Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Swift: Expand models for UnsafePointer and friends #15052

Merged
merged 7 commits into from Dec 14, 2023

Conversation

geoffw0
Copy link
Contributor

@geoffw0 geoffw0 commented Dec 8, 2023

Expand the models for the 8 core Swift pointer classes (UnsafePointer and friends), plus Slice. These models were very fragmented and mostly just consisted of the 'closure methods' we've made an effort on + a few things we happened to use in tests of other functionality. Now they're now more-or-less completely modelled.

There are quite a large number of MAD rows in this PR because, as far as I can tell, there's not much class hierarchy between the 8 pointer classes. There are lots of similarities / duplication, but also lots of (possibly justified) minor differences. I've only created a random scatter of test cases, we'll just have to trust that the documentation + my models are accurate ... or alternatively, trust that the impact of any mistakes is likely to be quite low compared to the impact of not having these models at all!

@geoffw0 geoffw0 added the Swift label Dec 8, 2023
@geoffw0 geoffw0 requested a review from a team as a code owner December 8, 2023 17:05
MathiasVP
MathiasVP previously approved these changes Dec 12, 2023
Copy link
Contributor

@MathiasVP MathiasVP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The changes LGTM, but let's have a DCA run to be on the safe side 🙂

@geoffw0
Copy link
Contributor Author

geoffw0 commented Dec 12, 2023

There's also a test failure in a test I hadn't run locally. I'll fix that, then start a DCA run...

@geoffw0
Copy link
Contributor Author

geoffw0 commented Dec 12, 2023

... we lose a result in the path injection test because we're modelling collection content in these pointers correctly now, but the TaintInheritingContent for NSString.utf8String isn't adding collection content to the access path. I've added a commit to accept the test regression, and created an issue to fix the problem - but this is not a trivial issue.

I could fix this instance of the problem now by creating duplicate pointer models that don't specify .CollectionElement. We're already have duplicate models in some cases (highly abstract protocols where the content could be one of several different things), but that case is more principled than this case. So I'm reluctant to go down this route.

@MathiasVP
Copy link
Contributor

I could fix this instance of the problem now by creating duplicate pointer models that don't specify .CollectionElement. We're already have duplicate models in some cases (highly abstract protocols where the content could be one of several different things), but that case is more principled than this case. So I'm reluctant to go down this route.

Yeah, I agree. Let's just accept this regression for now and come up with a better plan for how to address this.

@geoffw0
Copy link
Contributor Author

geoffw0 commented Dec 13, 2023

DCA LGTM.

I was seeing consistency check failures in one test on CI for Linux (only). Tried merging in latest main, now there are two tests with consistency check failures. Hmm. :(

@geoffw0
Copy link
Contributor Author

geoffw0 commented Dec 13, 2023

Right - it appears this branch has been the victim of some kind of extractor bug, which causes it to fail on some swift code (we don't know what yet) on Linux. An issue has been created for that.

The consistency failure in the CWE-327 test should go away with a merge of latest main, because that test was only added recently and has been reverted (for now) to get main working.

The consistency failure in the dataflow/taint/libraries test on the other hand must be "caused" (triggered) by some of the .swift code I've added in this PR. It only occurs on Linux and I don't have easy access to a Linux machine for testing, so I'm going to do a couple of experiments on this branch and will be adding and deleting commits for a bit. Please ignore.

@geoffw0 geoffw0 force-pushed the pointermodels branch 2 times, most recently from 2f0964a to e506096 Compare December 13, 2023 17:29
@geoffw0
Copy link
Contributor Author

geoffw0 commented Dec 14, 2023

I've narrowed down the lines of tests that trigger the extractor issue and commented them out. CI now passes. I have created an issue to repair the test after the underlying extractor issue is fixed.

Copy link
Contributor

@MathiasVP MathiasVP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still LGTM!

@geoffw0 geoffw0 merged commit 3193ceb into github:main Dec 14, 2023
18 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants