CodeQL query help for Swift¶
Visit the articles below to see the documentation for the queries included in the following query suites:
default: queries run by default in CodeQL code scanning on GitHub.
security-extended: queries from
default, plus extra security queries with slightly lower precision and severity.
security-and-quality: queries from
security-extended, plus extra maintainability and reliability queries.
For shorter queries that you can use as building blocks when writing your own queries, see the example queries in the CodeQL repository.
- Bad HTML filtering regexp
- Cleartext logging of sensitive information
- Cleartext storage of sensitive information in a local database
- Cleartext storage of sensitive information in an application preference store
- Cleartext transmission of sensitive information
- Constant password
- Database query built from user-controlled sources
- Encryption using ECB
- Hard-coded encryption key
- Incomplete regular expression for hostnames
- Inefficient regular expression
- Insecure TLS configuration
- Insufficient hash iterations
- Predicate built from user-controlled sources
- Regular expression injection
- Resolving XML external entity in user-controlled data
- Static initialization vector for encryption
- String length conflation
- Uncontrolled data used in path expression
- Uncontrolled format string
- Unsafe WebView fetch
- Use of a broken or weak cryptographic hashing algorithm on sensitive data
- Use of constant salts