hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Rust: Update tests and expected files

Browse Source
This commit is contained in:
Simon Friis Vindum
2025-11-21 12:28:04 +01:00
parent 0f97e7e29d
commit 047ea10a9a
9 changed files with 175 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
rust/ql/test/library-tests/dataflow/sources/database/InlineFlow.expected
View File

@@ -50,6 +50,8 @@ edges
| test.rs:42:20:42:21 | t1 [element] | test.rs:42:13:42:15 | row | provenance | |
| test.rs:48:22:48:30 | query_map | test.rs:50:14:50:24 | ...: i64 | provenance | Src:MaD:3 |
| test.rs:50:14:50:24 | ...: i64 | test.rs:51:22:51:27 | values | provenance | |
| test.rs:55:22:55:30 | query_map | test.rs:57:14:57:39 | ...: ... | provenance | Src:MaD:3 |
| test.rs:57:14:57:39 | ...: ... | test.rs:59:22:59:29 | values.1 | provenance | |
| test.rs:64:13:64:17 | total | test.rs:68:14:68:18 | total | provenance | |
| test.rs:64:21:67:10 | conn.query_fold(...) [Ok] | test.rs:64:21:67:11 | TryExpr | provenance | |
| test.rs:64:21:67:11 | TryExpr | test.rs:64:13:64:17 | total | provenance | |
@@ -61,6 +63,9 @@ edges
| test.rs:66:19:66:21 | row | test.rs:66:13:66:21 | ... + ... | provenance | MaD:11 |
| test.rs:66:19:66:21 | row | test.rs:66:13:66:21 | ... + ... | provenance | MaD:12 |
| test.rs:66:19:66:21 | row | test.rs:66:13:66:21 | ... + ... | provenance | MaD:15 |
| test.rs:70:22:70:31 | query_fold | test.rs:70:83:70:105 | ...: ... | provenance | Src:MaD:2 |
| test.rs:70:83:70:105 | ...: ... | test.rs:72:17:72:20 | name | provenance | |
| test.rs:72:17:72:20 | name | test.rs:75:18:75:21 | name | provenance | |
| test.rs:105:13:105:14 | v1 | test.rs:106:14:106:15 | v1 | provenance | |
| test.rs:105:24:105:33 | row.get(...) [Some] | test.rs:105:24:105:42 | ... .unwrap() | provenance | MaD:16 |
| test.rs:105:24:105:42 | ... .unwrap() | test.rs:105:13:105:14 | v1 | provenance | |
@@ -81,6 +86,8 @@ edges
| test.rs:114:28:114:35 | take_opt | test.rs:114:24:114:38 | row.take_opt(...) [Some, Ok] | provenance | Src:MaD:10 |
| test.rs:135:22:135:30 | query_map | test.rs:137:14:137:24 | ...: i64 | provenance | Src:MaD:5 |
| test.rs:137:14:137:24 | ...: i64 | test.rs:138:22:138:27 | values | provenance | |
| test.rs:142:22:142:30 | query_map | test.rs:144:14:144:39 | ...: ... | provenance | Src:MaD:5 |
| test.rs:144:14:144:39 | ...: ... | test.rs:146:22:146:29 | values.1 | provenance | |
| test.rs:151:13:151:17 | total | test.rs:155:14:155:18 | total | provenance | |
| test.rs:151:21:154:10 | conn.query_fold(...) [future, Ok] | test.rs:151:21:154:16 | await ... [Ok] | provenance | |
| test.rs:151:21:154:16 | await ... [Ok] | test.rs:151:21:154:17 | TryExpr | provenance | |
@@ -93,6 +100,9 @@ edges
| test.rs:153:19:153:21 | row | test.rs:153:13:153:21 | ... + ... | provenance | MaD:11 |
| test.rs:153:19:153:21 | row | test.rs:153:13:153:21 | ... + ... | provenance | MaD:12 |
| test.rs:153:19:153:21 | row | test.rs:153:13:153:21 | ... + ... | provenance | MaD:15 |
| test.rs:157:22:157:31 | query_fold | test.rs:157:83:157:105 | ...: ... | provenance | Src:MaD:4 |
| test.rs:157:83:157:105 | ...: ... | test.rs:159:17:159:20 | name | provenance | |
| test.rs:159:17:159:20 | name | test.rs:162:18:162:21 | name | provenance | |
nodes
| test.rs:18:13:18:14 | v1 | semmle.label | v1 |
| test.rs:18:24:18:33 | row.get(...) [Some] | semmle.label | row.get(...) [Some] |
@@ -135,6 +145,9 @@ nodes
| test.rs:48:22:48:30 | query_map | semmle.label | query_map |
| test.rs:50:14:50:24 | ...: i64 | semmle.label | ...: i64 |
| test.rs:51:22:51:27 | values | semmle.label | values |
| test.rs:55:22:55:30 | query_map | semmle.label | query_map |
| test.rs:57:14:57:39 | ...: ... | semmle.label | ...: ... |
| test.rs:59:22:59:29 | values.1 | semmle.label | values.1 |
| test.rs:64:13:64:17 | total | semmle.label | total |
| test.rs:64:21:67:10 | conn.query_fold(...) [Ok] | semmle.label | conn.query_fold(...) [Ok] |
| test.rs:64:21:67:11 | TryExpr | semmle.label | TryExpr |
@@ -145,6 +158,10 @@ nodes
| test.rs:66:13:66:21 | ... + ... | semmle.label | ... + ... |
| test.rs:66:19:66:21 | row | semmle.label | row |
| test.rs:68:14:68:18 | total | semmle.label | total |
| test.rs:70:22:70:31 | query_fold | semmle.label | query_fold |
| test.rs:70:83:70:105 | ...: ... | semmle.label | ...: ... |
| test.rs:72:17:72:20 | name | semmle.label | name |
| test.rs:75:18:75:21 | name | semmle.label | name |
| test.rs:105:13:105:14 | v1 | semmle.label | v1 |
| test.rs:105:24:105:33 | row.get(...) [Some] | semmle.label | row.get(...) [Some] |
| test.rs:105:24:105:42 | ... .unwrap() | semmle.label | ... .unwrap() |
@@ -170,6 +187,9 @@ nodes
| test.rs:135:22:135:30 | query_map | semmle.label | query_map |
| test.rs:137:14:137:24 | ...: i64 | semmle.label | ...: i64 |
| test.rs:138:22:138:27 | values | semmle.label | values |
| test.rs:142:22:142:30 | query_map | semmle.label | query_map |
| test.rs:144:14:144:39 | ...: ... | semmle.label | ...: ... |
| test.rs:146:22:146:29 | values.1 | semmle.label | values.1 |
| test.rs:151:13:151:17 | total | semmle.label | total |
| test.rs:151:21:154:10 | conn.query_fold(...) [future, Ok] | semmle.label | conn.query_fold(...) [future, Ok] |
| test.rs:151:21:154:16 | await ... [Ok] | semmle.label | await ... [Ok] |
@@ -181,6 +201,10 @@ nodes
| test.rs:153:13:153:21 | ... + ... | semmle.label | ... + ... |
| test.rs:153:19:153:21 | row | semmle.label | row |
| test.rs:155:14:155:18 | total | semmle.label | total |
| test.rs:157:22:157:31 | query_fold | semmle.label | query_fold |
| test.rs:157:83:157:105 | ...: ... | semmle.label | ...: ... |
| test.rs:159:17:159:20 | name | semmle.label | name |
| test.rs:162:18:162:21 | name | semmle.label | name |
subpaths
testFailures
#select
@@ -192,12 +216,16 @@ testFailures
| test.rs:41:14:41:70 | ... .unwrap() | test.rs:41:42:41:44 | get | test.rs:41:14:41:70 | ... .unwrap() | $@ | test.rs:41:42:41:44 | get | get |
| test.rs:44:22:44:22 | v | test.rs:40:27:40:35 | exec_iter | test.rs:44:22:44:22 | v | $@ | test.rs:40:27:40:35 | exec_iter | exec_iter |
| test.rs:51:22:51:27 | values | test.rs:48:22:48:30 | query_map | test.rs:51:22:51:27 | values | $@ | test.rs:48:22:48:30 | query_map | query_map |
| test.rs:59:22:59:29 | values.1 | test.rs:55:22:55:30 | query_map | test.rs:59:22:59:29 | values.1 | $@ | test.rs:55:22:55:30 | query_map | query_map |
| test.rs:65:18:65:20 | row | test.rs:64:26:64:35 | query_fold | test.rs:65:18:65:20 | row | $@ | test.rs:64:26:64:35 | query_fold | query_fold |
| test.rs:68:14:68:18 | total | test.rs:64:26:64:35 | query_fold | test.rs:68:14:68:18 | total | $@ | test.rs:64:26:64:35 | query_fold | query_fold |
| test.rs:75:18:75:21 | name | test.rs:70:22:70:31 | query_fold | test.rs:75:18:75:21 | name | $@ | test.rs:70:22:70:31 | query_fold | query_fold |
| test.rs:106:14:106:15 | v1 | test.rs:105:28:105:30 | get | test.rs:106:14:106:15 | v1 | $@ | test.rs:105:28:105:30 | get | get |
| test.rs:109:14:109:15 | v2 | test.rs:108:28:108:34 | get_opt | test.rs:109:14:109:15 | v2 | $@ | test.rs:108:28:108:34 | get_opt | get_opt |
| test.rs:112:14:112:15 | v3 | test.rs:111:28:111:31 | take | test.rs:112:14:112:15 | v3 | $@ | test.rs:111:28:111:31 | take | take |
| test.rs:115:14:115:15 | v4 | test.rs:114:28:114:35 | take_opt | test.rs:115:14:115:15 | v4 | $@ | test.rs:114:28:114:35 | take_opt | take_opt |
| test.rs:138:22:138:27 | values | test.rs:135:22:135:30 | query_map | test.rs:138:22:138:27 | values | $@ | test.rs:135:22:135:30 | query_map | query_map |
| test.rs:146:22:146:29 | values.1 | test.rs:142:22:142:30 | query_map | test.rs:146:22:146:29 | values.1 | $@ | test.rs:142:22:142:30 | query_map | query_map |
| test.rs:152:18:152:20 | row | test.rs:151:26:151:35 | query_fold | test.rs:152:18:152:20 | row | $@ | test.rs:151:26:151:35 | query_fold | query_fold |
| test.rs:155:14:155:18 | total | test.rs:151:26:151:35 | query_fold | test.rs:155:14:155:18 | total | $@ | test.rs:151:26:151:35 | query_fold | query_fold |
| test.rs:162:18:162:21 | name | test.rs:157:22:157:31 | query_fold | test.rs:162:18:162:21 | name | $@ | test.rs:157:22:157:31 | query_fold | query_fold |

8
rust/ql/test/library-tests/dataflow/sources/database/test.rs
View File

@@ -56,7 +56,7 @@ mod test_mysql {
"SELECT id, name, age FROM person",
|values: (i64, String, i32)| -> () {
sink(values.0); // $ MISSING: hasTaintFlow
sink(values.1); // $ MISSING: hasTaintFlow
sink(values.1); // $ hasTaintFlow
sink(values.2); // $ MISSING: hasTaintFlow
}
)?;
@@ -72,7 +72,7 @@ mod test_mysql {
let name: String = row.1;
let age: i32 = row.2;
sink(id); // $ MISSING: hasTaintFlow
sink(name); // $ MISSING: hasTaintFlow
sink(name); // $ hasTaintFlow
sink(age); // $ MISSING: hasTaintFlow
acc + 1
})?;
@@ -143,7 +143,7 @@ mod test_mysql_async {
"SELECT id, name, age FROM person",
|values: (i64, String, i32)| -> () {
sink(values.0); // $ MISSING: hasTaintFlow
sink(values.1); // $ MISSING: hasTaintFlow
sink(values.1); // $ hasTaintFlow
sink(values.2); // $ MISSING: hasTaintFlow
}
).await?;
@@ -159,7 +159,7 @@ mod test_mysql_async {
let name: String = row.1;
let age: i32 = row.2;
sink(id); // $ MISSING: hasTaintFlow
sink(name); // $ MISSING: hasTaintFlow
sink(name); // $ hasTaintFlow
sink(age); // $ MISSING: hasTaintFlow
acc + 1
}).await?;

72
rust/ql/test/library-tests/dataflow/sources/env/InlineFlow.expected vendored
View File

@@ -6,54 +6,64 @@ models
| 5 | Source: std::env::home_dir; ReturnValue.Field[core::option::Option::Some(0)]; commandargs |
| 6 | Source: std::env::var; ReturnValue.Field[core::result::Result::Ok(0)]; environment |
| 7 | Source: std::env::var_os; ReturnValue.Field[core::option::Option::Some(0)]; environment |
| 8 | Summary: <_ as core::iter::traits::iterator::Iterator>::collect; Argument[self].Element; ReturnValue.Element; value |
| 9 | Summary: <_ as core::iter::traits::iterator::Iterator>::nth; Argument[self].Reference.Element; ReturnValue.Field[core::option::Option::Some(0)]; value |
| 10 | Summary: <_ as core::ops::index::Index>::index; Argument[self].Reference.Element; ReturnValue.Reference; value |
| 11 | Summary: <core::option::Option>::expect; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
| 12 | Summary: <core::option::Option>::unwrap; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
| 13 | Summary: <core::result::Result>::expect; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
| 14 | Summary: <core::result::Result>::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
| 15 | Summary: <core::str>::parse; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint |
| 8 | Source: std::env::vars; ReturnValue.Element; environment |
| 9 | Source: std::env::vars_os; ReturnValue.Element; environment |
| 10 | Summary: <_ as core::iter::traits::iterator::Iterator>::collect; Argument[self].Element; ReturnValue.Element; value |
| 11 | Summary: <_ as core::iter::traits::iterator::Iterator>::nth; Argument[self].Reference.Element; ReturnValue.Field[core::option::Option::Some(0)]; value |
| 12 | Summary: <_ as core::ops::index::Index>::index; Argument[self].Reference.Element; ReturnValue.Reference; value |
| 13 | Summary: <core::option::Option>::expect; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
| 14 | Summary: <core::option::Option>::unwrap; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
| 15 | Summary: <core::result::Result>::expect; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
| 16 | Summary: <core::result::Result>::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
| 17 | Summary: <core::str>::parse; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint |
edges
| test.rs:6:10:6:22 | ...::var | test.rs:6:10:6:30 | ...::var(...) | provenance | Src:MaD:6 |
| test.rs:7:10:7:25 | ...::var_os | test.rs:7:10:7:33 | ...::var_os(...) | provenance | Src:MaD:7 |
| test.rs:9:9:9:12 | var1 | test.rs:12:10:12:13 | var1 | provenance | |
| test.rs:9:16:9:28 | ...::var | test.rs:9:16:9:36 | ...::var(...) [Ok] | provenance | Src:MaD:6 |
| test.rs:9:16:9:36 | ...::var(...) [Ok] | test.rs:9:16:9:59 | ... .expect(...) | provenance | MaD:13 |
| test.rs:9:16:9:36 | ...::var(...) [Ok] | test.rs:9:16:9:59 | ... .expect(...) | provenance | MaD:15 |
| test.rs:9:16:9:59 | ... .expect(...) | test.rs:9:9:9:12 | var1 | provenance | |
| test.rs:10:9:10:12 | var2 | test.rs:13:10:13:13 | var2 | provenance | |
| test.rs:10:16:10:31 | ...::var_os | test.rs:10:16:10:39 | ...::var_os(...) [Some] | provenance | Src:MaD:7 |
| test.rs:10:16:10:39 | ...::var_os(...) [Some] | test.rs:10:16:10:48 | ... .unwrap() | provenance | MaD:12 |
| test.rs:10:16:10:39 | ...::var_os(...) [Some] | test.rs:10:16:10:48 | ... .unwrap() | provenance | MaD:14 |
| test.rs:10:16:10:48 | ... .unwrap() | test.rs:10:9:10:12 | var2 | provenance | |
| test.rs:15:9:15:20 | TuplePat | test.rs:16:14:16:16 | key | provenance | |
| test.rs:15:9:15:20 | TuplePat | test.rs:17:14:17:18 | value | provenance | |
| test.rs:15:25:15:38 | ...::vars | test.rs:15:25:15:40 | ...::vars(...) [element] | provenance | Src:MaD:8 |
| test.rs:15:25:15:40 | ...::vars(...) [element] | test.rs:15:9:15:20 | TuplePat | provenance | |
| test.rs:20:9:20:20 | TuplePat | test.rs:21:14:21:16 | key | provenance | |
| test.rs:20:9:20:20 | TuplePat | test.rs:22:14:22:18 | value | provenance | |
| test.rs:20:25:20:41 | ...::vars_os | test.rs:20:25:20:43 | ...::vars_os(...) [element] | provenance | Src:MaD:9 |
| test.rs:20:25:20:43 | ...::vars_os(...) [element] | test.rs:20:9:20:20 | TuplePat | provenance | |
| test.rs:27:9:27:12 | args [element] | test.rs:28:20:28:23 | args [element] | provenance | |
| test.rs:27:9:27:12 | args [element] | test.rs:29:17:29:20 | args [element] | provenance | |
| test.rs:27:29:27:42 | ...::args | test.rs:27:29:27:44 | ...::args(...) [element] | provenance | Src:MaD:1 |
| test.rs:27:29:27:44 | ...::args(...) [element] | test.rs:27:29:27:54 | ... .collect() [element] | provenance | MaD:8 |
| test.rs:27:29:27:44 | ...::args(...) [element] | test.rs:27:29:27:54 | ... .collect() [element] | provenance | MaD:10 |
| test.rs:27:29:27:54 | ... .collect() [element] | test.rs:27:9:27:12 | args [element] | provenance | |
| test.rs:28:9:28:15 | my_path [&ref] | test.rs:34:10:34:16 | my_path | provenance | |
| test.rs:28:19:28:26 | &... [&ref] | test.rs:28:9:28:15 | my_path [&ref] | provenance | |
| test.rs:28:20:28:23 | args [element] | test.rs:28:20:28:26 | args[0] | provenance | MaD:10 |
| test.rs:28:20:28:23 | args [element] | test.rs:28:20:28:26 | args[0] | provenance | MaD:12 |
| test.rs:28:20:28:26 | args[0] | test.rs:28:19:28:26 | &... [&ref] | provenance | |
| test.rs:29:9:29:12 | arg1 [&ref] | test.rs:35:10:35:13 | arg1 | provenance | |
| test.rs:29:16:29:23 | &... [&ref] | test.rs:29:9:29:12 | arg1 [&ref] | provenance | |
| test.rs:29:17:29:20 | args [element] | test.rs:29:17:29:23 | args[1] | provenance | MaD:10 |
| test.rs:29:17:29:20 | args [element] | test.rs:29:17:29:23 | args[1] | provenance | MaD:12 |
| test.rs:29:17:29:23 | args[1] | test.rs:29:16:29:23 | &... [&ref] | provenance | |
| test.rs:30:9:30:12 | arg2 | test.rs:36:10:36:13 | arg2 | provenance | |
| test.rs:30:16:30:29 | ...::args | test.rs:30:16:30:31 | ...::args(...) [element] | provenance | Src:MaD:1 |
| test.rs:30:16:30:31 | ...::args(...) [element] | test.rs:30:16:30:38 | ... .nth(...) [Some] | provenance | MaD:9 |
| test.rs:30:16:30:38 | ... .nth(...) [Some] | test.rs:30:16:30:47 | ... .unwrap() | provenance | MaD:12 |
| test.rs:30:16:30:31 | ...::args(...) [element] | test.rs:30:16:30:38 | ... .nth(...) [Some] | provenance | MaD:11 |
| test.rs:30:16:30:38 | ... .nth(...) [Some] | test.rs:30:16:30:47 | ... .unwrap() | provenance | MaD:14 |
| test.rs:30:16:30:47 | ... .unwrap() | test.rs:30:9:30:12 | arg2 | provenance | |
| test.rs:31:9:31:12 | arg3 | test.rs:37:10:37:13 | arg3 | provenance | |
| test.rs:31:16:31:32 | ...::args_os | test.rs:31:16:31:34 | ...::args_os(...) [element] | provenance | Src:MaD:2 |
| test.rs:31:16:31:34 | ...::args_os(...) [element] | test.rs:31:16:31:41 | ... .nth(...) [Some] | provenance | MaD:9 |
| test.rs:31:16:31:41 | ... .nth(...) [Some] | test.rs:31:16:31:50 | ... .unwrap() | provenance | MaD:12 |
| test.rs:31:16:31:34 | ...::args_os(...) [element] | test.rs:31:16:31:41 | ... .nth(...) [Some] | provenance | MaD:11 |
| test.rs:31:16:31:41 | ... .nth(...) [Some] | test.rs:31:16:31:50 | ... .unwrap() | provenance | MaD:14 |
| test.rs:31:16:31:50 | ... .unwrap() | test.rs:31:9:31:12 | arg3 | provenance | |
| test.rs:32:9:32:12 | arg4 | test.rs:38:10:38:13 | arg4 | provenance | |
| test.rs:32:16:32:29 | ...::args | test.rs:32:16:32:31 | ...::args(...) [element] | provenance | Src:MaD:1 |
| test.rs:32:16:32:31 | ...::args(...) [element] | test.rs:32:16:32:38 | ... .nth(...) [Some] | provenance | MaD:9 |
| test.rs:32:16:32:38 | ... .nth(...) [Some] | test.rs:32:16:32:47 | ... .unwrap() | provenance | MaD:12 |
| test.rs:32:16:32:47 | ... .unwrap() | test.rs:32:16:32:64 | ... .parse() [Ok] | provenance | MaD:15 |
| test.rs:32:16:32:64 | ... .parse() [Ok] | test.rs:32:16:32:73 | ... .unwrap() | provenance | MaD:14 |
| test.rs:32:16:32:31 | ...::args(...) [element] | test.rs:32:16:32:38 | ... .nth(...) [Some] | provenance | MaD:11 |
| test.rs:32:16:32:38 | ... .nth(...) [Some] | test.rs:32:16:32:47 | ... .unwrap() | provenance | MaD:14 |
| test.rs:32:16:32:47 | ... .unwrap() | test.rs:32:16:32:64 | ... .parse() [Ok] | provenance | MaD:17 |
| test.rs:32:16:32:64 | ... .parse() [Ok] | test.rs:32:16:32:73 | ... .unwrap() | provenance | MaD:16 |
| test.rs:32:16:32:73 | ... .unwrap() | test.rs:32:9:32:12 | arg4 | provenance | |
| test.rs:40:9:40:11 | arg | test.rs:41:14:41:16 | arg | provenance | |
| test.rs:40:16:40:29 | ...::args | test.rs:40:16:40:31 | ...::args(...) [element] | provenance | Src:MaD:1 |
@@ -63,15 +73,15 @@ edges
| test.rs:44:16:44:34 | ...::args_os(...) [element] | test.rs:44:9:44:11 | arg | provenance | |
| test.rs:50:9:50:11 | dir | test.rs:54:10:54:12 | dir | provenance | |
| test.rs:50:15:50:35 | ...::current_dir | test.rs:50:15:50:37 | ...::current_dir(...) [Ok] | provenance | Src:MaD:3 |
| test.rs:50:15:50:37 | ...::current_dir(...) [Ok] | test.rs:50:15:50:54 | ... .expect(...) | provenance | MaD:13 |
| test.rs:50:15:50:37 | ...::current_dir(...) [Ok] | test.rs:50:15:50:54 | ... .expect(...) | provenance | MaD:15 |
| test.rs:50:15:50:54 | ... .expect(...) | test.rs:50:9:50:11 | dir | provenance | |
| test.rs:51:9:51:11 | exe | test.rs:55:10:55:12 | exe | provenance | |
| test.rs:51:15:51:35 | ...::current_exe | test.rs:51:15:51:37 | ...::current_exe(...) [Ok] | provenance | Src:MaD:4 |
| test.rs:51:15:51:37 | ...::current_exe(...) [Ok] | test.rs:51:15:51:54 | ... .expect(...) | provenance | MaD:13 |
| test.rs:51:15:51:37 | ...::current_exe(...) [Ok] | test.rs:51:15:51:54 | ... .expect(...) | provenance | MaD:15 |
| test.rs:51:15:51:54 | ... .expect(...) | test.rs:51:9:51:11 | exe | provenance | |
| test.rs:52:9:52:12 | home | test.rs:56:10:56:13 | home | provenance | |
| test.rs:52:16:52:33 | ...::home_dir | test.rs:52:16:52:35 | ...::home_dir(...) [Some] | provenance | Src:MaD:5 |
| test.rs:52:16:52:35 | ...::home_dir(...) [Some] | test.rs:52:16:52:52 | ... .expect(...) | provenance | MaD:11 |
| test.rs:52:16:52:35 | ...::home_dir(...) [Some] | test.rs:52:16:52:52 | ... .expect(...) | provenance | MaD:13 |
| test.rs:52:16:52:52 | ... .expect(...) | test.rs:52:9:52:12 | home | provenance | |
nodes
| test.rs:6:10:6:22 | ...::var | semmle.label | ...::var |
@@ -88,6 +98,16 @@ nodes
| test.rs:10:16:10:48 | ... .unwrap() | semmle.label | ... .unwrap() |
| test.rs:12:10:12:13 | var1 | semmle.label | var1 |
| test.rs:13:10:13:13 | var2 | semmle.label | var2 |
| test.rs:15:9:15:20 | TuplePat | semmle.label | TuplePat |
| test.rs:15:25:15:38 | ...::vars | semmle.label | ...::vars |
| test.rs:15:25:15:40 | ...::vars(...) [element] | semmle.label | ...::vars(...) [element] |
| test.rs:16:14:16:16 | key | semmle.label | key |
| test.rs:17:14:17:18 | value | semmle.label | value |
| test.rs:20:9:20:20 | TuplePat | semmle.label | TuplePat |
| test.rs:20:25:20:41 | ...::vars_os | semmle.label | ...::vars_os |
| test.rs:20:25:20:43 | ...::vars_os(...) [element] | semmle.label | ...::vars_os(...) [element] |
| test.rs:21:14:21:16 | key | semmle.label | key |
| test.rs:22:14:22:18 | value | semmle.label | value |
| test.rs:27:9:27:12 | args [element] | semmle.label | args [element] |
| test.rs:27:29:27:42 | ...::args | semmle.label | ...::args |
| test.rs:27:29:27:44 | ...::args(...) [element] | semmle.label | ...::args(...) [element] |
@@ -152,6 +172,10 @@ testFailures
| test.rs:7:10:7:33 | ...::var_os(...) | test.rs:7:10:7:25 | ...::var_os | test.rs:7:10:7:33 | ...::var_os(...) | $@ | test.rs:7:10:7:25 | ...::var_os | ...::var_os |
| test.rs:12:10:12:13 | var1 | test.rs:9:16:9:28 | ...::var | test.rs:12:10:12:13 | var1 | $@ | test.rs:9:16:9:28 | ...::var | ...::var |
| test.rs:13:10:13:13 | var2 | test.rs:10:16:10:31 | ...::var_os | test.rs:13:10:13:13 | var2 | $@ | test.rs:10:16:10:31 | ...::var_os | ...::var_os |
| test.rs:16:14:16:16 | key | test.rs:15:25:15:38 | ...::vars | test.rs:16:14:16:16 | key | $@ | test.rs:15:25:15:38 | ...::vars | ...::vars |
| test.rs:17:14:17:18 | value | test.rs:15:25:15:38 | ...::vars | test.rs:17:14:17:18 | value | $@ | test.rs:15:25:15:38 | ...::vars | ...::vars |
| test.rs:21:14:21:16 | key | test.rs:20:25:20:41 | ...::vars_os | test.rs:21:14:21:16 | key | $@ | test.rs:20:25:20:41 | ...::vars_os | ...::vars_os |
| test.rs:22:14:22:18 | value | test.rs:20:25:20:41 | ...::vars_os | test.rs:22:14:22:18 | value | $@ | test.rs:20:25:20:41 | ...::vars_os | ...::vars_os |
| test.rs:34:10:34:16 | my_path | test.rs:27:29:27:42 | ...::args | test.rs:34:10:34:16 | my_path | $@ | test.rs:27:29:27:42 | ...::args | ...::args |
| test.rs:35:10:35:13 | arg1 | test.rs:27:29:27:42 | ...::args | test.rs:35:10:35:13 | arg1 | $@ | test.rs:27:29:27:42 | ...::args | ...::args |
| test.rs:36:10:36:13 | arg2 | test.rs:30:16:30:29 | ...::args | test.rs:36:10:36:13 | arg2 | $@ | test.rs:30:16:30:29 | ...::args | ...::args |

8
rust/ql/test/library-tests/dataflow/sources/env/test.rs vendored
View File

@@ -13,13 +13,13 @@ fn test_env_vars() {
sink(var2); // $ hasTaintFlow="PATH"
for (key, value) in std::env::vars() { // $ Alert[rust/summary/taint-sources]
sink(key); // $ MISSING: hasTaintFlow
sink(value); // $ MISSING: hasTaintFlow
sink(key); // $ hasTaintFlow
sink(value); // $ hasTaintFlow
}
for (key, value) in std::env::vars_os() { // $ Alert[rust/summary/taint-sources]
sink(key); // $ MISSING: hasTaintFlow
sink(value); // $ MISSING: hasTaintFlow
sink(key); // $ hasTaintFlow
sink(value); // $ hasTaintFlow
}
}

15
rust/ql/test/library-tests/dataflow/sources/file/InlineFlow.expected
View File

@@ -41,20 +41,26 @@ models
edges
| test.rs:12:13:12:18 | buffer | test.rs:13:14:13:19 | buffer | provenance | |
| test.rs:12:31:12:43 | ...::read | test.rs:12:31:12:43 | ...::read [Ok] | provenance | Src:MaD:11 |
| test.rs:12:31:12:43 | ...::read | test.rs:12:31:12:55 | ...::read(...) | provenance | Src:MaD:12 MaD:12 |
| test.rs:12:31:12:43 | ...::read | test.rs:12:31:12:55 | ...::read(...) [Ok] | provenance | Src:MaD:11 |
| test.rs:12:31:12:43 | ...::read [Ok] | test.rs:12:31:12:55 | ...::read(...) [Ok] | provenance | MaD:12 |
| test.rs:12:31:12:55 | ...::read(...) | test.rs:12:13:12:18 | buffer | provenance | |
| test.rs:12:31:12:55 | ...::read(...) [Ok] | test.rs:12:31:12:56 | TryExpr | provenance | |
| test.rs:12:31:12:56 | TryExpr | test.rs:12:13:12:18 | buffer | provenance | |
| test.rs:17:13:17:18 | buffer | test.rs:18:14:18:19 | buffer | provenance | |
| test.rs:17:31:17:38 | ...::read | test.rs:17:31:17:38 | ...::read [Ok] | provenance | Src:MaD:11 |
| test.rs:17:31:17:38 | ...::read | test.rs:17:31:17:50 | ...::read(...) | provenance | Src:MaD:12 MaD:12 |
| test.rs:17:31:17:38 | ...::read | test.rs:17:31:17:50 | ...::read(...) [Ok] | provenance | Src:MaD:11 |
| test.rs:17:31:17:38 | ...::read [Ok] | test.rs:17:31:17:50 | ...::read(...) [Ok] | provenance | MaD:12 |
| test.rs:17:31:17:50 | ...::read(...) | test.rs:17:13:17:18 | buffer | provenance | |
| test.rs:17:31:17:50 | ...::read(...) [Ok] | test.rs:17:31:17:51 | TryExpr | provenance | |
| test.rs:17:31:17:51 | TryExpr | test.rs:17:13:17:18 | buffer | provenance | |
| test.rs:22:13:22:18 | buffer | test.rs:23:14:23:19 | buffer | provenance | |
| test.rs:22:22:22:39 | ...::read_to_string | test.rs:22:22:22:39 | ...::read_to_string [Ok] | provenance | Src:MaD:14 |
| test.rs:22:22:22:39 | ...::read_to_string | test.rs:22:22:22:51 | ...::read_to_string(...) | provenance | Src:MaD:15 MaD:15 |
| test.rs:22:22:22:39 | ...::read_to_string | test.rs:22:22:22:51 | ...::read_to_string(...) [Ok] | provenance | Src:MaD:14 |
| test.rs:22:22:22:39 | ...::read_to_string [Ok] | test.rs:22:22:22:51 | ...::read_to_string(...) [Ok] | provenance | MaD:15 |
| test.rs:22:22:22:51 | ...::read_to_string(...) | test.rs:22:13:22:18 | buffer | provenance | |
| test.rs:22:22:22:51 | ...::read_to_string(...) [Ok] | test.rs:22:22:22:52 | TryExpr | provenance | |
| test.rs:22:22:22:52 | TryExpr | test.rs:22:13:22:18 | buffer | provenance | |
| test.rs:29:13:29:16 | path | test.rs:30:14:30:17 | path | provenance | |
@@ -262,19 +268,25 @@ edges
nodes
| test.rs:12:13:12:18 | buffer | semmle.label | buffer |
| test.rs:12:31:12:43 | ...::read | semmle.label | ...::read |
| test.rs:12:31:12:43 | ...::read | semmle.label | ...::read |
| test.rs:12:31:12:43 | ...::read [Ok] | semmle.label | ...::read [Ok] |
| test.rs:12:31:12:55 | ...::read(...) | semmle.label | ...::read(...) |
| test.rs:12:31:12:55 | ...::read(...) [Ok] | semmle.label | ...::read(...) [Ok] |
| test.rs:12:31:12:56 | TryExpr | semmle.label | TryExpr |
| test.rs:13:14:13:19 | buffer | semmle.label | buffer |
| test.rs:17:13:17:18 | buffer | semmle.label | buffer |
| test.rs:17:31:17:38 | ...::read | semmle.label | ...::read |
| test.rs:17:31:17:38 | ...::read | semmle.label | ...::read |
| test.rs:17:31:17:38 | ...::read [Ok] | semmle.label | ...::read [Ok] |
| test.rs:17:31:17:50 | ...::read(...) | semmle.label | ...::read(...) |
| test.rs:17:31:17:50 | ...::read(...) [Ok] | semmle.label | ...::read(...) [Ok] |
| test.rs:17:31:17:51 | TryExpr | semmle.label | TryExpr |
| test.rs:18:14:18:19 | buffer | semmle.label | buffer |
| test.rs:22:13:22:18 | buffer | semmle.label | buffer |
| test.rs:22:22:22:39 | ...::read_to_string | semmle.label | ...::read_to_string |
| test.rs:22:22:22:39 | ...::read_to_string | semmle.label | ...::read_to_string |
| test.rs:22:22:22:39 | ...::read_to_string [Ok] | semmle.label | ...::read_to_string [Ok] |
| test.rs:22:22:22:51 | ...::read_to_string(...) | semmle.label | ...::read_to_string(...) |
| test.rs:22:22:22:51 | ...::read_to_string(...) [Ok] | semmle.label | ...::read_to_string(...) [Ok] |
| test.rs:22:22:22:52 | TryExpr | semmle.label | TryExpr |
| test.rs:23:14:23:19 | buffer | semmle.label | buffer |
@@ -503,7 +515,10 @@ subpaths
testFailures
#select
| test.rs:13:14:13:19 | buffer | test.rs:12:31:12:43 | ...::read | test.rs:13:14:13:19 | buffer | $@ | test.rs:12:31:12:43 | ...::read | ...::read |
| test.rs:13:14:13:19 | buffer | test.rs:12:31:12:43 | ...::read | test.rs:13:14:13:19 | buffer | $@ | test.rs:12:31:12:43 | ...::read | ...::read |
| test.rs:18:14:18:19 | buffer | test.rs:17:31:17:38 | ...::read | test.rs:18:14:18:19 | buffer | $@ | test.rs:17:31:17:38 | ...::read | ...::read |
| test.rs:18:14:18:19 | buffer | test.rs:17:31:17:38 | ...::read | test.rs:18:14:18:19 | buffer | $@ | test.rs:17:31:17:38 | ...::read | ...::read |
| test.rs:23:14:23:19 | buffer | test.rs:22:22:22:39 | ...::read_to_string | test.rs:23:14:23:19 | buffer | $@ | test.rs:22:22:22:39 | ...::read_to_string | ...::read_to_string |
| test.rs:23:14:23:19 | buffer | test.rs:22:22:22:39 | ...::read_to_string | test.rs:23:14:23:19 | buffer | $@ | test.rs:22:22:22:39 | ...::read_to_string | ...::read_to_string |
| test.rs:30:14:30:25 | path.clone() | test.rs:29:22:29:25 | path | test.rs:30:14:30:25 | path.clone() | $@ | test.rs:29:22:29:25 | path | path |
| test.rs:31:14:31:35 | ... .as_path() | test.rs:29:22:29:25 | path | test.rs:31:14:31:35 | ... .as_path() | $@ | test.rs:29:22:29:25 | path | path |

2
rust/ql/test/library-tests/dataflow/sources/net/test.rs
View File

@@ -204,7 +204,7 @@ async fn test_std_tcpstream(case: i64) -> std::io::Result<()> {
for line in reader.lines() { // $ MISSING: Alert[rust/summary/taint-sources]
if let Ok(string) = line {
println!("line = {}", string);
sink(string); // $ MISSING: hasTaintFlow
sink(string); // $ MISSING: hasTaintFlow=&sock_addr
}
}
}

116
rust/ql/test/library-tests/dataflow/sources/web_frameworks/InlineFlow.expected
View File

@@ -4,73 +4,44 @@ models
| 3 | Source: <_ as warp::filter::Filter>::then; Argument[0].Parameter[0..7]; remote |
| 4 | Source: <actix_web::resource::Resource>::to; Argument[0].Parameter[0..7]; remote |
| 5 | Source: <actix_web::route::Route>::to; Argument[0].Parameter[0..7]; remote |
| 6 | Summary: <actix_web::types::path::Path>::into_inner; Argument[self]; ReturnValue.Field[0]; taint |
| 7 | Summary: <actix_web::types::path::Path>::into_inner; Argument[self]; ReturnValue.Field[1]; taint |
| 8 | Summary: <actix_web::types::path::Path>::into_inner; Argument[self]; ReturnValue.Field[2]; taint |
| 9 | Summary: <actix_web::types::path::Path>::into_inner; Argument[self]; ReturnValue; taint |
| 10 | Summary: <alloc::string::String>::as_bytes; Argument[self]; ReturnValue; value |
| 11 | Summary: <alloc::string::String>::as_str; Argument[self]; ReturnValue; value |
| 6 | Summary: <actix_web::types::path::Path>::into_inner; Argument[self]; ReturnValue; taint |
| 7 | Summary: <alloc::string::String>::as_bytes; Argument[self]; ReturnValue; value |
| 8 | Summary: <alloc::string::String>::as_str; Argument[self]; ReturnValue; value |
edges
| test.rs:11:31:11:31 | a | test.rs:13:14:13:14 | a | provenance | |
| test.rs:11:31:11:31 | a | test.rs:14:14:14:14 | a | provenance | |
| test.rs:11:31:11:31 | a | test.rs:15:14:15:14 | a | provenance | |
| test.rs:13:14:13:14 | a | test.rs:13:14:13:23 | a.as_str() | provenance | MaD:11 |
| test.rs:14:14:14:14 | a | test.rs:14:14:14:25 | a.as_bytes() | provenance | MaD:10 |
| test.rs:13:14:13:14 | a | test.rs:13:14:13:23 | a.as_str() | provenance | MaD:8 |
| test.rs:14:14:14:14 | a | test.rs:14:14:14:25 | a.as_bytes() | provenance | MaD:7 |
| test.rs:22:14:22:19 | TuplePat | test.rs:24:14:24:14 | a | provenance | |
| test.rs:22:14:22:19 | TuplePat | test.rs:25:14:25:14 | b | provenance | |
| test.rs:48:14:48:30 | MyStruct {...} | test.rs:50:14:50:14 | a | provenance | |
| test.rs:48:14:48:30 | MyStruct {...} | test.rs:51:14:51:14 | b | provenance | |
| test.rs:58:14:58:15 | ms | test.rs:60:14:60:17 | ms.a | provenance | |
| test.rs:58:14:58:15 | ms | test.rs:61:14:61:17 | ms.b | provenance | |
| test.rs:68:15:68:15 | a | test.rs:70:14:70:14 | a | provenance | |
| test.rs:98:9:98:31 | ...: ...::Path::<...> | test.rs:100:17:100:20 | path | provenance | |
| test.rs:100:13:100:13 | a | test.rs:101:14:101:14 | a | provenance | |
| test.rs:100:13:100:13 | a | test.rs:102:14:102:14 | a | provenance | |
| test.rs:100:13:100:13 | a | test.rs:103:14:103:14 | a | provenance | |
| test.rs:100:13:100:13 | a [tuple.0] | test.rs:101:14:101:14 | a [tuple.0] | provenance | |
| test.rs:100:13:100:13 | a [tuple.0] | test.rs:102:14:102:14 | a [tuple.0] | provenance | |
| test.rs:100:13:100:13 | a [tuple.0] | test.rs:103:14:103:14 | a | provenance | |
| test.rs:100:13:100:13 | a [tuple.1] | test.rs:101:14:101:14 | a [tuple.1] | provenance | |
| test.rs:100:13:100:13 | a [tuple.1] | test.rs:102:14:102:14 | a [tuple.1] | provenance | |
| test.rs:100:13:100:13 | a [tuple.1] | test.rs:103:14:103:14 | a | provenance | |
| test.rs:100:13:100:13 | a [tuple.2] | test.rs:101:14:101:14 | a [tuple.2] | provenance | |
| test.rs:100:13:100:13 | a [tuple.2] | test.rs:102:14:102:14 | a [tuple.2] | provenance | |
| test.rs:100:13:100:13 | a [tuple.2] | test.rs:103:14:103:14 | a | provenance | |
| test.rs:100:17:100:20 | path | test.rs:100:17:100:33 | path.into_inner() | provenance | MaD:9 |
| test.rs:100:17:100:20 | path | test.rs:100:17:100:33 | path.into_inner() [tuple.0] | provenance | MaD:6 |
| test.rs:100:17:100:20 | path | test.rs:100:17:100:33 | path.into_inner() [tuple.1] | provenance | MaD:7 |
| test.rs:100:17:100:20 | path | test.rs:100:17:100:33 | path.into_inner() [tuple.2] | provenance | MaD:8 |
| test.rs:100:17:100:20 | path | test.rs:100:17:100:33 | path.into_inner() | provenance | MaD:6 |
| test.rs:100:17:100:33 | path.into_inner() | test.rs:100:13:100:13 | a | provenance | |
| test.rs:100:17:100:33 | path.into_inner() [tuple.0] | test.rs:100:13:100:13 | a [tuple.0] | provenance | |
| test.rs:100:17:100:33 | path.into_inner() [tuple.1] | test.rs:100:13:100:13 | a [tuple.1] | provenance | |
| test.rs:100:17:100:33 | path.into_inner() [tuple.2] | test.rs:100:13:100:13 | a [tuple.2] | provenance | |
| test.rs:101:14:101:14 | a | test.rs:101:14:101:23 | a.as_str() | provenance | MaD:11 |
| test.rs:101:14:101:14 | a [tuple.0] | test.rs:101:14:101:23 | a.as_str() | provenance | MaD:11 |
| test.rs:101:14:101:14 | a [tuple.1] | test.rs:101:14:101:23 | a.as_str() | provenance | MaD:11 |
| test.rs:101:14:101:14 | a [tuple.2] | test.rs:101:14:101:23 | a.as_str() | provenance | MaD:11 |
| test.rs:102:14:102:14 | a | test.rs:102:14:102:25 | a.as_bytes() | provenance | MaD:10 |
| test.rs:102:14:102:14 | a [tuple.0] | test.rs:102:14:102:25 | a.as_bytes() | provenance | MaD:10 |
| test.rs:102:14:102:14 | a [tuple.1] | test.rs:102:14:102:25 | a.as_bytes() | provenance | MaD:10 |
| test.rs:102:14:102:14 | a [tuple.2] | test.rs:102:14:102:25 | a.as_bytes() | provenance | MaD:10 |
| test.rs:101:14:101:14 | a | test.rs:101:14:101:23 | a.as_str() | provenance | MaD:8 |
| test.rs:102:14:102:14 | a | test.rs:102:14:102:25 | a.as_bytes() | provenance | MaD:7 |
| test.rs:109:9:109:41 | ...: ...::Path::<...> | test.rs:111:22:111:25 | path | provenance | |
| test.rs:111:13:111:18 | TuplePat [tuple.0] | test.rs:111:14:111:14 | a | provenance | |
| test.rs:111:13:111:18 | TuplePat [tuple.1] | test.rs:111:17:111:17 | b | provenance | |
| test.rs:111:14:111:14 | a | test.rs:113:14:113:14 | a | provenance | |
| test.rs:111:17:111:17 | b | test.rs:114:14:114:14 | b | provenance | |
| test.rs:111:22:111:25 | path | test.rs:111:22:111:38 | path.into_inner() [tuple.0] | provenance | MaD:6 |
| test.rs:111:22:111:25 | path | test.rs:111:22:111:38 | path.into_inner() [tuple.1] | provenance | MaD:7 |
| test.rs:111:22:111:38 | path.into_inner() [tuple.0] | test.rs:111:13:111:18 | TuplePat [tuple.0] | provenance | |
| test.rs:111:22:111:38 | path.into_inner() [tuple.1] | test.rs:111:13:111:18 | TuplePat [tuple.1] | provenance | |
| test.rs:111:13:111:18 | TuplePat | test.rs:113:14:113:14 | a | provenance | |
| test.rs:111:13:111:18 | TuplePat | test.rs:114:14:114:14 | b | provenance | |
| test.rs:111:22:111:25 | path | test.rs:111:22:111:38 | path.into_inner() | provenance | MaD:6 |
| test.rs:111:22:111:38 | path.into_inner() | test.rs:111:13:111:18 | TuplePat | provenance | |
| test.rs:120:9:120:41 | ...: ...::Query::<...> | test.rs:122:14:122:14 | a | provenance | |
| test.rs:127:5:127:20 | to | test.rs:129:9:129:31 | ...: ...::Path::<...> | provenance | Src:MaD:4 |
| test.rs:129:9:129:31 | ...: ...::Path::<...> | test.rs:131:17:131:20 | path | provenance | |
| test.rs:131:13:131:13 | a | test.rs:132:14:132:14 | a | provenance | |
| test.rs:131:13:131:13 | a [tuple.0] | test.rs:132:14:132:14 | a | provenance | |
| test.rs:131:13:131:13 | a [tuple.1] | test.rs:132:14:132:14 | a | provenance | |
| test.rs:131:13:131:13 | a [tuple.2] | test.rs:132:14:132:14 | a | provenance | |
| test.rs:131:17:131:20 | path | test.rs:131:17:131:33 | path.into_inner() | provenance | MaD:9 |
| test.rs:131:17:131:20 | path | test.rs:131:17:131:33 | path.into_inner() [tuple.0] | provenance | MaD:6 |
| test.rs:131:17:131:20 | path | test.rs:131:17:131:33 | path.into_inner() [tuple.1] | provenance | MaD:7 |
| test.rs:131:17:131:20 | path | test.rs:131:17:131:33 | path.into_inner() [tuple.2] | provenance | MaD:8 |
| test.rs:131:17:131:20 | path | test.rs:131:17:131:33 | path.into_inner() | provenance | MaD:6 |
| test.rs:131:17:131:33 | path.into_inner() | test.rs:131:13:131:13 | a | provenance | |
| test.rs:131:17:131:33 | path.into_inner() [tuple.0] | test.rs:131:13:131:13 | a [tuple.0] | provenance | |
| test.rs:131:17:131:33 | path.into_inner() [tuple.1] | test.rs:131:13:131:13 | a [tuple.1] | provenance | |
| test.rs:131:17:131:33 | path.into_inner() [tuple.2] | test.rs:131:13:131:13 | a [tuple.2] | provenance | |
| test.rs:139:41:139:42 | to | test.rs:98:9:98:31 | ...: ...::Path::<...> | provenance | Src:MaD:5 |
| test.rs:140:45:140:46 | to | test.rs:109:9:109:41 | ...: ...::Path::<...> | provenance | Src:MaD:5 |
| test.rs:141:41:141:42 | to | test.rs:120:9:120:41 | ...: ...::Query::<...> | provenance | Src:MaD:5 |
| test.rs:242:33:242:35 | map | test.rs:242:38:242:46 | ...: String | provenance | Src:MaD:2 |
| test.rs:242:38:242:46 | ...: String | test.rs:244:18:244:18 | a | provenance | |
| test.rs:250:46:250:49 | then | test.rs:251:25:251:33 | ...: String | provenance | Src:MaD:3 |
@@ -86,53 +57,43 @@ nodes
| test.rs:14:14:14:14 | a | semmle.label | a |
| test.rs:14:14:14:25 | a.as_bytes() | semmle.label | a.as_bytes() |
| test.rs:15:14:15:14 | a | semmle.label | a |
| test.rs:22:14:22:19 | TuplePat | semmle.label | TuplePat |
| test.rs:24:14:24:14 | a | semmle.label | a |
| test.rs:25:14:25:14 | b | semmle.label | b |
| test.rs:48:14:48:30 | MyStruct {...} | semmle.label | MyStruct {...} |
| test.rs:50:14:50:14 | a | semmle.label | a |
| test.rs:51:14:51:14 | b | semmle.label | b |
| test.rs:58:14:58:15 | ms | semmle.label | ms |
| test.rs:60:14:60:17 | ms.a | semmle.label | ms.a |
| test.rs:61:14:61:17 | ms.b | semmle.label | ms.b |
| test.rs:68:15:68:15 | a | semmle.label | a |
| test.rs:70:14:70:14 | a | semmle.label | a |
| test.rs:98:9:98:31 | ...: ...::Path::<...> | semmle.label | ...: ...::Path::<...> |
| test.rs:100:13:100:13 | a | semmle.label | a |
| test.rs:100:13:100:13 | a [tuple.0] | semmle.label | a [tuple.0] |
| test.rs:100:13:100:13 | a [tuple.1] | semmle.label | a [tuple.1] |
| test.rs:100:13:100:13 | a [tuple.2] | semmle.label | a [tuple.2] |
| test.rs:100:17:100:20 | path | semmle.label | path |
| test.rs:100:17:100:33 | path.into_inner() | semmle.label | path.into_inner() |
| test.rs:100:17:100:33 | path.into_inner() [tuple.0] | semmle.label | path.into_inner() [tuple.0] |
| test.rs:100:17:100:33 | path.into_inner() [tuple.1] | semmle.label | path.into_inner() [tuple.1] |
| test.rs:100:17:100:33 | path.into_inner() [tuple.2] | semmle.label | path.into_inner() [tuple.2] |
| test.rs:101:14:101:14 | a | semmle.label | a |
| test.rs:101:14:101:14 | a [tuple.0] | semmle.label | a [tuple.0] |
| test.rs:101:14:101:14 | a [tuple.1] | semmle.label | a [tuple.1] |
| test.rs:101:14:101:14 | a [tuple.2] | semmle.label | a [tuple.2] |
| test.rs:101:14:101:23 | a.as_str() | semmle.label | a.as_str() |
| test.rs:102:14:102:14 | a | semmle.label | a |
| test.rs:102:14:102:14 | a [tuple.0] | semmle.label | a [tuple.0] |
| test.rs:102:14:102:14 | a [tuple.1] | semmle.label | a [tuple.1] |
| test.rs:102:14:102:14 | a [tuple.2] | semmle.label | a [tuple.2] |
| test.rs:102:14:102:25 | a.as_bytes() | semmle.label | a.as_bytes() |
| test.rs:103:14:103:14 | a | semmle.label | a |
| test.rs:109:9:109:41 | ...: ...::Path::<...> | semmle.label | ...: ...::Path::<...> |
| test.rs:111:13:111:18 | TuplePat [tuple.0] | semmle.label | TuplePat [tuple.0] |
| test.rs:111:13:111:18 | TuplePat [tuple.1] | semmle.label | TuplePat [tuple.1] |
| test.rs:111:14:111:14 | a | semmle.label | a |
| test.rs:111:17:111:17 | b | semmle.label | b |
| test.rs:111:13:111:18 | TuplePat | semmle.label | TuplePat |
| test.rs:111:22:111:25 | path | semmle.label | path |
| test.rs:111:22:111:38 | path.into_inner() [tuple.0] | semmle.label | path.into_inner() [tuple.0] |
| test.rs:111:22:111:38 | path.into_inner() [tuple.1] | semmle.label | path.into_inner() [tuple.1] |
| test.rs:111:22:111:38 | path.into_inner() | semmle.label | path.into_inner() |
| test.rs:113:14:113:14 | a | semmle.label | a |
| test.rs:114:14:114:14 | b | semmle.label | b |
| test.rs:120:9:120:41 | ...: ...::Query::<...> | semmle.label | ...: ...::Query::<...> |
| test.rs:122:14:122:14 | a | semmle.label | a |
| test.rs:127:5:127:20 | to | semmle.label | to |
| test.rs:129:9:129:31 | ...: ...::Path::<...> | semmle.label | ...: ...::Path::<...> |
| test.rs:131:13:131:13 | a | semmle.label | a |
| test.rs:131:13:131:13 | a [tuple.0] | semmle.label | a [tuple.0] |
| test.rs:131:13:131:13 | a [tuple.1] | semmle.label | a [tuple.1] |
| test.rs:131:13:131:13 | a [tuple.2] | semmle.label | a [tuple.2] |
| test.rs:131:17:131:20 | path | semmle.label | path |
| test.rs:131:17:131:33 | path.into_inner() | semmle.label | path.into_inner() |
| test.rs:131:17:131:33 | path.into_inner() [tuple.0] | semmle.label | path.into_inner() [tuple.0] |
| test.rs:131:17:131:33 | path.into_inner() [tuple.1] | semmle.label | path.into_inner() [tuple.1] |
| test.rs:131:17:131:33 | path.into_inner() [tuple.2] | semmle.label | path.into_inner() [tuple.2] |
| test.rs:132:14:132:14 | a | semmle.label | a |
| test.rs:139:41:139:42 | to | semmle.label | to |
| test.rs:140:45:140:46 | to | semmle.label | to |
| test.rs:141:41:141:42 | to | semmle.label | to |
| test.rs:242:33:242:35 | map | semmle.label | map |
| test.rs:242:38:242:46 | ...: String | semmle.label | ...: String |
| test.rs:244:18:244:18 | a | semmle.label | a |
@@ -151,12 +112,19 @@ testFailures
| test.rs:13:14:13:23 | a.as_str() | test.rs:11:31:11:31 | a | test.rs:13:14:13:23 | a.as_str() | $@ | test.rs:11:31:11:31 | a | a |
| test.rs:14:14:14:25 | a.as_bytes() | test.rs:11:31:11:31 | a | test.rs:14:14:14:25 | a.as_bytes() | $@ | test.rs:11:31:11:31 | a | a |
| test.rs:15:14:15:14 | a | test.rs:11:31:11:31 | a | test.rs:15:14:15:14 | a | $@ | test.rs:11:31:11:31 | a | a |
| test.rs:24:14:24:14 | a | test.rs:22:14:22:19 | TuplePat | test.rs:24:14:24:14 | a | $@ | test.rs:22:14:22:19 | TuplePat | TuplePat |
| test.rs:25:14:25:14 | b | test.rs:22:14:22:19 | TuplePat | test.rs:25:14:25:14 | b | $@ | test.rs:22:14:22:19 | TuplePat | TuplePat |
| test.rs:50:14:50:14 | a | test.rs:48:14:48:30 | MyStruct {...} | test.rs:50:14:50:14 | a | $@ | test.rs:48:14:48:30 | MyStruct {...} | MyStruct {...} |
| test.rs:51:14:51:14 | b | test.rs:48:14:48:30 | MyStruct {...} | test.rs:51:14:51:14 | b | $@ | test.rs:48:14:48:30 | MyStruct {...} | MyStruct {...} |
| test.rs:60:14:60:17 | ms.a | test.rs:58:14:58:15 | ms | test.rs:60:14:60:17 | ms.a | $@ | test.rs:58:14:58:15 | ms | ms |
| test.rs:61:14:61:17 | ms.b | test.rs:58:14:58:15 | ms | test.rs:61:14:61:17 | ms.b | $@ | test.rs:58:14:58:15 | ms | ms |
| test.rs:70:14:70:14 | a | test.rs:68:15:68:15 | a | test.rs:70:14:70:14 | a | $@ | test.rs:68:15:68:15 | a | a |
| test.rs:101:14:101:23 | a.as_str() | test.rs:139:41:139:42 | to | test.rs:101:14:101:23 | a.as_str() | $@ | test.rs:139:41:139:42 | to | to |
| test.rs:102:14:102:25 | a.as_bytes() | test.rs:139:41:139:42 | to | test.rs:102:14:102:25 | a.as_bytes() | $@ | test.rs:139:41:139:42 | to | to |
| test.rs:103:14:103:14 | a | test.rs:139:41:139:42 | to | test.rs:103:14:103:14 | a | $@ | test.rs:139:41:139:42 | to | to |
| test.rs:113:14:113:14 | a | test.rs:140:45:140:46 | to | test.rs:113:14:113:14 | a | $@ | test.rs:140:45:140:46 | to | to |
| test.rs:114:14:114:14 | b | test.rs:140:45:140:46 | to | test.rs:114:14:114:14 | b | $@ | test.rs:140:45:140:46 | to | to |
| test.rs:122:14:122:14 | a | test.rs:141:41:141:42 | to | test.rs:122:14:122:14 | a | $@ | test.rs:141:41:141:42 | to | to |
| test.rs:132:14:132:14 | a | test.rs:127:5:127:20 | to | test.rs:132:14:132:14 | a | $@ | test.rs:127:5:127:20 | to | to |
| test.rs:244:18:244:18 | a | test.rs:242:33:242:35 | map | test.rs:244:18:244:18 | a | $@ | test.rs:242:33:242:35 | map | map |
| test.rs:252:22:252:22 | a | test.rs:250:46:250:49 | then | test.rs:252:22:252:22 | a | $@ | test.rs:250:46:250:49 | then | then |

14
rust/ql/test/library-tests/dataflow/sources/web_frameworks/test.rs
View File

@@ -21,8 +21,8 @@ mod poem_test {
fn my_poem_handler_2(
Path((a, b)): Path<(String, String)>, // $ Alert[rust/summary/taint-sources]
) -> String {
sink(a); // $ MISSING: hasTaintFlow
sink(b); // $ MISSING: hasTaintFlow
sink(a); // $ hasTaintFlow
sink(b); // $ hasTaintFlow
"".to_string()
}
@@ -47,8 +47,8 @@ mod poem_test {
fn my_poem_handler_4(
Path(MyStruct { a, b }): Path<MyStruct>, // $ Alert[rust/summary/taint-sources]
) -> String {
sink(a); // $ MISSING: hasTaintFlow
sink(b); // $ MISSING: hasTaintFlow
sink(a); // $ hasTaintFlow
sink(b); // $ hasTaintFlow
"".to_string()
}
@@ -57,8 +57,8 @@ mod poem_test {
fn my_poem_handler_5(
Path(ms): Path<MyStruct>, // $ Alert[rust/summary/taint-sources]
) -> String {
sink(ms.a); // $ MISSING: hasTaintFlow
sink(ms.b); // $ MISSING: hasTaintFlow
sink(ms.a); // $ hasTaintFlow
sink(ms.b); // $ hasTaintFlow
"".to_string()
}
@@ -119,7 +119,7 @@ mod actix_test {
async fn my_actix_handler_3(
web::Query(a): web::Query<String>,
) -> String {
sink(a); // $ MISSING: hasTaintFlow
sink(a); // $ hasTaintFlow=my_actix_handler_3
"".to_string()
}

26
rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected
View File

@@ -113,6 +113,18 @@ edges
| lifetime.rs:305:15:305:37 | get_pointer_from_enum(...) | lifetime.rs:305:6:305:11 | result | provenance | |
| lifetime.rs:313:10:313:29 | ...::Pointer(...) [Pointer] | lifetime.rs:313:27:313:28 | p2 | provenance | |
| lifetime.rs:313:27:313:28 | p2 | lifetime.rs:314:23:314:24 | p2 | provenance | |
| lifetime.rs:332:6:332:13 | mut ref1 | lifetime.rs:338:9:338:35 | ...::Pointer(...) | provenance | |
| lifetime.rs:332:17:332:22 | &enum1 | lifetime.rs:332:6:332:13 | mut ref1 | provenance | |
| lifetime.rs:336:3:336:6 | ref1 | lifetime.rs:338:9:338:35 | ...::Pointer(...) | provenance | |
| lifetime.rs:336:10:336:15 | &inner | lifetime.rs:336:3:336:6 | ref1 | provenance | |
| lifetime.rs:338:9:338:35 | ...::Pointer(...) | lifetime.rs:339:27:339:30 | * ... | provenance | |
| lifetime.rs:338:9:338:35 | ...::Pointer(...) | lifetime.rs:339:28:339:30 | ptr | provenance | |
| lifetime.rs:348:6:348:13 | mut ref1 | lifetime.rs:354:9:354:35 | ...::Pointer(...) | provenance | |
| lifetime.rs:348:17:348:22 | &enum1 | lifetime.rs:348:6:348:13 | mut ref1 | provenance | |
| lifetime.rs:352:3:352:6 | ref1 | lifetime.rs:354:9:354:35 | ...::Pointer(...) | provenance | |
| lifetime.rs:352:10:352:15 | &inner | lifetime.rs:352:3:352:6 | ref1 | provenance | |
| lifetime.rs:354:9:354:35 | ...::Pointer(...) | lifetime.rs:355:27:355:30 | * ... | provenance | |
| lifetime.rs:354:9:354:35 | ...::Pointer(...) | lifetime.rs:355:28:355:30 | ptr | provenance | |
| lifetime.rs:383:3:383:4 | p1 | lifetime.rs:388:15:388:16 | p1 | provenance | |
| lifetime.rs:383:3:383:4 | p1 | lifetime.rs:391:15:391:16 | p1 | provenance | |
| lifetime.rs:383:3:383:4 | p1 | lifetime.rs:399:6:399:7 | p1 | provenance | |
@@ -265,6 +277,20 @@ nodes
| lifetime.rs:313:27:313:28 | p2 | semmle.label | p2 |
| lifetime.rs:314:23:314:24 | p2 | semmle.label | p2 |
| lifetime.rs:317:13:317:18 | result | semmle.label | result |
| lifetime.rs:332:6:332:13 | mut ref1 | semmle.label | mut ref1 |
| lifetime.rs:332:17:332:22 | &enum1 | semmle.label | &enum1 |
| lifetime.rs:336:3:336:6 | ref1 | semmle.label | ref1 |
| lifetime.rs:336:10:336:15 | &inner | semmle.label | &inner |
| lifetime.rs:338:9:338:35 | ...::Pointer(...) | semmle.label | ...::Pointer(...) |
| lifetime.rs:339:27:339:30 | * ... | semmle.label | * ... |
| lifetime.rs:339:28:339:30 | ptr | semmle.label | ptr |
| lifetime.rs:348:6:348:13 | mut ref1 | semmle.label | mut ref1 |
| lifetime.rs:348:17:348:22 | &enum1 | semmle.label | &enum1 |
| lifetime.rs:352:3:352:6 | ref1 | semmle.label | ref1 |
| lifetime.rs:352:10:352:15 | &inner | semmle.label | &inner |
| lifetime.rs:354:9:354:35 | ...::Pointer(...) | semmle.label | ...::Pointer(...) |
| lifetime.rs:355:27:355:30 | * ... | semmle.label | * ... |
| lifetime.rs:355:28:355:30 | ptr | semmle.label | ptr |
| lifetime.rs:383:3:383:4 | p1 | semmle.label | p1 |
| lifetime.rs:383:31:383:37 | &raw mut my_pair | semmle.label | &raw mut my_pair |
| lifetime.rs:388:15:388:16 | p1 | semmle.label | p1 |