CodeQL query help for SwiftΒΆ
Visit the articles below to see the documentation for the queries included in the following query suites:
default: queries run by default in CodeQL code scanning on GitHub.security-extended: queries fromdefault, plus extra security queries with slightly lower precision and severity.security-and-quality: queries fromdefault,security-extended, plus extra maintainability and reliability queries.
These queries are published in the CodeQL query pack codeql/swift-queries (changelog, source).
For shorter queries that you can use as building blocks when writing your own queries, see the example queries in the CodeQL repository.
- Bad HTML filtering regexp
- Cleartext logging of sensitive information
- Cleartext storage of sensitive information in a local database
- Cleartext storage of sensitive information in an application preference store
- Cleartext transmission of sensitive information
- Constant password
- Database query built from user-controlled sources
- Encryption using ECB
- Hard-coded encryption key
- Incomplete regular expression for hostnames
- Inefficient regular expression
- Insecure TLS configuration
- Insufficient hash iterations
- JavaScript Injection
- Missing regular expression anchor
- Predicate built from user-controlled sources
- Regular expression injection
- Resolving XML external entity in user-controlled data
- Static initialization vector for encryption
- String length conflation
- System command built from user-controlled sources
- Uncontrolled data used in path expression
- Uncontrolled format string
- Unsafe WebView fetch
- Use of a broken or weak cryptographic hashing algorithm on sensitive data
- Use of an inappropriate cryptographic hashing algorithm on passwords
- Use of constant salts