion] | provenance | |
|
||||
| InsecureTLS.swift:45:3:45:3 | [post] config [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:45:3:45:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:45:47:45:70 | .TLSv11 | InsecureTLS.swift:19:7:19:7 | value | provenance | |
|
||||
| InsecureTLS.swift:45:47:45:70 | .TLSv11 | InsecureTLS.swift:45:3:45:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:45:47:45:70 | .TLSv11 | InsecureTLS.swift:45:3:45:3 | [post] config [tlsMinimumSupportedProtocolVersion] | provenance | |
|
||||
| InsecureTLS.swift:57:3:57:3 | [post] config [tlsMaximumSupportedProtocolVersion] | InsecureTLS.swift:57:3:57:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:57:47:57:70 | .TLSv10 | InsecureTLS.swift:20:7:20:7 | value | provenance | |
|
||||
| InsecureTLS.swift:57:47:57:70 | .TLSv10 | InsecureTLS.swift:57:3:57:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:57:47:57:70 | .TLSv10 | InsecureTLS.swift:57:3:57:3 | [post] config [tlsMaximumSupportedProtocolVersion] | provenance | |
|
||||
| InsecureTLS.swift:64:3:64:3 | [post] config [tlsMinimumSupportedProtocol] | InsecureTLS.swift:64:3:64:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:64:40:64:52 | .tlsProtocol10 | InsecureTLS.swift:22:7:22:7 | value | provenance | |
|
||||
| InsecureTLS.swift:64:40:64:52 | .tlsProtocol10 | InsecureTLS.swift:64:3:64:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:64:40:64:52 | .tlsProtocol10 | InsecureTLS.swift:64:3:64:3 | [post] config [tlsMinimumSupportedProtocol] | provenance | |
|
||||
| InsecureTLS.swift:76:3:76:3 | [post] config [tlsMaximumSupportedProtocol] | InsecureTLS.swift:76:3:76:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:76:40:76:52 | .tlsProtocol10 | InsecureTLS.swift:23:7:23:7 | value | provenance | |
|
||||
| InsecureTLS.swift:76:40:76:52 | .tlsProtocol10 | InsecureTLS.swift:76:3:76:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:76:40:76:52 | .tlsProtocol10 | InsecureTLS.swift:76:3:76:3 | [post] config [tlsMaximumSupportedProtocol] | provenance | |
|
||||
| InsecureTLS.swift:102:10:102:33 | .TLSv10 | InsecureTLS.swift:111:47:111:64 | call to getBadTLSVersion() | provenance | |
|
||||
| InsecureTLS.swift:111:3:111:3 | [post] config [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:111:3:111:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:111:47:111:64 | call to getBadTLSVersion() | InsecureTLS.swift:19:7:19:7 | value | provenance | |
|
||||
| InsecureTLS.swift:111:47:111:64 | call to getBadTLSVersion() | InsecureTLS.swift:111:3:111:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:111:47:111:64 | call to getBadTLSVersion() | InsecureTLS.swift:111:3:111:3 | [post] config [tlsMinimumSupportedProtocolVersion] | provenance | |
|
||||
| InsecureTLS.swift:121:55:121:66 | version | InsecureTLS.swift:122:47:122:47 | version | provenance | |
|
||||
| InsecureTLS.swift:122:3:122:3 | [post] config [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:122:3:122:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:122:47:122:47 | version | InsecureTLS.swift:19:7:19:7 | value | provenance | |
|
||||
| InsecureTLS.swift:122:47:122:47 | version | InsecureTLS.swift:122:3:122:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:122:47:122:47 | version | InsecureTLS.swift:122:3:122:3 | [post] config [tlsMinimumSupportedProtocolVersion] | provenance | |
|
||||
| InsecureTLS.swift:127:25:127:48 | .TLSv11 | InsecureTLS.swift:121:55:121:66 | version | provenance | |
|
||||
| InsecureTLS.swift:158:7:158:7 | self [TLSVersion] | file://:0:0:0:0 | self [TLSVersion] | provenance | |
|
||||
@@ -43,11 +36,9 @@ edges
|
||||
| InsecureTLS.swift:165:47:165:47 | def [TLSVersion] | InsecureTLS.swift:158:7:158:7 | self [TLSVersion] | provenance | |
|
||||
| InsecureTLS.swift:165:47:165:47 | def [TLSVersion] | InsecureTLS.swift:165:47:165:51 | .TLSVersion | provenance | |
|
||||
| InsecureTLS.swift:165:47:165:51 | .TLSVersion | InsecureTLS.swift:19:7:19:7 | value | provenance | |
|
||||
| InsecureTLS.swift:165:47:165:51 | .TLSVersion | InsecureTLS.swift:165:3:165:3 | [post] config | provenance | |
|
||||
| InsecureTLS.swift:165:47:165:51 | .TLSVersion | InsecureTLS.swift:165:3:165:3 | [post] config [tlsMinimumSupportedProtocolVersion] | provenance | |
|
||||
| InsecureTLS.swift:181:3:181:9 | [post] getter for .config [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:181:3:181:9 | [post] getter for .config | provenance | |
|
||||
| InsecureTLS.swift:181:53:181:76 | .TLSv10 | InsecureTLS.swift:19:7:19:7 | value | provenance | |
|
||||
| InsecureTLS.swift:181:53:181:76 | .TLSv10 | InsecureTLS.swift:181:3:181:9 | [post] getter for .config | provenance | |
|
||||
| InsecureTLS.swift:181:53:181:76 | .TLSv10 | InsecureTLS.swift:181:3:181:9 | [post] getter for .config [tlsMinimumSupportedProtocolVersion] | provenance | |
|
||||
| InsecureTLS.swift:185:20:185:36 | withMinVersion | InsecureTLS.swift:187:42:187:42 | withMinVersion | provenance | |
|
||||
| InsecureTLS.swift:187:5:187:5 | [post] self [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:187:5:187:5 | [post] self | provenance | |
|
||||
@@ -58,27 +49,15 @@ edges
|
||||
| InsecureTLS.swift:202:24:202:31 | [post] getter for .tlsMinimumSupportedProtocolVersion | InsecureTLS.swift:202:24:202:24 | [post] config [tlsMinimumSupportedProtocolVersion] | provenance | |
|
||||
| InsecureTLS.swift:202:74:202:97 | .TLSv10 | InsecureTLS.swift:196:56:196:63 | value | provenance | |
|
||||
| InsecureTLS.swift:202:74:202:97 | .TLSv10 | InsecureTLS.swift:202:24:202:31 | [post] getter for .tlsMinimumSupportedProtocolVersion | provenance | |
|
||||
| file://:0:0:0:0 | [post] self | InsecureTLS.swift:19:7:19:7 | self [Return] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self | InsecureTLS.swift:20:7:20:7 | self [Return] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self | InsecureTLS.swift:22:7:22:7 | self [Return] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self | InsecureTLS.swift:23:7:23:7 | self [Return] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [TLSVersion] | InsecureTLS.swift:158:7:158:7 | self [Return] [TLSVersion] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMaximumSupportedProtocolVersion] | InsecureTLS.swift:20:7:20:7 | self [Return] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMaximumSupportedProtocolVersion] | InsecureTLS.swift:20:7:20:7 | self [Return] [tlsMaximumSupportedProtocolVersion] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMaximumSupportedProtocolVersion] | file://:0:0:0:0 | [post] self | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMaximumSupportedProtocolVersion] | file://:0:0:0:0 | [post] self | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMaximumSupportedProtocol] | InsecureTLS.swift:23:7:23:7 | self [Return] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMaximumSupportedProtocol] | InsecureTLS.swift:23:7:23:7 | self [Return] [tlsMaximumSupportedProtocol] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMaximumSupportedProtocol] | file://:0:0:0:0 | [post] self | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMaximumSupportedProtocol] | file://:0:0:0:0 | [post] self | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:19:7:19:7 | self [Return] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:19:7:19:7 | self [Return] [tlsMinimumSupportedProtocolVersion] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMinimumSupportedProtocolVersion] | file://:0:0:0:0 | [post] self | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMinimumSupportedProtocolVersion] | file://:0:0:0:0 | [post] self | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMinimumSupportedProtocol] | InsecureTLS.swift:22:7:22:7 | self [Return] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMinimumSupportedProtocol] | InsecureTLS.swift:22:7:22:7 | self [Return] [tlsMinimumSupportedProtocol] | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMinimumSupportedProtocol] | file://:0:0:0:0 | [post] self | provenance | |
|
||||
| file://:0:0:0:0 | [post] self [tlsMinimumSupportedProtocol] | file://:0:0:0:0 | [post] self | provenance | |
|
||||
| file://:0:0:0:0 | self [TLSVersion] | file://:0:0:0:0 | .TLSVersion | provenance | |
|
||||
| file://:0:0:0:0 | value | file://:0:0:0:0 | [post] self [TLSVersion] | provenance | |
|
||||
| file://:0:0:0:0 | value | file://:0:0:0:0 | [post] self [tlsMaximumSupportedProtocolVersion] | provenance | |
|
||||
@@ -86,16 +65,12 @@ edges
|
||||
| file://:0:0:0:0 | value | file://:0:0:0:0 | [post] self [tlsMinimumSupportedProtocolVersion] | provenance | |
|
||||
| file://:0:0:0:0 | value | file://:0:0:0:0 | [post] self [tlsMinimumSupportedProtocol] | provenance | |
|
||||
nodes
|
||||
| InsecureTLS.swift:19:7:19:7 | self [Return] | semmle.label | self [Return] |
|
||||
| InsecureTLS.swift:19:7:19:7 | self [Return] [tlsMinimumSupportedProtocolVersion] | semmle.label | self [Return] [tlsMinimumSupportedProtocolVersion] |
|
||||
| InsecureTLS.swift:19:7:19:7 | value | semmle.label | value |
|
||||
| InsecureTLS.swift:20:7:20:7 | self [Return] | semmle.label | self [Return] |
|
||||
| InsecureTLS.swift:20:7:20:7 | self [Return] [tlsMaximumSupportedProtocolVersion] | semmle.label | self [Return] [tlsMaximumSupportedProtocolVersion] |
|
||||
| InsecureTLS.swift:20:7:20:7 | value | semmle.label | value |
|
||||
| InsecureTLS.swift:22:7:22:7 | self [Return] | semmle.label | self [Return] |
|
||||
| InsecureTLS.swift:22:7:22:7 | self [Return] [tlsMinimumSupportedProtocol] | semmle.label | self [Return] [tlsMinimumSupportedProtocol] |
|
||||
| InsecureTLS.swift:22:7:22:7 | value | semmle.label | value |
|
||||
| InsecureTLS.swift:23:7:23:7 | self [Return] | semmle.label | self [Return] |
|
||||
| InsecureTLS.swift:23:7:23:7 | self [Return] [tlsMaximumSupportedProtocol] | semmle.label | self [Return] [tlsMaximumSupportedProtocol] |
|
||||
| InsecureTLS.swift:23:7:23:7 | value | semmle.label | value |
|
||||
| InsecureTLS.swift:40:3:40:3 | [post] config | semmle.label | [post] config |
|
||||
@@ -150,10 +125,6 @@ nodes
|
||||
| file://:0:0:0:0 | [post] self | semmle.label | [post] self |
|
||||
| file://:0:0:0:0 | [post] self | semmle.label | [post] self |
|
||||
| file://:0:0:0:0 | [post] self | semmle.label | [post] self |
|
||||
| file://:0:0:0:0 | [post] self | semmle.label | [post] self |
|
||||
| file://:0:0:0:0 | [post] self | semmle.label | [post] self |
|
||||
| file://:0:0:0:0 | [post] self | semmle.label | [post] self |
|
||||
| file://:0:0:0:0 | [post] self | semmle.label | [post] self |
|
||||
| file://:0:0:0:0 | [post] self [TLSVersion] | semmle.label | [post] self [TLSVersion] |
|
||||
| file://:0:0:0:0 | [post] self [tlsMaximumSupportedProtocolVersion] | semmle.label | [post] self [tlsMaximumSupportedProtocolVersion] |
|
||||
| file://:0:0:0:0 | [post] self [tlsMaximumSupportedProtocol] | semmle.label | [post] self [tlsMaximumSupportedProtocol] |
|
||||
@@ -166,25 +137,16 @@ nodes
|
||||
| file://:0:0:0:0 | value | semmle.label | value |
|
||||
| file://:0:0:0:0 | value | semmle.label | value |
|
||||
subpaths
|
||||
| InsecureTLS.swift:40:47:40:70 | .TLSv10 | InsecureTLS.swift:19:7:19:7 | value | InsecureTLS.swift:19:7:19:7 | self [Return] | InsecureTLS.swift:40:3:40:3 | [post] config |
|
||||
| InsecureTLS.swift:40:47:40:70 | .TLSv10 | InsecureTLS.swift:19:7:19:7 | value | InsecureTLS.swift:19:7:19:7 | self [Return] [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:40:3:40:3 | [post] config [tlsMinimumSupportedProtocolVersion] |
|
||||
| InsecureTLS.swift:45:47:45:70 | .TLSv11 | InsecureTLS.swift:19:7:19:7 | value | InsecureTLS.swift:19:7:19:7 | self [Return] | InsecureTLS.swift:45:3:45:3 | [post] config |
|
||||
| InsecureTLS.swift:45:47:45:70 | .TLSv11 | InsecureTLS.swift:19:7:19:7 | value | InsecureTLS.swift:19:7:19:7 | self [Return] [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:45:3:45:3 | [post] config [tlsMinimumSupportedProtocolVersion] |
|
||||
| InsecureTLS.swift:57:47:57:70 | .TLSv10 | InsecureTLS.swift:20:7:20:7 | value | InsecureTLS.swift:20:7:20:7 | self [Return] | InsecureTLS.swift:57:3:57:3 | [post] config |
|
||||
| InsecureTLS.swift:57:47:57:70 | .TLSv10 | InsecureTLS.swift:20:7:20:7 | value | InsecureTLS.swift:20:7:20:7 | self [Return] [tlsMaximumSupportedProtocolVersion] | InsecureTLS.swift:57:3:57:3 | [post] config [tlsMaximumSupportedProtocolVersion] |
|
||||
| InsecureTLS.swift:64:40:64:52 | .tlsProtocol10 | InsecureTLS.swift:22:7:22:7 | value | InsecureTLS.swift:22:7:22:7 | self [Return] | InsecureTLS.swift:64:3:64:3 | [post] config |
|
||||
| InsecureTLS.swift:64:40:64:52 | .tlsProtocol10 | InsecureTLS.swift:22:7:22:7 | value | InsecureTLS.swift:22:7:22:7 | self [Return] [tlsMinimumSupportedProtocol] | InsecureTLS.swift:64:3:64:3 | [post] config [tlsMinimumSupportedProtocol] |
|
||||
| InsecureTLS.swift:76:40:76:52 | .tlsProtocol10 | InsecureTLS.swift:23:7:23:7 | value | InsecureTLS.swift:23:7:23:7 | self [Return] | InsecureTLS.swift:76:3:76:3 | [post] config |
|
||||
| InsecureTLS.swift:76:40:76:52 | .tlsProtocol10 | InsecureTLS.swift:23:7:23:7 | value | InsecureTLS.swift:23:7:23:7 | self [Return] [tlsMaximumSupportedProtocol] | InsecureTLS.swift:76:3:76:3 | [post] config [tlsMaximumSupportedProtocol] |
|
||||
| InsecureTLS.swift:111:47:111:64 | call to getBadTLSVersion() | InsecureTLS.swift:19:7:19:7 | value | InsecureTLS.swift:19:7:19:7 | self [Return] | InsecureTLS.swift:111:3:111:3 | [post] config |
|
||||
| InsecureTLS.swift:111:47:111:64 | call to getBadTLSVersion() | InsecureTLS.swift:19:7:19:7 | value | InsecureTLS.swift:19:7:19:7 | self [Return] [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:111:3:111:3 | [post] config [tlsMinimumSupportedProtocolVersion] |
|
||||
| InsecureTLS.swift:122:47:122:47 | version | InsecureTLS.swift:19:7:19:7 | value | InsecureTLS.swift:19:7:19:7 | self [Return] | InsecureTLS.swift:122:3:122:3 | [post] config |
|
||||
| InsecureTLS.swift:122:47:122:47 | version | InsecureTLS.swift:19:7:19:7 | value | InsecureTLS.swift:19:7:19:7 | self [Return] [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:122:3:122:3 | [post] config [tlsMinimumSupportedProtocolVersion] |
|
||||
| InsecureTLS.swift:163:20:163:43 | .TLSv10 | InsecureTLS.swift:158:7:158:7 | value | InsecureTLS.swift:158:7:158:7 | self [Return] [TLSVersion] | InsecureTLS.swift:163:3:163:3 | [post] def [TLSVersion] |
|
||||
| InsecureTLS.swift:165:47:165:47 | def [TLSVersion] | InsecureTLS.swift:158:7:158:7 | self [TLSVersion] | file://:0:0:0:0 | .TLSVersion | InsecureTLS.swift:165:47:165:51 | .TLSVersion |
|
||||
| InsecureTLS.swift:165:47:165:51 | .TLSVersion | InsecureTLS.swift:19:7:19:7 | value | InsecureTLS.swift:19:7:19:7 | self [Return] | InsecureTLS.swift:165:3:165:3 | [post] config |
|
||||
| InsecureTLS.swift:165:47:165:51 | .TLSVersion | InsecureTLS.swift:19:7:19:7 | value | InsecureTLS.swift:19:7:19:7 | self [Return] [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:165:3:165:3 | [post] config [tlsMinimumSupportedProtocolVersion] |
|
||||
| InsecureTLS.swift:181:53:181:76 | .TLSv10 | InsecureTLS.swift:19:7:19:7 | value | InsecureTLS.swift:19:7:19:7 | self [Return] | InsecureTLS.swift:181:3:181:9 | [post] getter for .config |
|
||||
| InsecureTLS.swift:181:53:181:76 | .TLSv10 | InsecureTLS.swift:19:7:19:7 | value | InsecureTLS.swift:19:7:19:7 | self [Return] [tlsMinimumSupportedProtocolVersion] | InsecureTLS.swift:181:3:181:9 | [post] getter for .config [tlsMinimumSupportedProtocolVersion] |
|
||||
| InsecureTLS.swift:202:74:202:97 | .TLSv10 | InsecureTLS.swift:196:56:196:63 | value | InsecureTLS.swift:196:1:198:1 | version[return] | InsecureTLS.swift:202:24:202:31 | [post] getter for .tlsMinimumSupportedProtocolVersion |
|
||||
#select
|
||||
|
||||
Reference in New Issue
Block a user