From 3027f75617bdc966f6653858171e102cbecd0f7e Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 19 Jun 2025 19:39:38 +0100 Subject: [PATCH 1/4] Rust: Translate more legacy models -> new models (from data). --- .../lib/codeql/rust/frameworks/http.model.yml | 18 +-- .../codeql/rust/frameworks/reqwest.model.yml | 34 ++--- .../codeql/rust/frameworks/rusqlite.model.yml | 25 ++-- .../codeql/rust/frameworks/rustls.model.yml | 14 +- .../frameworks/stdlib/lang-alloc.model.yml | 63 ++++----- .../frameworks/stdlib/lang-core.model.yml | 121 +++++++++--------- .../rust/frameworks/stdlib/net.model.yml | 18 +-- 7 files changed, 150 insertions(+), 143 deletions(-) diff --git a/rust/ql/lib/codeql/rust/frameworks/http.model.yml b/rust/ql/lib/codeql/rust/frameworks/http.model.yml index 5ad34ef53fe9..6a497f346473 100644 --- a/rust/ql/lib/codeql/rust/frameworks/http.model.yml +++ b/rust/ql/lib/codeql/rust/frameworks/http.model.yml @@ -1,13 +1,13 @@ extensions: - addsTo: pack: codeql/rust-all - extensible: sourceModelDeprecated + extensible: sourceModel data: - - ["repo:https://github.com/hyperium/hyper:hyper", "::send_request", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "remote", "manual"] - - ["repo:https://github.com/hyperium/hyper:hyper", "::send_request", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "remote", "manual"] - - ["repo:https://github.com/hyperium/hyper:hyper", "::try_send_request", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "remote", "manual"] - - ["repo:https://github.com/hyperium/hyper:hyper", "::try_send_request", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "remote", "manual"] - - ["repo:https://github.com/hyperium/hyper:hyper", "::get", "ReturnValue.Future", "remote", "manual"] - - ["repo:https://github.com/hyperium/hyper:hyper", "::request", "ReturnValue.Future", "remote", "manual"] - - ["repo:https://github.com/hyperium/hyper-util:hyper-util", "::get", "ReturnValue.Future", "remote", "manual"] - - ["repo:https://github.com/hyperium/hyper-util:hyper-util", "::request", "ReturnValue.Future", "remote", "manual"] + - ["::send_request", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "remote", "manual"] + - ["::send_request", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "remote", "manual"] + - ["::try_send_request", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "remote", "manual"] + - ["::try_send_request", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "remote", "manual"] + - ["::get", "ReturnValue.Future", "remote", "manual"] + - ["::request", "ReturnValue.Future", "remote", "manual"] + - ["::get", "ReturnValue.Future", "remote", "manual"] + - ["::request", "ReturnValue.Future", "remote", "manual"] diff --git a/rust/ql/lib/codeql/rust/frameworks/reqwest.model.yml b/rust/ql/lib/codeql/rust/frameworks/reqwest.model.yml index 3974d5b08174..8c24bbf148df 100644 --- a/rust/ql/lib/codeql/rust/frameworks/reqwest.model.yml +++ b/rust/ql/lib/codeql/rust/frameworks/reqwest.model.yml @@ -1,27 +1,27 @@ extensions: - addsTo: pack: codeql/rust-all - extensible: sourceModelDeprecated + extensible: sourceModel data: - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "crate::get", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "remote", "manual"] - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "crate::blocking::get", "ReturnValue.Field[core::result::Result::Ok(0)]", "remote", "manual"] + - ["reqwest::get", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "remote", "manual"] + - ["reqwest::blocking::get", "ReturnValue.Field[core::result::Result::Ok(0)]", "remote", "manual"] - addsTo: pack: codeql/rust-all - extensible: sinkModelDeprecated + extensible: sinkModel data: - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "::request", "Argument[1]", "transmission", "manual"] - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "::request", "Argument[1]", "transmission", "manual"] + - ["::request", "Argument[1]", "transmission", "manual"] + - ["::request", "Argument[1]", "transmission", "manual"] - addsTo: pack: codeql/rust-all - extensible: summaryModelDeprecated + extensible: summaryModel data: - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "::text", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "::text_with_charset", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "::bytes", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "::chunk", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)].Field[core::option::Option::Some(0)]", "taint", "manual"] - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "::text", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "::text_with_charset", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "::bytes", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "::text", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "::bytes", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["repo:https://github.com/seanmonstar/reqwest:reqwest", "::chunk", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)].Field[core::option::Option::Some(0)]", "taint", "manual"] + - ["::text", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::text_with_charset", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::bytes", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::chunk", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)].Field[core::option::Option::Some(0)]", "taint", "manual"] + - ["::text", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::text_with_charset", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::bytes", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::text", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::bytes", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::chunk", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)].Field[core::option::Option::Some(0)]", "taint", "manual"] diff --git a/rust/ql/lib/codeql/rust/frameworks/rusqlite.model.yml b/rust/ql/lib/codeql/rust/frameworks/rusqlite.model.yml index 3da7e2a1bc6c..43030de02d5b 100644 --- a/rust/ql/lib/codeql/rust/frameworks/rusqlite.model.yml +++ b/rust/ql/lib/codeql/rust/frameworks/rusqlite.model.yml @@ -1,20 +1,19 @@ extensions: - addsTo: pack: codeql/rust-all - extensible: sinkModelDeprecated + extensible: sinkModel data: - - ["repo:https://github.com/rusqlite/rusqlite:rusqlite", "::execute", "Argument[0]", "sql-injection", "manual"] - - ["repo:https://github.com/rusqlite/rusqlite:rusqlite", "::execute_batch", "Argument[0]", "sql-injection", "manual"] - - ["repo:https://github.com/rusqlite/rusqlite:rusqlite", "::prepare", "Argument[0]", "sql-injection", "manual"] - - ["repo:https://github.com/rusqlite/rusqlite:rusqlite", "::prepare_with_flags", "Argument[0]", "sql-injection", "manual"] - - ["repo:https://github.com/rusqlite/rusqlite:rusqlite", "::query_row", "Argument[0]", "sql-injection", "manual"] - - ["repo:https://github.com/rusqlite/rusqlite:rusqlite", "::query_row_and_then", "Argument[0]", "sql-injection", "manual"] - + - ["::execute", "Argument[0]", "sql-injection", "manual"] + - ["::execute_batch", "Argument[0]", "sql-injection", "manual"] + - ["::prepare", "Argument[0]", "sql-injection", "manual"] + - [::prepare_with_flags", "Argument[0]", "sql-injection", "manual"] + - ["::query_row", "Argument[0]", "sql-injection", "manual"] + - ["::query_row_and_then", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/rust-all - extensible: sourceModelDeprecated + extensible: sourceModel data: - - ["repo:https://github.com/rusqlite/rusqlite:rusqlite", "::get", "ReturnValue.Field[core::result::Result::Ok(0)]", "database", "manual"] - - ["repo:https://github.com/rusqlite/rusqlite:rusqlite", "::get_unwrap", "ReturnValue", "database", "manual"] - - ["repo:https://github.com/rusqlite/rusqlite:rusqlite", "::get_ref", "ReturnValue.Field[core::result::Result::Ok(0)]", "database", "manual"] - - ["repo:https://github.com/rusqlite/rusqlite:rusqlite", "::get_ref_unwrap", "ReturnValue", "database", "manual"] + - ["::get", "ReturnValue.Field[core::result::Result::Ok(0)]", "database", "manual"] + - ["::get_unwrap", "ReturnValue", "database", "manual"] + - ["::get_ref", "ReturnValue.Field[core::result::Result::Ok(0)]", "database", "manual"] + - ["::get_ref_unwrap", "ReturnValue", "database", "manual"] diff --git a/rust/ql/lib/codeql/rust/frameworks/rustls.model.yml b/rust/ql/lib/codeql/rust/frameworks/rustls.model.yml index 1e21646f2cac..19f7ececcd20 100644 --- a/rust/ql/lib/codeql/rust/frameworks/rustls.model.yml +++ b/rust/ql/lib/codeql/rust/frameworks/rustls.model.yml @@ -1,14 +1,14 @@ extensions: - addsTo: pack: codeql/rust-all - extensible: sourceModelDeprecated + extensible: sourceModel data: - - ["repo:https://github.com/rustls/rustls:rustls", "::new", "ReturnValue.Field[core::result::Result::Ok(0)]", "remote", "manual"] + - ["::new", "ReturnValue.Field[core::result::Result::Ok(0)]", "remote", "manual"] - addsTo: pack: codeql/rust-all - extensible: summaryModelDeprecated + extensible: summaryModel data: - - ["repo:https://github.com/quininer/futures-rustls:futures-rustls", "::connect", "Argument[1]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["repo:https://github.com/quininer/futures-rustls:futures-rustls", "::poll_read", "Argument[self].Reference", "Argument[1].Reference", "taint", "manual"] - - ["repo:https://github.com/rustls/rustls:rustls", "::reader", "Argument[self]", "ReturnValue", "taint", "manual"] - - ["repo:https://github.com/rustls/rustls:rustls", "::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"] + - ["::connect", "Argument[1]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::poll_read", "Argument[self].Reference", "Argument[1].Reference", "taint", "manual"] + - ["::reader", "Argument[self]", "ReturnValue", "taint", "manual"] + - ["::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"] diff --git a/rust/ql/lib/codeql/rust/frameworks/stdlib/lang-alloc.model.yml b/rust/ql/lib/codeql/rust/frameworks/stdlib/lang-alloc.model.yml index eea2f6726db7..08fd458576d6 100644 --- a/rust/ql/lib/codeql/rust/frameworks/stdlib/lang-alloc.model.yml +++ b/rust/ql/lib/codeql/rust/frameworks/stdlib/lang-alloc.model.yml @@ -1,44 +1,49 @@ extensions: - addsTo: pack: codeql/rust-all - extensible: sourceModelDeprecated + extensible: sourceModel data: # Alloc - - ["lang:alloc", "crate::alloc::dealloc", "Argument[0]", "pointer-invalidate", "manual"] + - ["alloc::alloc::dealloc", "Argument[0]", "pointer-invalidate", "manual"] - addsTo: pack: codeql/rust-all - extensible: sinkModelDeprecated + extensible: sinkModel data: # Alloc - - ["lang:alloc", "crate::alloc::alloc", "Argument[0]", "alloc-layout", "manual"] - - ["lang:alloc", "crate::alloc::alloc_zeroed", "Argument[0]", "alloc-layout", "manual"] - - ["lang:alloc", "crate::alloc::realloc", "Argument[2]", "alloc-size", "manual"] - - ["lang:std", "::alloc", "Argument[0]", "alloc-layout", "manual"] - - ["lang:std", "::alloc_zeroed", "Argument[0]", "alloc-layout", "manual"] - - ["lang:std", "::allocate", "Argument[0]", "alloc-layout", "manual"] - - ["lang:std", "::allocate_zeroed", "Argument[0]", "alloc-layout", "manual"] - - ["lang:std", "::grow", "Argument[2]", "alloc-layout", "manual"] - - ["lang:std", "::grow_zeroed", "Argument[2]", "alloc-layout", "manual"] - - ["lang:alloc", "::alloc", "Argument[0]", "alloc-layout", "manual"] - - ["lang:alloc", "::alloc_zeroed", "Argument[0]", "alloc-layout", "manual"] - - ["lang:alloc", "::allocate", "Argument[0]", "alloc-layout", "manual"] - - ["lang:alloc", "::allocate_zeroed", "Argument[0]", "alloc-layout", "manual"] - - ["lang:alloc", "::grow", "Argument[2]", "alloc-layout", "manual"] - - ["lang:alloc", "::grow_zeroed", "Argument[2]", "alloc-layout", "manual"] + - ["alloc::alloc::alloc", "Argument[0]", "alloc-layout", "manual"] + - ["alloc::alloc::alloc_zeroed", "Argument[0]", "alloc-layout", "manual"] + - ["alloc::alloc::realloc", "Argument[2]", "alloc-size", "manual"] + - ["<_ as core::alloc::global::GlobalAlloc>::alloc", "Argument[0]", "alloc-layout", "manual"] + - ["::alloc", "Argument[0]", "alloc-layout", "manual"] + - ["<_ as core::alloc::global::GlobalAlloc>::alloc_zeroed", "Argument[0]", "alloc-layout", "manual"] + - ["::alloc_zeroed", "Argument[0]", "alloc-layout", "manual"] + - ["::allocate", "Argument[0]", "alloc-layout", "manual"] + - ["::allocate_zeroed", "Argument[0]", "alloc-layout", "manual"] + - ["::grow", "Argument[2]", "alloc-layout", "manual"] + - ["::grow_zeroed", "Argument[2]", "alloc-layout", "manual"] + - ["::alloc", "Argument[0]", "alloc-layout", "manual"] + - ["::alloc_zeroed", "Argument[0]", "alloc-layout", "manual"] + - ["::allocate", "Argument[0]", "alloc-layout", "manual"] + - ["::allocate_zeroed", "Argument[0]", "alloc-layout", "manual"] + - ["::grow", "Argument[2]", "alloc-layout", "manual"] + - ["::grow_zeroed", "Argument[2]", "alloc-layout", "manual"] - addsTo: pack: codeql/rust-all - extensible: summaryModelDeprecated + extensible: summaryModel data: # Box - - ["lang:alloc", "::pin", "Argument[0]", "ReturnValue.Reference", "value", "manual"] - - ["lang:alloc", "::new", "Argument[0]", "ReturnValue.Reference", "value", "manual"] - - ["lang:alloc", "::into_pin", "Argument[0]", "ReturnValue", "value", "manual"] + - ["::pin", "Argument[0]", "ReturnValue.Reference", "value", "manual"] + - ["::new", "Argument[0]", "ReturnValue.Reference", "value", "manual"] + - ["::into_pin", "Argument[0]", "ReturnValue", "value", "manual"] # Fmt - - ["lang:alloc", "crate::fmt::format", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["alloc::fmt::format", "Argument[0]", "ReturnValue", "taint", "manual"] # String - - ["lang:alloc", "::as_str", "Argument[self]", "ReturnValue", "value", "manual"] - - ["lang:alloc", "::as_bytes", "Argument[self]", "ReturnValue", "value", "manual"] - - ["lang:alloc", "<_ as crate::string::ToString>::to_string", "Argument[self]", "ReturnValue", "taint", "manual"] - - ["lang:alloc", "::parse", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["lang:alloc", "::trim", "Argument[self]", "ReturnValue.Reference", "taint", "manual"] - - ["lang:alloc", "::from", "Argument[0]", "ReturnValue", "value", "manual"] + - ["::as_str", "Argument[self]", "ReturnValue", "value", "manual"] + - ["::as_bytes", "Argument[self]", "ReturnValue", "value", "manual"] + - ["::as_str", "Argument[self]", "ReturnValue", "value", "manual"] + - ["::as_bytes", "Argument[self]", "ReturnValue", "value", "manual"] + - ["::to_string", "Argument[self]", "ReturnValue", "taint", "manual"] + - ["::to_string", "Argument[self]", "ReturnValue", "taint", "manual"] + - ["::parse", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::trim", "Argument[self]", "ReturnValue.Reference", "taint", "manual"] + - ["::from", "Argument[0]", "ReturnValue", "value", "manual"] diff --git a/rust/ql/lib/codeql/rust/frameworks/stdlib/lang-core.model.yml b/rust/ql/lib/codeql/rust/frameworks/stdlib/lang-core.model.yml index 00d78a7d8cb5..44319a942bf5 100644 --- a/rust/ql/lib/codeql/rust/frameworks/stdlib/lang-core.model.yml +++ b/rust/ql/lib/codeql/rust/frameworks/stdlib/lang-core.model.yml @@ -1,76 +1,79 @@ extensions: - addsTo: pack: codeql/rust-all - extensible: summaryModelDeprecated + extensible: summaryModel data: # Iterator - - ["lang:core", "<[_]>::iter", "Argument[self].Element", "ReturnValue.Element", "value", "manual"] - - ["lang:core", "<[_]>::iter_mut", "Argument[self].Element", "ReturnValue.Element", "value", "manual"] - - ["lang:core", "<[_]>::into_iter", "Argument[self].Element", "ReturnValue.Element", "value", "manual"] - - ["lang:core", "crate::iter::traits::iterator::Iterator::nth", "Argument[self].Element", "ReturnValue.Field[core::option::Option::Some(0)]", "value", "manual"] - - ["lang:core", "crate::iter::traits::iterator::Iterator::next", "Argument[self].Element", "ReturnValue.Field[core::option::Option::Some(0)]", "value", "manual"] - - ["lang:core", "crate::iter::traits::iterator::Iterator::collect", "Argument[self].Element", "ReturnValue.Element", "value", "manual"] - - ["lang:core", "crate::iter::traits::iterator::Iterator::map", "Argument[self].Element", "Argument[0].Parameter[0]", "value", "manual"] - - ["lang:core", "crate::iter::traits::iterator::Iterator::for_each", "Argument[self].Element", "Argument[0].Parameter[0]", "value", "manual"] - - ["lang:core", "::nth", "Argument[self].Element", "ReturnValue.Field[core::option::Option::Some(0)]", "value", "manual"] - - ["lang:core", "::next", "Argument[self].Element", "ReturnValue.Field[core::option::Option::Some(0)]", "value", "manual"] - - ["lang:core", "::collect", "Argument[self].Element", "ReturnValue.Element", "value", "manual"] - - ["lang:core", "::map", "Argument[self].Element", "Argument[0].Parameter[0]", "value", "manual"] - - ["lang:core", "::for_each", "Argument[self].Element", "Argument[0].Parameter[0]", "value", "manual"] + - ["::iter", "Argument[self].Element", "ReturnValue.Element", "value", "manual"] + - ["::iter", "Argument[self].Element", "ReturnValue.Element", "value", "manual"] + - ["::iter_mut", "Argument[self].Element", "ReturnValue.Element", "value", "manual"] + - ["::into_iter", "Argument[self].Element", "ReturnValue.Element", "value", "manual"] + - ["<_ as core::iter::traits::iterator::Iterator>::nth", "Argument[self].Element", "ReturnValue.Field[core::option::Option::Some(0)]", "value", "manual"] + - ["<_ as core::iter::traits::iterator::Iterator>::next", "Argument[self].Element", "ReturnValue.Field[core::option::Option::Some(0)]", "value", "manual"] + - ["<_ as core::iter::traits::iterator::Iterator>::collect", "Argument[self].Element", "ReturnValue.Element", "value", "manual"] + - ["<_ as core::iter::traits::iterator::Iterator>::map", "Argument[self].Element", "Argument[0].Parameter[0]", "value", "manual"] + - ["<_ as core::iter::traits::iterator::Iterator>::for_each", "Argument[self].Element", "Argument[0].Parameter[0]", "value", "manual"] + - ["::nth", "Argument[self].Element", "ReturnValue.Field[core::option::Option::Some(0)]", "value", "manual"] + - ["::next", "Argument[self].Element", "ReturnValue.Field[core::option::Option::Some(0)]", "value", "manual"] + - ["::collect", "Argument[self].Element", "ReturnValue.Element", "value", "manual"] + - ["::map", "Argument[self].Element", "Argument[0].Parameter[0]", "value", "manual"] + - ["<_ as core::iter::traits::iterator::Iterator>::for_each", "Argument[self].Element", "Argument[0].Parameter[0]", "value", "manual"] # Layout - - ["lang:core", "::from_size_align", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["lang:core", "::from_size_align_unchecked", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["lang:core", "::array", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["lang:core", "::repeat", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)].Field[0]", "taint", "manual"] - - ["lang:core", "::repeat", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)].Field[0]", "taint", "manual"] - - ["lang:core", "::repeat_packed", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["lang:core", "::repeat_packed", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["lang:core", "::extend", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)].Field[0]", "taint", "manual"] - - ["lang:core", "::extend", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)].Field[0]", "taint", "manual"] - - ["lang:core", "::extend_packed", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["lang:core", "::extend_packed", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["lang:core", "::align_to", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["lang:core", "::pad_to_align", "Argument[self]", "ReturnValue", "taint", "manual"] - - ["lang:core", "::size", "Argument[self]", "ReturnValue", "taint", "manual"] + - ["::from_size_align", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::from_size_align_unchecked", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["::array", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::repeat", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)].Field[0]", "taint", "manual"] + - ["::repeat", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)].Field[0]", "taint", "manual"] + - ["::repeat_packed", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::repeat_packed", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::extend", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)].Field[0]", "taint", "manual"] + - ["::extend", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)].Field[0]", "taint", "manual"] + - ["::extend_packed", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::extend_packed", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::align_to", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::pad_to_align", "Argument[self]", "ReturnValue", "taint", "manual"] + - ["::size", "Argument[self]", "ReturnValue", "taint", "manual"] # Pin - - ["lang:core", "crate::pin::Pin", "Argument[0]", "ReturnValue", "value", "manual"] - - ["lang:core", "::new", "Argument[0]", "ReturnValue", "value", "manual"] - - ["lang:core", "::new_unchecked", "Argument[0].Reference", "ReturnValue", "value", "manual"] - - ["lang:core", "::into_inner", "Argument[0]", "ReturnValue", "value", "manual"] - - ["lang:core", "::into_inner_unchecked", "Argument[0]", "ReturnValue", "value", "manual"] - - ["lang:core", "::set", "Argument[0]", "Argument[self]", "value", "manual"] - - ["lang:core", "::into_inner", "Argument[0]", "ReturnValue", "value", "manual"] + - ["core::pin::Pin", "Argument[0]", "ReturnValue", "value", "manual"] + - ["::new", "Argument[0]", "ReturnValue", "value", "manual"] + - ["::new_unchecked", "Argument[0].Reference", "ReturnValue", "value", "manual"] + - ["::into_inner", "Argument[0]", "ReturnValue", "value", "manual"] + - ["::into_inner_unchecked", "Argument[0]", "ReturnValue", "value", "manual"] + - ["::set", "Argument[0]", "Argument[self]", "value", "manual"] # Ptr - - ["lang:core", "crate::ptr::read", "Argument[0].Reference", "ReturnValue", "value", "manual"] - - ["lang:core", "crate::ptr::read_unaligned", "Argument[0].Reference", "ReturnValue", "value", "manual"] - - ["lang:core", "crate::ptr::read_volatile", "Argument[0].Reference", "ReturnValue", "value", "manual"] - - ["lang:core", "crate::ptr::write", "Argument[1]", "Argument[0].Reference", "value", "manual"] - - ["lang:core", "crate::ptr::write_unaligned", "Argument[1]", "Argument[0].Reference", "value", "manual"] - - ["lang:core", "crate::ptr::write_volatile", "Argument[1]", "Argument[0].Reference", "value", "manual"] + - ["core::ptr::read", "Argument[0].Reference", "ReturnValue", "value", "manual"] + - ["core::ptr::read_unaligned", "Argument[0].Reference", "ReturnValue", "value", "manual"] + - ["core::ptr::read_volatile", "Argument[0].Reference", "ReturnValue", "value", "manual"] + - ["core::ptr::write", "Argument[1]", "Argument[0].Reference", "value", "manual"] + - ["core::ptr::write_unaligned", "Argument[1]", "Argument[0].Reference", "value", "manual"] + - ["core::ptr::write_volatile", "Argument[1]", "Argument[0].Reference", "value", "manual"] # Str - - ["lang:core", "::as_str", "Argument[self]", "ReturnValue", "taint", "value"] - - ["lang:core", "::as_bytes", "Argument[self]", "ReturnValue", "taint", "value"] - - ["lang:core", "::to_string", "Argument[self]", "ReturnValue", "taint", "manual"] - - ["lang:core", "::parse", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["lang:core", "::trim", "Argument[self]", "ReturnValue.Reference", "taint", "manual"] + - ["::as_str", "Argument[self]", "ReturnValue", "taint", "value"] + - ["::as_str", "Argument[self]", "ReturnValue", "taint", "value"] + - ["::as_bytes", "Argument[self]", "ReturnValue", "taint", "value"] + - ["::as_bytes", "Argument[self]", "ReturnValue", "taint", "value"] + - ["::to_string", "Argument[self]", "ReturnValue", "taint", "manual"] + - ["::parse", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::trim", "Argument[self]", "ReturnValue.Reference", "taint", "manual"] - addsTo: pack: codeql/rust-all - extensible: sourceModelDeprecated + extensible: sourceModel data: # Ptr - - ["lang:core", "crate::ptr::drop_in_place", "Argument[0]", "pointer-invalidate", "manual"] - - ["lang:core", "crate::ptr::dangling", "ReturnValue", "pointer-invalidate", "manual"] - - ["lang:core", "crate::ptr::dangling_mut", "ReturnValue", "pointer-invalidate", "manual"] - - ["lang:core", "crate::ptr::null", "ReturnValue", "pointer-invalidate", "manual"] + - ["core::ptr::drop_in_place", "Argument[0]", "pointer-invalidate", "manual"] + - ["core::ptr::dangling", "ReturnValue", "pointer-invalidate", "manual"] + - ["core::ptr::dangling_mut", "ReturnValue", "pointer-invalidate", "manual"] + - ["core::ptr::null", "ReturnValue", "pointer-invalidate", "manual"] + - ["v8::primitives::null", "ReturnValue", "pointer-invalidate", "manual"] - addsTo: pack: codeql/rust-all - extensible: sinkModelDeprecated + extensible: sinkModel data: # Ptr - - ["lang:core", "crate::ptr::read", "Argument[0]", "pointer-access", "manual"] - - ["lang:core", "crate::ptr::read_unaligned", "Argument[0]", "pointer-access", "manual"] - - ["lang:core", "crate::ptr::read_volatile", "Argument[0]", "pointer-access", "manual"] - - ["lang:core", "crate::ptr::write", "Argument[0]", "pointer-access", "manual"] - - ["lang:core", "crate::ptr::write_bytes", "Argument[0]", "pointer-access", "manual"] - - ["lang:core", "crate::ptr::write_unaligned", "Argument[0]", "pointer-access", "manual"] - - ["lang:core", "crate::ptr::write_volatile", "Argument[0]", "pointer-access", "manual"] + - ["core::ptr::read", "Argument[0]", "pointer-access", "manual"] + - ["core::ptr::read_unaligned", "Argument[0]", "pointer-access", "manual"] + - ["core::ptr::read_volatile", "Argument[0]", "pointer-access", "manual"] + - ["core::ptr::write", "Argument[0]", "pointer-access", "manual"] + - ["core::ptr::write_bytes", "Argument[0]", "pointer-access", "manual"] + - ["core::ptr::write_unaligned", "Argument[0]", "pointer-access", "manual"] + - ["core::ptr::write_volatile", "Argument[0]", "pointer-access", "manual"] diff --git a/rust/ql/lib/codeql/rust/frameworks/stdlib/net.model.yml b/rust/ql/lib/codeql/rust/frameworks/stdlib/net.model.yml index 307b20b5b884..bf158cbae2d3 100644 --- a/rust/ql/lib/codeql/rust/frameworks/stdlib/net.model.yml +++ b/rust/ql/lib/codeql/rust/frameworks/stdlib/net.model.yml @@ -1,16 +1,16 @@ extensions: - addsTo: pack: codeql/rust-all - extensible: sourceModelDeprecated + extensible: sourceModel data: - - ["lang:std", "::connect", "ReturnValue.Field[core::result::Result::Ok(0)]", "remote", "manual"] - - ["lang:std", "::connect_timeout", "ReturnValue.Field[core::result::Result::Ok(0)]", "remote", "manual"] + - ["::connect", "ReturnValue.Field[core::result::Result::Ok(0)]", "remote", "manual"] + - ["::connect_timeout", "ReturnValue.Field[core::result::Result::Ok(0)]", "remote", "manual"] - addsTo: pack: codeql/rust-all - extensible: summaryModelDeprecated + extensible: summaryModel data: - - ["lang:std", "::try_clone", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["lang:std", "::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - - ["lang:std", "::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - - ["lang:std", "::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - - ["lang:std", "::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"] + - ["::try_clone", "Argument[self]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"] + - ["::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"] + - ["::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] + - ["::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"] From 097ac69207ff872f3db77b66668ec43ef0886419 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 9 Jul 2025 15:43:48 +0100 Subject: [PATCH 2/4] Rust: Current sources test regressions. --- .../test/library-tests/dataflow/sources/InlineFlow.expected | 4 ++++ .../library-tests/dataflow/sources/TaintSources.expected | 6 ++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected b/rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected index e69de29bb2d1..5feb53c9a46e 100644 --- a/rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected +++ b/rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected @@ -0,0 +1,4 @@ +| test.rs:114:26:114:50 | //... | Missing result: hasTaintFlow=request | +| test.rs:115:25:115:49 | //... | Missing result: hasTaintFlow=request | +| test.rs:121:22:121:46 | //... | Missing result: hasTaintFlow=request | +| test.rs:217:24:217:89 | //... | Missing result: hasTaintFlow | diff --git a/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected b/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected index b5028f38f761..5be1a08e0df8 100644 --- a/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected +++ b/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected @@ -1,3 +1,4 @@ +#select | test.rs:8:10:8:22 | ...::var | Flow source 'EnvironmentSource' of type environment (DEFAULT). | | test.rs:9:10:9:25 | ...::var_os | Flow source 'EnvironmentSource' of type environment (DEFAULT). | | test.rs:11:16:11:28 | ...::var | Flow source 'EnvironmentSource' of type environment (DEFAULT). | @@ -21,8 +22,6 @@ | test.rs:77:26:77:37 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). | | test.rs:80:24:80:35 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). | | test.rs:99:18:99:47 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). | -| test.rs:113:31:113:42 | send_request | Flow source 'RemoteSource' of type remote (DEFAULT). | -| test.rs:120:31:120:42 | send_request | Flow source 'RemoteSource' of type remote (DEFAULT). | | test.rs:210:22:210:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | | test.rs:216:22:216:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | | test.rs:222:22:222:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | @@ -92,3 +91,6 @@ | web_frameworks.rs:58:14:58:15 | ms | Flow source 'RemoteSource' of type remote (DEFAULT). | | web_frameworks.rs:68:15:68:15 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | | web_frameworks.rs:68:15:68:15 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | +testFailures +| test.rs:113:61:113:98 | //... | Missing result: Alert[rust/summary/taint-sources] | +| test.rs:120:61:120:98 | //... | Missing result: Alert[rust/summary/taint-sources] | From a034e29040a2dade5b46bf505b24037a15477327 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 9 Jul 2025 15:32:18 +0100 Subject: [PATCH 3/4] Rust: Simplify the test a little. --- .../dataflow/sources/InlineFlow.expected | 5 +- .../dataflow/sources/TaintSources.expected | 118 +++++++++--------- .../library-tests/dataflow/sources/test.rs | 3 +- 3 files changed, 61 insertions(+), 65 deletions(-) diff --git a/rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected b/rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected index 5feb53c9a46e..de25fe10111f 100644 --- a/rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected +++ b/rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected @@ -1,4 +1 @@ -| test.rs:114:26:114:50 | //... | Missing result: hasTaintFlow=request | -| test.rs:115:25:115:49 | //... | Missing result: hasTaintFlow=request | -| test.rs:121:22:121:46 | //... | Missing result: hasTaintFlow=request | -| test.rs:217:24:217:89 | //... | Missing result: hasTaintFlow | +| test.rs:218:24:218:89 | //... | Missing result: hasTaintFlow | diff --git a/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected b/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected index 5be1a08e0df8..66d909f2e1ba 100644 --- a/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected +++ b/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected @@ -1,4 +1,3 @@ -#select | test.rs:8:10:8:22 | ...::var | Flow source 'EnvironmentSource' of type environment (DEFAULT). | | test.rs:9:10:9:25 | ...::var_os | Flow source 'EnvironmentSource' of type environment (DEFAULT). | | test.rs:11:16:11:28 | ...::var | Flow source 'EnvironmentSource' of type environment (DEFAULT). | @@ -22,64 +21,66 @@ | test.rs:77:26:77:37 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). | | test.rs:80:24:80:35 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). | | test.rs:99:18:99:47 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). | -| test.rs:210:22:210:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:216:22:216:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:222:22:222:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:228:22:228:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:234:9:234:22 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:238:17:238:30 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:245:50:245:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:251:46:251:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:258:50:258:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:265:50:265:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:272:56:272:69 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:280:46:280:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:287:46:287:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:293:46:293:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:308:25:308:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:315:25:315:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:322:25:322:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:329:25:329:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:336:25:336:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:348:25:348:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:357:52:357:67 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:363:48:363:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:370:52:370:67 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:377:52:377:67 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:384:58:384:73 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:392:48:392:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | -| test.rs:407:31:407:43 | ...::read | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:407:31:407:43 | ...::read | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:412:31:412:38 | ...::read | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:412:31:412:38 | ...::read | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:417:22:417:39 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:417:22:417:39 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:423:22:423:25 | path | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:424:27:424:35 | file_name | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:430:22:430:34 | ...::read_link | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:439:31:439:45 | ...::read | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:444:31:444:45 | ...::read | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:449:22:449:46 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:455:26:455:29 | path | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:455:26:455:29 | path | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:456:31:456:39 | file_name | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:456:31:456:39 | file_name | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:462:22:462:41 | ...::read_link | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:472:20:472:38 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:506:21:506:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:114:31:114:42 | send_request | Flow source 'RemoteSource' of type remote (DEFAULT). | +| test.rs:121:31:121:42 | send_request | Flow source 'RemoteSource' of type remote (DEFAULT). | +| test.rs:211:22:211:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:217:22:217:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:223:22:223:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:229:22:229:35 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:235:9:235:22 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:239:17:239:30 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:246:50:246:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:252:46:252:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:259:50:259:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:266:50:266:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:273:56:273:69 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:281:46:281:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:288:46:288:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:294:46:294:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:309:25:309:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:316:25:316:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:323:25:323:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:330:25:330:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:337:25:337:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:349:25:349:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:358:52:358:67 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:364:48:364:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:371:52:371:67 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:378:52:378:67 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:385:58:385:73 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:393:48:393:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). | +| test.rs:408:31:408:43 | ...::read | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:408:31:408:43 | ...::read | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:413:31:413:38 | ...::read | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:413:31:413:38 | ...::read | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:418:22:418:39 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:418:22:418:39 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:424:22:424:25 | path | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:425:27:425:35 | file_name | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:431:22:431:34 | ...::read_link | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:440:31:440:45 | ...::read | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:445:31:445:45 | ...::read | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:450:22:450:46 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:456:26:456:29 | path | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:456:26:456:29 | path | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:457:31:457:39 | file_name | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:457:31:457:39 | file_name | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:463:22:463:41 | ...::read_link | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:473:20:473:38 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | | test.rs:507:21:507:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:515:21:515:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:527:20:527:40 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:574:21:574:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:508:21:508:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:516:21:516:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:528:20:528:40 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | | test.rs:575:21:575:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:583:21:583:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | -| test.rs:600:26:600:53 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). | -| test.rs:619:26:619:61 | ...::connect_timeout | Flow source 'RemoteSource' of type remote (DEFAULT). | -| test.rs:671:28:671:57 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). | -| test.rs:753:22:753:49 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). | -| test.rs:779:22:779:50 | ...::new | Flow source 'RemoteSource' of type remote (DEFAULT). | -| test.rs:806:16:806:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). | -| test.rs:806:16:806:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). | +| test.rs:576:21:576:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:584:21:584:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). | +| test.rs:601:26:601:53 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). | +| test.rs:620:26:620:61 | ...::connect_timeout | Flow source 'RemoteSource' of type remote (DEFAULT). | +| test.rs:672:28:672:57 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). | +| test.rs:754:22:754:49 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). | +| test.rs:780:22:780:50 | ...::new | Flow source 'RemoteSource' of type remote (DEFAULT). | +| test.rs:807:16:807:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). | +| test.rs:807:16:807:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). | | test_futures_io.rs:19:15:19:32 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). | | web_frameworks.rs:11:31:11:31 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | | web_frameworks.rs:11:31:11:31 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | @@ -91,6 +92,3 @@ | web_frameworks.rs:58:14:58:15 | ms | Flow source 'RemoteSource' of type remote (DEFAULT). | | web_frameworks.rs:68:15:68:15 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | | web_frameworks.rs:68:15:68:15 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | -testFailures -| test.rs:113:61:113:98 | //... | Missing result: Alert[rust/summary/taint-sources] | -| test.rs:120:61:120:98 | //... | Missing result: Alert[rust/summary/taint-sources] | diff --git a/rust/ql/test/library-tests/dataflow/sources/test.rs b/rust/ql/test/library-tests/dataflow/sources/test.rs index 914350b68ceb..adceb112dabd 100644 --- a/rust/ql/test/library-tests/dataflow/sources/test.rs +++ b/rust/ql/test/library-tests/dataflow/sources/test.rs @@ -98,7 +98,8 @@ async fn test_hyper_http(case: i64) -> Result<(), Box> { println!("connecting to {}...", address); let stream = tokio::net::TcpStream::connect(address).await?; // $ Alert[rust/summary/taint-sources] let io = hyper_util::rt::TokioIo::new(stream); - let (mut sender, conn) = hyper::client::conn::http1::handshake(io).await?; + let (sender, conn) = hyper::client::conn::http1::handshake(io).await?; + let mut sender: hyper::client::conn::http1::SendRequest = sender; // drive the HTTP connection tokio::task::spawn(async move { From 47a4ba33a453b8c136c53a7c0317d2576116eb8f Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 9 Jul 2025 16:00:35 +0100 Subject: [PATCH 4/4] Rust: Fix typo in models (also fixed in another open PR). --- rust/ql/lib/codeql/rust/frameworks/stdlib/io.model.yml | 4 ++-- .../test/library-tests/dataflow/sources/InlineFlow.expected | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/rust/ql/lib/codeql/rust/frameworks/stdlib/io.model.yml b/rust/ql/lib/codeql/rust/frameworks/stdlib/io.model.yml index fc86d2fb908f..7aca1a852d9c 100644 --- a/rust/ql/lib/codeql/rust/frameworks/stdlib/io.model.yml +++ b/rust/ql/lib/codeql/rust/frameworks/stdlib/io.model.yml @@ -19,8 +19,8 @@ extensions: - ["lang:std", "::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - ["lang:std", "::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - ["lang:std", "crate::io::Read::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - - ["lang:std", ":::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - - ["lang:std", ":::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] + - ["lang:std", "::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] + - ["lang:std", "::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - ["lang:std", "::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - ["lang:std", "crate::io::Read::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - ["lang:std", "::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"] diff --git a/rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected b/rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected index de25fe10111f..e69de29bb2d1 100644 --- a/rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected +++ b/rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected @@ -1 +0,0 @@ -| test.rs:218:24:218:89 | //... | Missing result: hasTaintFlow |