From 65f31d416e5fff2d0843b7419ad25e56d1d4b492 Mon Sep 17 00:00:00 2001 From: Asger F Date: Fri, 20 Dec 2024 10:12:19 +0100 Subject: [PATCH] Swift: mass enable diff-informed data flow --- swift/ql/lib/codeql/swift/regex/Regex.qll | 6 ++++++ .../swift/regex/internal/RegexTracking.qll | 19 ++++++++++++++++++ .../swift/security/CleartextLoggingQuery.qll | 2 ++ .../CleartextStorageDatabaseQuery.qll | 2 ++ .../CleartextStoragePreferencesQuery.qll | 2 ++ .../CleartextTransmissionExtensions.qll | 6 ++++++ .../security/CleartextTransmissionQuery.qll | 2 ++ .../swift/security/CommandInjectionQuery.qll | 2 ++ .../swift/security/ConstantPasswordQuery.qll | 2 ++ .../swift/security/ConstantSaltQuery.qll | 2 ++ .../swift/security/ECBEncryptionQuery.qll | 2 ++ .../security/HardcodedEncryptionKeyQuery.qll | 2 ++ .../swift/security/InsecureTLSQuery.qll | 2 ++ .../InsufficientHashIterationsQuery.qll | 2 ++ .../swift/security/PathInjectionQuery.qll | 2 ++ .../security/PredicateInjectionQuery.qll | 2 ++ .../swift/security/SqlInjectionQuery.qll | 2 ++ .../StaticInitializationVectorQuery.qll | 2 ++ .../security/StringLengthConflationQuery.qll | 2 ++ .../UncontrolledFormatStringQuery.qll | 2 ++ .../swift/security/UnsafeJsEvalQuery.qll | 2 ++ .../swift/security/UnsafeUnpackQuery.qll | 2 ++ .../security/UnsafeWebViewFetchQuery.qll | 8 ++++++++ .../security/WeakPasswordHashingQuery.qll | 2 ++ .../WeakSensitiveDataHashingQuery.qll | 2 ++ .../ql/lib/codeql/swift/security/XXEQuery.qll | 2 ++ .../security/regex/RegexInjectionQuery.qll | 2 ++ swift/ql/lib/utils/test/InlineFlowTest.qll | 20 +++++++++++++++++++ swift/ql/src/queries/Summary/TaintReach.ql | 6 ++++++ 29 files changed, 111 insertions(+) diff --git a/swift/ql/lib/codeql/swift/regex/Regex.qll b/swift/ql/lib/codeql/swift/regex/Regex.qll index 36be99e4a71b..47068492752c 100644 --- a/swift/ql/lib/codeql/swift/regex/Regex.qll +++ b/swift/ql/lib/codeql/swift/regex/Regex.qll @@ -491,6 +491,12 @@ private module NSStringCompareOptionsFlagConfig implements DataFlow::ConfigSig { isSink(node) and c.getAReadContent() instanceof DataFlow::Content::CollectionContent } + + predicate observeDiffInformedIncrementalMode() { + // TODO(diff-informed): Manually verify if config can be diff-informed. + // swift/ql/lib/codeql/swift/regex/Regex.qll:507: Flow call outside 'select' clause + none() + } } module NSStringCompareOptionsFlagFlow = DataFlow::Global; diff --git a/swift/ql/lib/codeql/swift/regex/internal/RegexTracking.qll b/swift/ql/lib/codeql/swift/regex/internal/RegexTracking.qll index 847a4d83bc7a..d78fb2d879c7 100644 --- a/swift/ql/lib/codeql/swift/regex/internal/RegexTracking.qll +++ b/swift/ql/lib/codeql/swift/regex/internal/RegexTracking.qll @@ -25,6 +25,12 @@ private module StringLiteralUseConfig implements DataFlow::ConfigSig { // used to create a regular expression object node = any(RegexCreation regexCreation).getStringInput() } + + predicate observeDiffInformedIncrementalMode() { + // TODO(diff-informed): Manually verify if config can be diff-informed. + // swift/ql/lib/codeql/swift/regex/Regex.qll:53: Flow call outside 'select' clause + none() + } } module StringLiteralUseFlow = DataFlow::Global; @@ -47,6 +53,12 @@ private module RegexUseConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(RegexAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { + // TODO(diff-informed): Manually verify if config can be diff-informed. + // swift/ql/lib/codeql/swift/regex/Regex.qll:350: Flow call outside 'select' clause + none() + } } module RegexUseFlow = DataFlow::Global; @@ -102,6 +114,13 @@ private module RegexParseModeConfig implements DataFlow::StateConfigSig { ) { none() } + + predicate observeDiffInformedIncrementalMode() { + // TODO(diff-informed): Manually verify if config can be diff-informed. + // swift/ql/lib/codeql/swift/regex/Regex.qll:364: Flow call outside 'select' clause + // swift/ql/lib/codeql/swift/regex/Regex.qll:365: Flow call outside 'select' clause + none() + } } module RegexParseModeFlow = DataFlow::GlobalWithState; diff --git a/swift/ql/lib/codeql/swift/security/CleartextLoggingQuery.qll b/swift/ql/lib/codeql/swift/security/CleartextLoggingQuery.qll index 740fccefe974..40010eba649a 100644 --- a/swift/ql/lib/codeql/swift/security/CleartextLoggingQuery.qll +++ b/swift/ql/lib/codeql/swift/security/CleartextLoggingQuery.qll @@ -25,6 +25,8 @@ module CleartextLoggingConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node n1, DataFlow::Node n2) { any(CleartextLoggingAdditionalFlowStep s).step(n1, n2) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/CleartextStorageDatabaseQuery.qll b/swift/ql/lib/codeql/swift/security/CleartextStorageDatabaseQuery.qll index 0f2d28480cdb..f765e53ecace 100644 --- a/swift/ql/lib/codeql/swift/security/CleartextStorageDatabaseQuery.qll +++ b/swift/ql/lib/codeql/swift/security/CleartextStorageDatabaseQuery.qll @@ -48,6 +48,8 @@ module CleartextStorageDatabaseConfig implements DataFlow::ConfigSig { node.asExpr().getType().getUnderlyingType() instanceof DictionaryType and c.getAReadContent().(DataFlow::Content::TupleContent).getIndex() = 1 } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/CleartextStoragePreferencesQuery.qll b/swift/ql/lib/codeql/swift/security/CleartextStoragePreferencesQuery.qll index 2a7bec5dc47f..4886985e9b5e 100644 --- a/swift/ql/lib/codeql/swift/security/CleartextStoragePreferencesQuery.qll +++ b/swift/ql/lib/codeql/swift/security/CleartextStoragePreferencesQuery.qll @@ -30,6 +30,8 @@ module CleartextStoragePreferencesConfig implements DataFlow::ConfigSig { // make sources barriers so that we only report the closest instance isSource(node) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/CleartextTransmissionExtensions.qll b/swift/ql/lib/codeql/swift/security/CleartextTransmissionExtensions.qll index 4b31a7ab23f6..4519b0659820 100644 --- a/swift/ql/lib/codeql/swift/security/CleartextTransmissionExtensions.qll +++ b/swift/ql/lib/codeql/swift/security/CleartextTransmissionExtensions.qll @@ -73,6 +73,12 @@ private module ExcludeUrlConfig implements DataFlow::ConfigSig { } predicate isSink(DataFlow::Node node) { urlInit(_, node.asExpr()) } + + predicate observeDiffInformedIncrementalMode() { + // TODO(diff-informed): Manually verify if config can be diff-informed. + // swift/ql/lib/codeql/swift/security/CleartextTransmissionExtensions.qll:90: Flow call outside 'select' clause + none() + } } private module ExcludeUrlFlow = TaintTracking::Global; diff --git a/swift/ql/lib/codeql/swift/security/CleartextTransmissionQuery.qll b/swift/ql/lib/codeql/swift/security/CleartextTransmissionQuery.qll index 3952d7a89b11..42e9b68328f5 100644 --- a/swift/ql/lib/codeql/swift/security/CleartextTransmissionQuery.qll +++ b/swift/ql/lib/codeql/swift/security/CleartextTransmissionQuery.qll @@ -28,6 +28,8 @@ module CleartextTransmissionConfig implements DataFlow::ConfigSig { // make sources barriers so that we only report the closest instance isSource(node) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/CommandInjectionQuery.qll b/swift/ql/lib/codeql/swift/security/CommandInjectionQuery.qll index 10dbc1377260..ebeb9c4b6f46 100644 --- a/swift/ql/lib/codeql/swift/security/CommandInjectionQuery.qll +++ b/swift/ql/lib/codeql/swift/security/CommandInjectionQuery.qll @@ -23,6 +23,8 @@ module CommandInjectionConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(CommandInjectionAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/ConstantPasswordQuery.qll b/swift/ql/lib/codeql/swift/security/ConstantPasswordQuery.qll index 7f6475a6ee49..91d46b764df5 100644 --- a/swift/ql/lib/codeql/swift/security/ConstantPasswordQuery.qll +++ b/swift/ql/lib/codeql/swift/security/ConstantPasswordQuery.qll @@ -38,6 +38,8 @@ module ConstantPasswordConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(ConstantPasswordAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } module ConstantPasswordFlow = TaintTracking::Global; diff --git a/swift/ql/lib/codeql/swift/security/ConstantSaltQuery.qll b/swift/ql/lib/codeql/swift/security/ConstantSaltQuery.qll index e9b91d235700..68c1e6ef17a4 100644 --- a/swift/ql/lib/codeql/swift/security/ConstantSaltQuery.qll +++ b/swift/ql/lib/codeql/swift/security/ConstantSaltQuery.qll @@ -39,6 +39,8 @@ module ConstantSaltConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(ConstantSaltAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } module ConstantSaltFlow = TaintTracking::Global; diff --git a/swift/ql/lib/codeql/swift/security/ECBEncryptionQuery.qll b/swift/ql/lib/codeql/swift/security/ECBEncryptionQuery.qll index 133e7d6c2cde..a9463937555e 100644 --- a/swift/ql/lib/codeql/swift/security/ECBEncryptionQuery.qll +++ b/swift/ql/lib/codeql/swift/security/ECBEncryptionQuery.qll @@ -22,6 +22,8 @@ module EcbEncryptionConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(EcbEncryptionAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } module EcbEncryptionFlow = DataFlow::Global; diff --git a/swift/ql/lib/codeql/swift/security/HardcodedEncryptionKeyQuery.qll b/swift/ql/lib/codeql/swift/security/HardcodedEncryptionKeyQuery.qll index 9e0cb16b7c6e..5eb379f248a0 100644 --- a/swift/ql/lib/codeql/swift/security/HardcodedEncryptionKeyQuery.qll +++ b/swift/ql/lib/codeql/swift/security/HardcodedEncryptionKeyQuery.qll @@ -46,6 +46,8 @@ module HardcodedKeyConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(HardcodedEncryptionKeyAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } module HardcodedKeyFlow = TaintTracking::Global; diff --git a/swift/ql/lib/codeql/swift/security/InsecureTLSQuery.qll b/swift/ql/lib/codeql/swift/security/InsecureTLSQuery.qll index 769c385d4d66..a5c857e573bc 100644 --- a/swift/ql/lib/codeql/swift/security/InsecureTLSQuery.qll +++ b/swift/ql/lib/codeql/swift/security/InsecureTLSQuery.qll @@ -21,6 +21,8 @@ module InsecureTlsConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(InsecureTlsExtensionsAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } module InsecureTlsFlow = TaintTracking::Global; diff --git a/swift/ql/lib/codeql/swift/security/InsufficientHashIterationsQuery.qll b/swift/ql/lib/codeql/swift/security/InsufficientHashIterationsQuery.qll index 122d5b2b0d88..0a7fea3d3c53 100644 --- a/swift/ql/lib/codeql/swift/security/InsufficientHashIterationsQuery.qll +++ b/swift/ql/lib/codeql/swift/security/InsufficientHashIterationsQuery.qll @@ -34,6 +34,8 @@ module InsufficientHashIterationsConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(InsufficientHashIterationsAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } module InsufficientHashIterationsFlow = TaintTracking::Global; diff --git a/swift/ql/lib/codeql/swift/security/PathInjectionQuery.qll b/swift/ql/lib/codeql/swift/security/PathInjectionQuery.qll index c74dae787ed9..64cf208b878a 100644 --- a/swift/ql/lib/codeql/swift/security/PathInjectionQuery.qll +++ b/swift/ql/lib/codeql/swift/security/PathInjectionQuery.qll @@ -23,6 +23,8 @@ module PathInjectionConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { any(PathInjectionAdditionalFlowStep s).step(node1, node2) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/PredicateInjectionQuery.qll b/swift/ql/lib/codeql/swift/security/PredicateInjectionQuery.qll index 86d043647741..97acbc074bd0 100644 --- a/swift/ql/lib/codeql/swift/security/PredicateInjectionQuery.qll +++ b/swift/ql/lib/codeql/swift/security/PredicateInjectionQuery.qll @@ -22,6 +22,8 @@ module PredicateInjectionConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node n1, DataFlow::Node n2) { any(PredicateInjectionAdditionalFlowStep s).step(n1, n2) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/SqlInjectionQuery.qll b/swift/ql/lib/codeql/swift/security/SqlInjectionQuery.qll index 5b5a2c920fe8..8ee164a4c23a 100644 --- a/swift/ql/lib/codeql/swift/security/SqlInjectionQuery.qll +++ b/swift/ql/lib/codeql/swift/security/SqlInjectionQuery.qll @@ -23,6 +23,8 @@ module SqlInjectionConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(SqlInjectionAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/StaticInitializationVectorQuery.qll b/swift/ql/lib/codeql/swift/security/StaticInitializationVectorQuery.qll index 5f281191d993..3c4359e02db0 100644 --- a/swift/ql/lib/codeql/swift/security/StaticInitializationVectorQuery.qll +++ b/swift/ql/lib/codeql/swift/security/StaticInitializationVectorQuery.qll @@ -40,6 +40,8 @@ module StaticInitializationVectorConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(StaticInitializationVectorAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } module StaticInitializationVectorFlow = TaintTracking::Global; diff --git a/swift/ql/lib/codeql/swift/security/StringLengthConflationQuery.qll b/swift/ql/lib/codeql/swift/security/StringLengthConflationQuery.qll index 8e608776a20d..eb17306f22f0 100644 --- a/swift/ql/lib/codeql/swift/security/StringLengthConflationQuery.qll +++ b/swift/ql/lib/codeql/swift/security/StringLengthConflationQuery.qll @@ -39,6 +39,8 @@ module StringLengthConflationConfig implements DataFlow::StateConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(StringLengthConflationAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll index 37e40774bf9d..baee65773d65 100644 --- a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll +++ b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll @@ -23,6 +23,8 @@ module TaintedFormatConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(UncontrolledFormatStringAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/UnsafeJsEvalQuery.qll b/swift/ql/lib/codeql/swift/security/UnsafeJsEvalQuery.qll index b79219ab6339..92b061b2af40 100644 --- a/swift/ql/lib/codeql/swift/security/UnsafeJsEvalQuery.qll +++ b/swift/ql/lib/codeql/swift/security/UnsafeJsEvalQuery.qll @@ -22,6 +22,8 @@ module UnsafeJsEvalConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(UnsafeJsEvalAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/UnsafeUnpackQuery.qll b/swift/ql/lib/codeql/swift/security/UnsafeUnpackQuery.qll index 59be3a7eb31e..e79bce5ba143 100644 --- a/swift/ql/lib/codeql/swift/security/UnsafeUnpackQuery.qll +++ b/swift/ql/lib/codeql/swift/security/UnsafeUnpackQuery.qll @@ -24,6 +24,8 @@ module UnsafeUnpackConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(UnsafeUnpackAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/UnsafeWebViewFetchQuery.qll b/swift/ql/lib/codeql/swift/security/UnsafeWebViewFetchQuery.qll index ba24f63231f4..53ad3d418d3e 100644 --- a/swift/ql/lib/codeql/swift/security/UnsafeWebViewFetchQuery.qll +++ b/swift/ql/lib/codeql/swift/security/UnsafeWebViewFetchQuery.qll @@ -28,6 +28,14 @@ module UnsafeWebViewFetchConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(UnsafeWebViewFetchAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { + // TODO(diff-informed): Manually verify if config can be diff-informed. + // swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql:39: Column 1 does not select a source or sink originating from the flow call on line 36 + // swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql:39: Column 2 does not select a source or sink originating from the flow call on line 36 + // swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql:39: Column 3 does not select a source or sink originating from the flow call on line 36 + none() + } } /** diff --git a/swift/ql/lib/codeql/swift/security/WeakPasswordHashingQuery.qll b/swift/ql/lib/codeql/swift/security/WeakPasswordHashingQuery.qll index b2ad35c2bf89..6532d8a6a7fe 100644 --- a/swift/ql/lib/codeql/swift/security/WeakPasswordHashingQuery.qll +++ b/swift/ql/lib/codeql/swift/security/WeakPasswordHashingQuery.qll @@ -37,6 +37,8 @@ module WeakPasswordHashingConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(WeakPasswordHashingAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } module WeakPasswordHashingFlow = TaintTracking::Global; diff --git a/swift/ql/lib/codeql/swift/security/WeakSensitiveDataHashingQuery.qll b/swift/ql/lib/codeql/swift/security/WeakSensitiveDataHashingQuery.qll index 5aba8ffa1b09..a07595031279 100755 --- a/swift/ql/lib/codeql/swift/security/WeakSensitiveDataHashingQuery.qll +++ b/swift/ql/lib/codeql/swift/security/WeakSensitiveDataHashingQuery.qll @@ -38,6 +38,8 @@ module WeakSensitiveDataHashingConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(WeakSensitiveDataHashingAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } deprecated module WeakHashingConfig = WeakSensitiveDataHashingConfig; diff --git a/swift/ql/lib/codeql/swift/security/XXEQuery.qll b/swift/ql/lib/codeql/swift/security/XXEQuery.qll index 0a16417bd724..afd6c0684524 100644 --- a/swift/ql/lib/codeql/swift/security/XXEQuery.qll +++ b/swift/ql/lib/codeql/swift/security/XXEQuery.qll @@ -22,6 +22,8 @@ module XxeConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node n1, DataFlow::Node n2) { any(XxeAdditionalFlowStep s).step(n1, n2) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/codeql/swift/security/regex/RegexInjectionQuery.qll b/swift/ql/lib/codeql/swift/security/regex/RegexInjectionQuery.qll index 8fee12442d35..8b5929c40649 100644 --- a/swift/ql/lib/codeql/swift/security/regex/RegexInjectionQuery.qll +++ b/swift/ql/lib/codeql/swift/security/regex/RegexInjectionQuery.qll @@ -22,6 +22,8 @@ module RegexInjectionConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { any(RegexInjectionAdditionalFlowStep s).step(nodeFrom, nodeTo) } + + predicate observeDiffInformedIncrementalMode() { any() } } /** diff --git a/swift/ql/lib/utils/test/InlineFlowTest.qll b/swift/ql/lib/utils/test/InlineFlowTest.qll index f50930924ebf..8f3119547bf4 100644 --- a/swift/ql/lib/utils/test/InlineFlowTest.qll +++ b/swift/ql/lib/utils/test/InlineFlowTest.qll @@ -61,12 +61,32 @@ module DefaultFlowConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { defaultSource(source) } predicate isSink(DataFlow::Node sink) { defaultSink(sink) } + + predicate observeDiffInformedIncrementalMode() { + // TODO(diff-informed): Manually verify if config can be diff-informed. + // swift/ql/lib/utils/test/InlineFlowTest.qll:98: Flow call outside 'select' clause + // swift/ql/lib/utils/test/InlineFlowTest.qll:108: Flow call outside 'select' clause + // swift/ql/lib/utils/test/InlineFlowTest.qll:108: Flow call outside 'select' clause + // swift/ql/lib/utils/test/InlineFlowTest.qll:123: Flow call outside 'select' clause + // swift/ql/lib/utils/test/InlineFlowTest.qll:124: Flow call outside 'select' clause + none() + } } module NoFlowConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { none() } predicate isSink(DataFlow::Node sink) { none() } + + predicate observeDiffInformedIncrementalMode() { + // TODO(diff-informed): Manually verify if config can be diff-informed. + // swift/ql/lib/utils/test/InlineFlowTest.qll:98: Flow call outside 'select' clause + // swift/ql/lib/utils/test/InlineFlowTest.qll:108: Flow call outside 'select' clause + // swift/ql/lib/utils/test/InlineFlowTest.qll:108: Flow call outside 'select' clause + // swift/ql/lib/utils/test/InlineFlowTest.qll:123: Flow call outside 'select' clause + // swift/ql/lib/utils/test/InlineFlowTest.qll:124: Flow call outside 'select' clause + none() + } } private signature string valueFlowTagSig(); diff --git a/swift/ql/src/queries/Summary/TaintReach.ql b/swift/ql/src/queries/Summary/TaintReach.ql index b6fc1e57fb90..7c0badf9cc98 100644 --- a/swift/ql/src/queries/Summary/TaintReach.ql +++ b/swift/ql/src/queries/Summary/TaintReach.ql @@ -20,6 +20,12 @@ module TaintReachConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node node) { node instanceof FlowSource } predicate isSink(DataFlow::Node node) { any() } + + predicate observeDiffInformedIncrementalMode() { + // TODO(diff-informed): Manually verify if config can be diff-informed. + // swift/ql/src/queries/Summary/TaintReach.ql:30: Flow call outside 'select' clause + none() + } } module TaintReachFlow = TaintTracking::Global;