Swift: Use ConstructorDecl in place of name matching.

geoffw0 · geoffw0 · commit 96e04e7f636c · 2022-11-28T17:39:45.000Z
diff --git a/swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql b/swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql
@@ -34,12 +34,11 @@ class EncryptionInitializationSink extends Expr {
     // `iv` arg in `init` is a sink
     exists(CallExpr call, string fName |
       call.getStaticTarget()
-          .(MethodDecl)
+          .(ConstructorDecl)
           .hasQualifiedName([
               "AES", "ChaCha20", "Blowfish", "Rabbit", "CBC", "CFB", "GCM", "OCB", "OFB", "PCBC",
               "CCM", "CTR"
             ], fName) and
-      fName.matches("%init(%") and
       call.getArgumentWithLabel("iv").getExpr() = this
     )
   }
diff --git a/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql b/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
@@ -32,10 +32,9 @@ class ConstantPasswordSource extends Expr {
 class ConstantPasswordSink extends Expr {
   ConstantPasswordSink() {
     // `password` arg in `init` is a sink
-    exists(ClassOrStructDecl c, AbstractFunctionDecl f, CallExpr call |
+    exists(ClassOrStructDecl c, ConstructorDecl f, CallExpr call |
       c.getFullName() = ["HKDF", "PBKDF1", "PBKDF2", "Scrypt"] and
       c.getAMember() = f and
-      f.getName().matches("%init(%") and
       call.getStaticTarget() = f and
       call.getArgumentWithLabel("password").getExpr() = this
     )
diff --git a/swift/ql/src/queries/Security/CWE-760/ConstantSalt.ql b/swift/ql/src/queries/Security/CWE-760/ConstantSalt.ql
@@ -32,10 +32,9 @@ class ConstantSaltSource extends Expr {
 class ConstantSaltSink extends Expr {
   ConstantSaltSink() {
     // `salt` arg in `init` is a sink
-    exists(ClassOrStructDecl c, AbstractFunctionDecl f, CallExpr call |
+    exists(ClassOrStructDecl c, ConstructorDecl f, CallExpr call |
       c.getFullName() = ["HKDF", "PBKDF1", "PBKDF2", "Scrypt"] and
       c.getAMember() = f and
-      f.getName().matches("%init(%") and
       call.getStaticTarget() = f and
       call.getArgumentWithLabel("salt").getExpr() = this
     )
diff --git a/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.ql b/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.ql
@@ -33,10 +33,9 @@ class IntLiteralSource extends IterationsSource instanceof IntegerLiteralExpr {
 class InsufficientHashIterationsSink extends Expr {
   InsufficientHashIterationsSink() {
     // `iterations` arg in `init` is a sink
-    exists(ClassOrStructDecl c, AbstractFunctionDecl f, CallExpr call |
+    exists(ClassOrStructDecl c, ConstructorDecl f, CallExpr call |
       c.getFullName() = ["PBKDF1", "PBKDF2"] and
       c.getAMember() = f and
-      f.getName().matches("init(%") and
       call.getStaticTarget() = f and
       call.getArgumentWithLabel("iterations").getExpr() = this
     )

Original file line number	Diff line number	Diff line change
`@@ -34,12 +34,11 @@ class EncryptionInitializationSink extends Expr {`
`34`	`34`	// `iv` arg in `init` is a sink
`35`	`35`	`exists(CallExpr call, string fName \|`
`36`	`36`	`call.getStaticTarget()`
`37`		`- .(MethodDecl)`
	`37`	`+ .(ConstructorDecl)`
`38`	`38`	`.hasQualifiedName([`
`39`	`39`	`"AES", "ChaCha20", "Blowfish", "Rabbit", "CBC", "CFB", "GCM", "OCB", "OFB", "PCBC",`
`40`	`40`	`"CCM", "CTR"`
`41`	`41`	`], fName) and`
`42`		`- fName.matches("%init(%") and`
`43`	`42`	`call.getArgumentWithLabel("iv").getExpr() = this`
`44`	`43`	`)`
`45`	`44`	`}`