Syntax node children now passed by ref

[eytan-starkware]

Stack:

• Filesystem inputs now return refs #8053
• Changed filesystem db to return queries by ref where applicale #8050
• Syntax node children now passed by ref #8044 ⬅

⚠️ Part of a stack created by spr. Do not merge manually using the UI - doing so may have unexpected results.

[reviewable-StarkWare]

This change is 

[semgrep-code-starkware-libs]

Semgrep found 1 tainted-path finding:

• crates/cairo-lang-executable/src/compile.rs
  • L107 - Triage

The application builds a file path from potentially untrusted data, which can lead to a path traversal vulnerability. An attacker can manipulate the path which the application uses to access files. If the application does not validate user input and sanitize file paths, sensitive files such as configuration or user data can be accessed, potentially creating or overwriting files. To prevent this vulnerability, validate and sanitize any input that is used to create references to file paths. Also, enforce strict file access controls. For example, choose privileges allowing public-facing applications to access only the required files.

View Dataflow Graph

flowchart LR
    classDef invis fill:white, stroke: none
    classDef default fill:#e7f5ff, color:#1c7fd6, stroke: none

    subgraph File0["<b>crates/cairo-lang-executable/src/compile.rs</b>"]
        direction LR
        %% Source

        subgraph Source
            direction LR

            v0["<a href=https://github.com/starkware-libs/cairo/blob/96d95c758355d7e1770251fbe490408637bfae5b/crates/cairo-lang-executable/src/compile.rs#L107 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 107] path</a>"]
        end
        %% Intermediate

        %% Sink

        subgraph Sink
            direction LR

            v1["<a href=https://github.com/starkware-libs/cairo/blob/96d95c758355d7e1770251fbe490408637bfae5b/crates/cairo-lang-executable/src/compile.rs#L107 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 107] &path</a>"]
        end
    end
    %% Class Assignment
    Source:::invis
    Sink:::invis

    File0:::invis

    %% Connections

    Source --> Sink

Loading

[orizi]

Reviewed 12 of 12 files at r1, all commit messages.
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @eytan-starkware)

---

crates/cairo-lang-syntax/src/node/element_list.rs line 63 at r1 (raw file):

        Self { _data: data, iter }
    }
}

you can now just fully delete this struct.

Code quote:

/// Iterator over the raw elements of an `ElementList`.
struct ElementListRawIter<'a> {
    /// The `Arc` storing the actual node.
    _data: &'a [SyntaxNode<'a>],
    /// Actual iterator over the elements.
    iter: std::slice::Iter<'a, SyntaxNode<'a>>,
}

impl<'a> ElementListRawIter<'a> {
    fn new(data: &'a [SyntaxNode<'a>]) -> Self {
        let iter = data.iter();
        Self { _data: data, iter }
    }
}

[eytan-starkware]

Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @orizi)

---

crates/cairo-lang-syntax/src/node/element_list.rs line 63 at r1 (raw file):

Previously, orizi wrote…

you can now just fully delete this struct.

Done.

[orizi]

Reviewed 8 of 8 files at r2, all commit messages.
Reviewable status: complete! all files reviewed, all discussions resolved (waiting on @eytan-starkware)