Swift: Add many tests.

geoffw0 · geoffw0 · commit dd51b7f356bc · 2022-08-16T10:04:00.000+01:00
diff --git a/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected b/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected
@@ -1 +1,5 @@
-TODO
+edges
+nodes
+subpaths
+#select
+| TODO |
diff --git a/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.expected b/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.expected
@@ -1 +1,5 @@
-TODO
+edges
+nodes
+subpaths
+#select
+| TODO |
diff --git a/swift/ql/test/query-tests/Security/CWE-311/test.swift b/swift/ql/test/query-tests/Security/CWE-311/test.swift
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift b/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift
@@ -0,0 +1,97 @@
+
+// --- stubs ---
+
+class NSObject
+{
+}
+
+class NSManagedObject : NSObject
+{
+	func value(forKey: String) -> Any? { return "" }
+	func setValue(_: Any?, forKey: String) {}
+	func primitiveValue(forKey: String) -> Any? { return "" }
+	func setPrimitiveValue(_: Any?, forKey: String) {}
+}
+
+class MyManagedObject : NSManagedObject
+{
+	func setIndirect(value: String) {
+		setValue(value, forKey: "myKey")
+	}
+
+	var myValue: String {
+		get {
+			if let v = value(forKey: "myKey") as? String
+			{
+				return v
+			} else {
+				return ""
+			}
+		}
+		set {
+			setValue(newValue, forKey: "myKey")
+		}
+	}
+}
+
+func encrypt(_ data: String) -> String { return data }
+func hash(data: inout String) { }
+
+func getPassword() -> String { return "" }
+func doSomething(password: String) { }
+
+// --- tests ---
+
+func test1(obj : NSManagedObject, password : String, password_hash : String) {
+	// NSManagedObject methods...
+
+	obj.setValue(password, forKey: "myKey") // BAD
+	obj.setValue(password_hash, forKey: "myKey") // GOOD (not sensitive)
+
+	obj.setPrimitiveValue(password, forKey: "myKey") // BAD
+	obj.setPrimitiveValue(password_hash, forKey: "myKey") // GOOD (not sensitive)
+}
+
+func test2(obj : MyManagedObject, password : String, password_file : String) {
+	// MyManagedObject methods...
+
+	obj.setValue(password, forKey: "myKey") // BAD
+	obj.setValue(password_file, forKey: "myKey") // GOOD (not sensitive)
+
+	obj.setIndirect(value: password) // BAD
+	obj.setIndirect(value: password_file) // GOOD (not sensitive)
+
+	obj.myValue = password // BAD
+	obj.myValue = password_file // GOOD (not sensitive)
+}
+
+func test3(obj : NSManagedObject, x : String) {
+	// alternative evidence of sensitivity...
+
+	obj.setValue(x, forKey: "myKey") // BAD
+	doSomething(password: x);
+	obj.setValue(x, forKey: "myKey") // BAD
+
+	var y = getPassword();
+	obj.setValue(y, forKey: "myKey") // BAD
+}
+
+func test4(obj : NSManagedObject, pwd : String) {
+	// sanitizers...
+
+	var x = pwd;
+	var y = pwd;
+	var z = pwd;
+
+	obj.setValue(x, forKey: "myKey") // BAD
+	obj.setValue(y, forKey: "myKey") // BAD
+	obj.setValue(z, forKey: "myKey") // BAD
+
+	x = encrypt(x);
+	hash(data: &y);
+	z = "";
+
+	obj.setValue(x, forKey: "myKey") // GOOD (not sensitive)
+	obj.setValue(y, forKey: "myKey") // GOOD (not sensitive)
+	obj.setValue(z, forKey: "myKey") // GOOD (not sensitive)
+}
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testRealm.swift b/swift/ql/test/query-tests/Security/CWE-311/testRealm.swift
@@ -0,0 +1,59 @@
+
+// --- stubs ---
+
+enum UpdatePolicy : Int {
+	case error = 1
+}
+
+class RealmSwiftObject {
+}
+
+typealias Object = RealmSwiftObject
+
+class MyRealmSwiftObject : RealmSwiftObject {
+	override init() { data = "" }
+
+	var data: String
+}
+
+class Realm {
+	func add(_ object: Object, update: UpdatePolicy = .error) {}
+
+	func create<T>(_ type : T.Type, value: Any = [:], update: UpdatePolicy = .error) where T : RealmSwiftObject { }
+
+	func object<Element, KeyType>(ofType type: Element.Type, forPrimaryKey key: KeyType) -> Element? where Element : RealmSwiftObject { return nil }
+
+}
+
+// --- tests ---
+
+func test1(realm : Realm, myPassword : String, myHashedPassword : String) {
+	// add objects (within a transaction) ...
+
+	let a = MyRealmSwiftObject()
+	a.data = myPassword
+	realm.add(a) // BAD
+
+	let b = MyRealmSwiftObject()
+	b.data = myHashedPassword
+	realm.add(b) // GOOD (not sensitive)
+
+	let c = MyRealmSwiftObject()
+	c.data = myPassword
+	realm.create(MyRealmSwiftObject.self, value: c) // BAD
+
+	let d = MyRealmSwiftObject()
+	d.data = myHashedPassword
+	realm.create(MyRealmSwiftObject.self, value: d) // GOOD (not sensitive)
+
+	// retrieve objects ...
+
+	var e = realm.object(ofType: MyRealmSwiftObject.self, forPrimaryKey: "key")
+	e!.data = myPassword // BAD
+
+	var f = realm.object(ofType: MyRealmSwiftObject.self, forPrimaryKey: "key")
+	f!.data = myHashedPassword // GOOD (not sensitive)
+}
+
+// limitation: its possible to configure a Realm DB to be stored encrypted, if this is done correctly
+// (taking care with the encryption key) then storing otherwise plaintext sensitive data would be OK.
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testSend.swift b/swift/ql/test/query-tests/Security/CWE-311/testSend.swift
@@ -0,0 +1,39 @@
+
+// --- stubs ---
+
+class Data {
+    init<S>(_ elements: S) {}
+}
+
+class NWConnection {
+	enum SendCompletion {
+		case idempotent
+	}
+
+	class ContentContext {
+        static let defaultMessage = ContentContext()
+    }
+	
+	func send(content: Data?, contentContext: NWConnection.ContentContext = .defaultMessage, isComplete: Bool = true, completion: NWConnection.SendCompletion) { }
+	func send<Content>(content: Content?, contentContext: NWConnection.ContentContext = .defaultMessage, isComplete: Bool = true, completion: NWConnection.SendCompletion) { }
+}
+
+// --- tests ---
+
+func test1(passwordPlain : String, passwordHash : String) {
+	let nw = NWConnection()
+
+	// ...
+
+	nw.send(content: "123456", completion: .idempotent) // GOOD (not sensitive)
+	nw.send(content: passwordPlain, completion: .idempotent) // BAD
+	nw.send(content: passwordHash, completion: .idempotent) // GOOD (not sensitive)
+
+	let data1 = Data("123456")
+	let data2 = Data(passwordPlain)
+	let data3 = Data(passwordHash)
+
+	nw.send(content: data1, completion: .idempotent) // GOOD (not sensitive)
+	nw.send(content: data2, completion: .idempotent) // BAD
+	nw.send(content: data3, completion: .idempotent) // GOOD (not sensitive)
+}
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testURL.swift b/swift/ql/test/query-tests/Security/CWE-311/testURL.swift
@@ -0,0 +1,22 @@
+
+// --- stubs ---
+
+class URL
+{
+	init?(string: String) {}
+	init?(string: String, relativeTo: URL?) {}
+}
+
+// --- tests ---
+
+func test1(passwd : String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
+	let a = URL(string: "http://example.com/login?p=" + passwd); // BAD
+	let b = URL(string: "http://example.com/login?p=" + encrypted_passwd); // GOOD (not sensitive)
+	let c = URL(string: "http://example.com/login?ac=" + account_no); // BAD
+	let d = URL(string: "http://example.com/login?cc=" + credit_card_no); // BAD
+
+	let base = URL(string: "http://example.com/"); // GOOD (not sensitive)
+	let e = URL(string: "abc", relativeTo: base); // GOOD (not sensitive)
+	let f = URL(string: passwd, relativeTo: base); // BAD
+	let g = URL(string: "abc", relativeTo: f); // BAD
+}

-Original file line number
+Diff line change
@@ @@ -1 +1,5 @@ @@
 -TODO
 +edges
 +nodes
 +subpaths
 +#select
 +| TODO |