Swift: Generalize 'write' models.

Author: geoffw0

swift/ql/lib/codeql/swift/frameworks/StandardLibrary/StandardLibrary.qll

@@ -20,6 +20,7 @@ private import Numeric
 private import PointerTypes
 private import Sequence
 private import Set
+private import Stream
 private import String
 private import Url
 private import UrlSession

swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Stream.qll

@@ -0,0 +1,19 @@
+/**
+ * Provides models for `TextOutputStream` and related Swift classes.
+ */
+
+import swift
+private import codeql.swift.dataflow.ExternalFlow
+
+/**
+ * A model for members of `TextOutputStream` and similar classes that permit taint flow.
+ */
+private class StringSummaries extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        ";TextOutputStream;true;write(_:);;;Argument[0];Argument[-1];taint",
+        ";TextOutputStreamable;true;write(to:);;;Argument[-1];Argument[0];taint",
+      ]
+  }
+}

swift/ql/lib/codeql/swift/frameworks/StandardLibrary/String.qll

@@ -111,8 +111,6 @@ private class StringSummaries extends SummaryModelCsv {
         ";String;true;init(validatingPlatformString:);;;Argument[0].CollectionElement;ReturnValue.OptionalSome;taint",
         ";String;true;localizedStringWithFormat(_:_:);;;Argument[0];ReturnValue;taint",
         ";String;true;localizedStringWithFormat(_:_:);;;Argument[1].CollectionElement;ReturnValue;taint",
-        ";String;true;write(_:);;;Argument[0];Argument[-1];taint",
-        ";String;true;write(to:);;;Argument[-1];Argument[0];taint",
         ";String;true;insert(contentsOf:at:);;;Argument[0];Argument[-1];taint",
         ";String;true;replaceSubrange(_:with:);;;Argument[1];Argument[-1];taint",
         ";String;true;max();;;Argument[-1];ReturnValue;taint",