Skip to content

Commit 1248810

Browse files
committed
Swift: Add model for URL.resourceBytes and URL.lines.
1 parent fa5e03a commit 1248810

File tree

3 files changed

+31
-0
lines changed

3 files changed

+31
-0
lines changed

swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,7 @@ private import internal.FlowSummaryImplSpecific
7979
*/
8080
private module Frameworks {
8181
private import codeql.swift.frameworks.StandardLibrary.String
82+
private import codeql.swift.frameworks.StandardLibrary.Url
8283
}
8384

8485
/**
Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
import swift
2+
private import codeql.swift.dataflow.FlowSources
3+
4+
/**
5+
* Model certain members of `URL` as sources of remote flow.
6+
*/
7+
class UrlRemoteFlowSource extends RemoteFlowSource {
8+
UrlRemoteFlowSource() {
9+
exists(StructDecl urlClass, ConcreteVarDecl memberDecl |
10+
urlClass.getName() = "URL" and
11+
(
12+
urlClass.getAMember() = memberDecl and
13+
memberDecl.getName() = ["resourceBytes", "lines"]
14+
or
15+
exists(StructDecl asyncBytesClass |
16+
urlClass.getAMember() = asyncBytesClass and
17+
asyncBytesClass.getName() = "AsyncBytes" and
18+
asyncBytesClass.getAMember() = memberDecl and
19+
memberDecl.getName() = "lines"
20+
)
21+
) and
22+
this.asExpr().(MemberRefExpr).getMember() = memberDecl
23+
)
24+
}
25+
26+
override string getSourceType() { result = "external" }
27+
}
Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,5 @@
11
| string.swift:27:21:27:21 | call to init(contentsOf:) | external |
22
| string.swift:27:21:27:44 | call to init(contentsOf:) | external |
3+
| url.swift:53:15:53:19 | .resourceBytes | external |
4+
| url.swift:60:15:60:19 | .lines | external |
5+
| url.swift:67:16:67:22 | .lines | external |

0 commit comments

Comments
 (0)