Rust: Update tests and expected files

2026-04-30 11:15:13 +02:00 · 2025-11-21 12:28:04 +01:00
parent 0f97e7e29d
commit 047ea10a9a
9 changed files with 175 additions and 114 deletions
--- a/rust/ql/test/library-tests/dataflow/sources/web_frameworks/InlineFlow.expected
+++ b/rust/ql/test/library-tests/dataflow/sources/web_frameworks/InlineFlow.expected
@@ -4,73 +4,44 @@ models
 | 3 | Source: <_ as warp::filter::Filter>::then; Argument[0].Parameter[0..7]; remote |
 | 4 | Source: <actix_web::resource::Resource>::to; Argument[0].Parameter[0..7]; remote |
 | 5 | Source: <actix_web::route::Route>::to; Argument[0].Parameter[0..7]; remote |
-| 6 | Summary: <actix_web::types::path::Path>::into_inner; Argument[self]; ReturnValue.Field[0]; taint |
-| 7 | Summary: <actix_web::types::path::Path>::into_inner; Argument[self]; ReturnValue.Field[1]; taint |
-| 8 | Summary: <actix_web::types::path::Path>::into_inner; Argument[self]; ReturnValue.Field[2]; taint |
-| 9 | Summary: <actix_web::types::path::Path>::into_inner; Argument[self]; ReturnValue; taint |
-| 10 | Summary: <alloc::string::String>::as_bytes; Argument[self]; ReturnValue; value |
-| 11 | Summary: <alloc::string::String>::as_str; Argument[self]; ReturnValue; value |
+| 6 | Summary: <actix_web::types::path::Path>::into_inner; Argument[self]; ReturnValue; taint |
+| 7 | Summary: <alloc::string::String>::as_bytes; Argument[self]; ReturnValue; value |
+| 8 | Summary: <alloc::string::String>::as_str; Argument[self]; ReturnValue; value |
 edges
 | test.rs:11:31:11:31 | a | test.rs:13:14:13:14 | a | provenance |  |
 | test.rs:11:31:11:31 | a | test.rs:14:14:14:14 | a | provenance |  |
 | test.rs:11:31:11:31 | a | test.rs:15:14:15:14 | a | provenance |  |
-| test.rs:13:14:13:14 | a | test.rs:13:14:13:23 | a.as_str() | provenance | MaD:11 |
-| test.rs:14:14:14:14 | a | test.rs:14:14:14:25 | a.as_bytes() | provenance | MaD:10 |
+| test.rs:13:14:13:14 | a | test.rs:13:14:13:23 | a.as_str() | provenance | MaD:8 |
+| test.rs:14:14:14:14 | a | test.rs:14:14:14:25 | a.as_bytes() | provenance | MaD:7 |
+| test.rs:22:14:22:19 | TuplePat | test.rs:24:14:24:14 | a | provenance |  |
+| test.rs:22:14:22:19 | TuplePat | test.rs:25:14:25:14 | b | provenance |  |
+| test.rs:48:14:48:30 | MyStruct {...} | test.rs:50:14:50:14 | a | provenance |  |
+| test.rs:48:14:48:30 | MyStruct {...} | test.rs:51:14:51:14 | b | provenance |  |
+| test.rs:58:14:58:15 | ms | test.rs:60:14:60:17 | ms.a | provenance |  |
+| test.rs:58:14:58:15 | ms | test.rs:61:14:61:17 | ms.b | provenance |  |
 | test.rs:68:15:68:15 | a | test.rs:70:14:70:14 | a | provenance |  |
 | test.rs:98:9:98:31 | ...: ...::Path::<...> | test.rs:100:17:100:20 | path | provenance |  |
 | test.rs:100:13:100:13 | a | test.rs:101:14:101:14 | a | provenance |  |
 | test.rs:100:13:100:13 | a | test.rs:102:14:102:14 | a | provenance |  |
 | test.rs:100:13:100:13 | a | test.rs:103:14:103:14 | a | provenance |  |
-| test.rs:100:13:100:13 | a [tuple.0] | test.rs:101:14:101:14 | a [tuple.0] | provenance |  |
-| test.rs:100:13:100:13 | a [tuple.0] | test.rs:102:14:102:14 | a [tuple.0] | provenance |  |
-| test.rs:100:13:100:13 | a [tuple.0] | test.rs:103:14:103:14 | a | provenance |  |
-| test.rs:100:13:100:13 | a [tuple.1] | test.rs:101:14:101:14 | a [tuple.1] | provenance |  |
-| test.rs:100:13:100:13 | a [tuple.1] | test.rs:102:14:102:14 | a [tuple.1] | provenance |  |
-| test.rs:100:13:100:13 | a [tuple.1] | test.rs:103:14:103:14 | a | provenance |  |
-| test.rs:100:13:100:13 | a [tuple.2] | test.rs:101:14:101:14 | a [tuple.2] | provenance |  |
-| test.rs:100:13:100:13 | a [tuple.2] | test.rs:102:14:102:14 | a [tuple.2] | provenance |  |
-| test.rs:100:13:100:13 | a [tuple.2] | test.rs:103:14:103:14 | a | provenance |  |
-| test.rs:100:17:100:20 | path | test.rs:100:17:100:33 | path.into_inner() | provenance | MaD:9 |
-| test.rs:100:17:100:20 | path | test.rs:100:17:100:33 | path.into_inner() [tuple.0] | provenance | MaD:6 |
-| test.rs:100:17:100:20 | path | test.rs:100:17:100:33 | path.into_inner() [tuple.1] | provenance | MaD:7 |
-| test.rs:100:17:100:20 | path | test.rs:100:17:100:33 | path.into_inner() [tuple.2] | provenance | MaD:8 |
+| test.rs:100:17:100:20 | path | test.rs:100:17:100:33 | path.into_inner() | provenance | MaD:6 |
 | test.rs:100:17:100:33 | path.into_inner() | test.rs:100:13:100:13 | a | provenance |  |
-| test.rs:100:17:100:33 | path.into_inner() [tuple.0] | test.rs:100:13:100:13 | a [tuple.0] | provenance |  |
-| test.rs:100:17:100:33 | path.into_inner() [tuple.1] | test.rs:100:13:100:13 | a [tuple.1] | provenance |  |
-| test.rs:100:17:100:33 | path.into_inner() [tuple.2] | test.rs:100:13:100:13 | a [tuple.2] | provenance |  |
-| test.rs:101:14:101:14 | a | test.rs:101:14:101:23 | a.as_str() | provenance | MaD:11 |
-| test.rs:101:14:101:14 | a [tuple.0] | test.rs:101:14:101:23 | a.as_str() | provenance | MaD:11 |
-| test.rs:101:14:101:14 | a [tuple.1] | test.rs:101:14:101:23 | a.as_str() | provenance | MaD:11 |
-| test.rs:101:14:101:14 | a [tuple.2] | test.rs:101:14:101:23 | a.as_str() | provenance | MaD:11 |
-| test.rs:102:14:102:14 | a | test.rs:102:14:102:25 | a.as_bytes() | provenance | MaD:10 |
-| test.rs:102:14:102:14 | a [tuple.0] | test.rs:102:14:102:25 | a.as_bytes() | provenance | MaD:10 |
-| test.rs:102:14:102:14 | a [tuple.1] | test.rs:102:14:102:25 | a.as_bytes() | provenance | MaD:10 |
-| test.rs:102:14:102:14 | a [tuple.2] | test.rs:102:14:102:25 | a.as_bytes() | provenance | MaD:10 |
+| test.rs:101:14:101:14 | a | test.rs:101:14:101:23 | a.as_str() | provenance | MaD:8 |
+| test.rs:102:14:102:14 | a | test.rs:102:14:102:25 | a.as_bytes() | provenance | MaD:7 |
 | test.rs:109:9:109:41 | ...: ...::Path::<...> | test.rs:111:22:111:25 | path | provenance |  |
-| test.rs:111:13:111:18 | TuplePat [tuple.0] | test.rs:111:14:111:14 | a | provenance |  |
-| test.rs:111:13:111:18 | TuplePat [tuple.1] | test.rs:111:17:111:17 | b | provenance |  |
-| test.rs:111:14:111:14 | a | test.rs:113:14:113:14 | a | provenance |  |
-| test.rs:111:17:111:17 | b | test.rs:114:14:114:14 | b | provenance |  |
-| test.rs:111:22:111:25 | path | test.rs:111:22:111:38 | path.into_inner() [tuple.0] | provenance | MaD:6 |
-| test.rs:111:22:111:25 | path | test.rs:111:22:111:38 | path.into_inner() [tuple.1] | provenance | MaD:7 |
-| test.rs:111:22:111:38 | path.into_inner() [tuple.0] | test.rs:111:13:111:18 | TuplePat [tuple.0] | provenance |  |
-| test.rs:111:22:111:38 | path.into_inner() [tuple.1] | test.rs:111:13:111:18 | TuplePat [tuple.1] | provenance |  |
+| test.rs:111:13:111:18 | TuplePat | test.rs:113:14:113:14 | a | provenance |  |
+| test.rs:111:13:111:18 | TuplePat | test.rs:114:14:114:14 | b | provenance |  |
+| test.rs:111:22:111:25 | path | test.rs:111:22:111:38 | path.into_inner() | provenance | MaD:6 |
+| test.rs:111:22:111:38 | path.into_inner() | test.rs:111:13:111:18 | TuplePat | provenance |  |
+| test.rs:120:9:120:41 | ...: ...::Query::<...> | test.rs:122:14:122:14 | a | provenance |  |
 | test.rs:127:5:127:20 | to | test.rs:129:9:129:31 | ...: ...::Path::<...> | provenance | Src:MaD:4  |
 | test.rs:129:9:129:31 | ...: ...::Path::<...> | test.rs:131:17:131:20 | path | provenance |  |
 | test.rs:131:13:131:13 | a | test.rs:132:14:132:14 | a | provenance |  |
-| test.rs:131:13:131:13 | a [tuple.0] | test.rs:132:14:132:14 | a | provenance |  |
-| test.rs:131:13:131:13 | a [tuple.1] | test.rs:132:14:132:14 | a | provenance |  |
-| test.rs:131:13:131:13 | a [tuple.2] | test.rs:132:14:132:14 | a | provenance |  |
-| test.rs:131:17:131:20 | path | test.rs:131:17:131:33 | path.into_inner() | provenance | MaD:9 |
-| test.rs:131:17:131:20 | path | test.rs:131:17:131:33 | path.into_inner() [tuple.0] | provenance | MaD:6 |
-| test.rs:131:17:131:20 | path | test.rs:131:17:131:33 | path.into_inner() [tuple.1] | provenance | MaD:7 |
-| test.rs:131:17:131:20 | path | test.rs:131:17:131:33 | path.into_inner() [tuple.2] | provenance | MaD:8 |
+| test.rs:131:17:131:20 | path | test.rs:131:17:131:33 | path.into_inner() | provenance | MaD:6 |
 | test.rs:131:17:131:33 | path.into_inner() | test.rs:131:13:131:13 | a | provenance |  |
-| test.rs:131:17:131:33 | path.into_inner() [tuple.0] | test.rs:131:13:131:13 | a [tuple.0] | provenance |  |
-| test.rs:131:17:131:33 | path.into_inner() [tuple.1] | test.rs:131:13:131:13 | a [tuple.1] | provenance |  |
-| test.rs:131:17:131:33 | path.into_inner() [tuple.2] | test.rs:131:13:131:13 | a [tuple.2] | provenance |  |
 | test.rs:139:41:139:42 | to | test.rs:98:9:98:31 | ...: ...::Path::<...> | provenance | Src:MaD:5  |
 | test.rs:140:45:140:46 | to | test.rs:109:9:109:41 | ...: ...::Path::<...> | provenance | Src:MaD:5  |
+| test.rs:141:41:141:42 | to | test.rs:120:9:120:41 | ...: ...::Query::<...> | provenance | Src:MaD:5  |
 | test.rs:242:33:242:35 | map | test.rs:242:38:242:46 | ...: String | provenance | Src:MaD:2  |
 | test.rs:242:38:242:46 | ...: String | test.rs:244:18:244:18 | a | provenance |  |
 | test.rs:250:46:250:49 | then | test.rs:251:25:251:33 | ...: String | provenance | Src:MaD:3  |
@@ -86,53 +57,43 @@ nodes
 | test.rs:14:14:14:14 | a | semmle.label | a |
 | test.rs:14:14:14:25 | a.as_bytes() | semmle.label | a.as_bytes() |
 | test.rs:15:14:15:14 | a | semmle.label | a |
+| test.rs:22:14:22:19 | TuplePat | semmle.label | TuplePat |
+| test.rs:24:14:24:14 | a | semmle.label | a |
+| test.rs:25:14:25:14 | b | semmle.label | b |
+| test.rs:48:14:48:30 | MyStruct {...} | semmle.label | MyStruct {...} |
+| test.rs:50:14:50:14 | a | semmle.label | a |
+| test.rs:51:14:51:14 | b | semmle.label | b |
+| test.rs:58:14:58:15 | ms | semmle.label | ms |
+| test.rs:60:14:60:17 | ms.a | semmle.label | ms.a |
+| test.rs:61:14:61:17 | ms.b | semmle.label | ms.b |
 | test.rs:68:15:68:15 | a | semmle.label | a |
 | test.rs:70:14:70:14 | a | semmle.label | a |
 | test.rs:98:9:98:31 | ...: ...::Path::<...> | semmle.label | ...: ...::Path::<...> |
 | test.rs:100:13:100:13 | a | semmle.label | a |
-| test.rs:100:13:100:13 | a [tuple.0] | semmle.label | a [tuple.0] |
-| test.rs:100:13:100:13 | a [tuple.1] | semmle.label | a [tuple.1] |
-| test.rs:100:13:100:13 | a [tuple.2] | semmle.label | a [tuple.2] |
 | test.rs:100:17:100:20 | path | semmle.label | path |
 | test.rs:100:17:100:33 | path.into_inner() | semmle.label | path.into_inner() |
-| test.rs:100:17:100:33 | path.into_inner() [tuple.0] | semmle.label | path.into_inner() [tuple.0] |
-| test.rs:100:17:100:33 | path.into_inner() [tuple.1] | semmle.label | path.into_inner() [tuple.1] |
-| test.rs:100:17:100:33 | path.into_inner() [tuple.2] | semmle.label | path.into_inner() [tuple.2] |
 | test.rs:101:14:101:14 | a | semmle.label | a |
-| test.rs:101:14:101:14 | a [tuple.0] | semmle.label | a [tuple.0] |
-| test.rs:101:14:101:14 | a [tuple.1] | semmle.label | a [tuple.1] |
-| test.rs:101:14:101:14 | a [tuple.2] | semmle.label | a [tuple.2] |
 | test.rs:101:14:101:23 | a.as_str() | semmle.label | a.as_str() |
 | test.rs:102:14:102:14 | a | semmle.label | a |
-| test.rs:102:14:102:14 | a [tuple.0] | semmle.label | a [tuple.0] |
-| test.rs:102:14:102:14 | a [tuple.1] | semmle.label | a [tuple.1] |
-| test.rs:102:14:102:14 | a [tuple.2] | semmle.label | a [tuple.2] |
 | test.rs:102:14:102:25 | a.as_bytes() | semmle.label | a.as_bytes() |
 | test.rs:103:14:103:14 | a | semmle.label | a |
 | test.rs:109:9:109:41 | ...: ...::Path::<...> | semmle.label | ...: ...::Path::<...> |
-| test.rs:111:13:111:18 | TuplePat [tuple.0] | semmle.label | TuplePat [tuple.0] |
-| test.rs:111:13:111:18 | TuplePat [tuple.1] | semmle.label | TuplePat [tuple.1] |
-| test.rs:111:14:111:14 | a | semmle.label | a |
-| test.rs:111:17:111:17 | b | semmle.label | b |
+| test.rs:111:13:111:18 | TuplePat | semmle.label | TuplePat |
 | test.rs:111:22:111:25 | path | semmle.label | path |
-| test.rs:111:22:111:38 | path.into_inner() [tuple.0] | semmle.label | path.into_inner() [tuple.0] |
-| test.rs:111:22:111:38 | path.into_inner() [tuple.1] | semmle.label | path.into_inner() [tuple.1] |
+| test.rs:111:22:111:38 | path.into_inner() | semmle.label | path.into_inner() |
 | test.rs:113:14:113:14 | a | semmle.label | a |
 | test.rs:114:14:114:14 | b | semmle.label | b |
+| test.rs:120:9:120:41 | ...: ...::Query::<...> | semmle.label | ...: ...::Query::<...> |
+| test.rs:122:14:122:14 | a | semmle.label | a |
 | test.rs:127:5:127:20 | to | semmle.label | to |
 | test.rs:129:9:129:31 | ...: ...::Path::<...> | semmle.label | ...: ...::Path::<...> |
 | test.rs:131:13:131:13 | a | semmle.label | a |
-| test.rs:131:13:131:13 | a [tuple.0] | semmle.label | a [tuple.0] |
-| test.rs:131:13:131:13 | a [tuple.1] | semmle.label | a [tuple.1] |
-| test.rs:131:13:131:13 | a [tuple.2] | semmle.label | a [tuple.2] |
 | test.rs:131:17:131:20 | path | semmle.label | path |
 | test.rs:131:17:131:33 | path.into_inner() | semmle.label | path.into_inner() |
-| test.rs:131:17:131:33 | path.into_inner() [tuple.0] | semmle.label | path.into_inner() [tuple.0] |
-| test.rs:131:17:131:33 | path.into_inner() [tuple.1] | semmle.label | path.into_inner() [tuple.1] |
-| test.rs:131:17:131:33 | path.into_inner() [tuple.2] | semmle.label | path.into_inner() [tuple.2] |
 | test.rs:132:14:132:14 | a | semmle.label | a |
 | test.rs:139:41:139:42 | to | semmle.label | to |
 | test.rs:140:45:140:46 | to | semmle.label | to |
+| test.rs:141:41:141:42 | to | semmle.label | to |
 | test.rs:242:33:242:35 | map | semmle.label | map |
 | test.rs:242:38:242:46 | ...: String | semmle.label | ...: String |
 | test.rs:244:18:244:18 | a | semmle.label | a |
@@ -151,12 +112,19 @@ testFailures
 | test.rs:13:14:13:23 | a.as_str() | test.rs:11:31:11:31 | a | test.rs:13:14:13:23 | a.as_str() | $@ | test.rs:11:31:11:31 | a | a |
 | test.rs:14:14:14:25 | a.as_bytes() | test.rs:11:31:11:31 | a | test.rs:14:14:14:25 | a.as_bytes() | $@ | test.rs:11:31:11:31 | a | a |
 | test.rs:15:14:15:14 | a | test.rs:11:31:11:31 | a | test.rs:15:14:15:14 | a | $@ | test.rs:11:31:11:31 | a | a |
+| test.rs:24:14:24:14 | a | test.rs:22:14:22:19 | TuplePat | test.rs:24:14:24:14 | a | $@ | test.rs:22:14:22:19 | TuplePat | TuplePat |
+| test.rs:25:14:25:14 | b | test.rs:22:14:22:19 | TuplePat | test.rs:25:14:25:14 | b | $@ | test.rs:22:14:22:19 | TuplePat | TuplePat |
+| test.rs:50:14:50:14 | a | test.rs:48:14:48:30 | MyStruct {...} | test.rs:50:14:50:14 | a | $@ | test.rs:48:14:48:30 | MyStruct {...} | MyStruct {...} |
+| test.rs:51:14:51:14 | b | test.rs:48:14:48:30 | MyStruct {...} | test.rs:51:14:51:14 | b | $@ | test.rs:48:14:48:30 | MyStruct {...} | MyStruct {...} |
+| test.rs:60:14:60:17 | ms.a | test.rs:58:14:58:15 | ms | test.rs:60:14:60:17 | ms.a | $@ | test.rs:58:14:58:15 | ms | ms |
+| test.rs:61:14:61:17 | ms.b | test.rs:58:14:58:15 | ms | test.rs:61:14:61:17 | ms.b | $@ | test.rs:58:14:58:15 | ms | ms |
 | test.rs:70:14:70:14 | a | test.rs:68:15:68:15 | a | test.rs:70:14:70:14 | a | $@ | test.rs:68:15:68:15 | a | a |
 | test.rs:101:14:101:23 | a.as_str() | test.rs:139:41:139:42 | to | test.rs:101:14:101:23 | a.as_str() | $@ | test.rs:139:41:139:42 | to | to |
 | test.rs:102:14:102:25 | a.as_bytes() | test.rs:139:41:139:42 | to | test.rs:102:14:102:25 | a.as_bytes() | $@ | test.rs:139:41:139:42 | to | to |
 | test.rs:103:14:103:14 | a | test.rs:139:41:139:42 | to | test.rs:103:14:103:14 | a | $@ | test.rs:139:41:139:42 | to | to |
 | test.rs:113:14:113:14 | a | test.rs:140:45:140:46 | to | test.rs:113:14:113:14 | a | $@ | test.rs:140:45:140:46 | to | to |
 | test.rs:114:14:114:14 | b | test.rs:140:45:140:46 | to | test.rs:114:14:114:14 | b | $@ | test.rs:140:45:140:46 | to | to |
+| test.rs:122:14:122:14 | a | test.rs:141:41:141:42 | to | test.rs:122:14:122:14 | a | $@ | test.rs:141:41:141:42 | to | to |
 | test.rs:132:14:132:14 | a | test.rs:127:5:127:20 | to | test.rs:132:14:132:14 | a | $@ | test.rs:127:5:127:20 | to | to |
 | test.rs:244:18:244:18 | a | test.rs:242:33:242:35 | map | test.rs:244:18:244:18 | a | $@ | test.rs:242:33:242:35 | map | map |
 | test.rs:252:22:252:22 | a | test.rs:250:46:250:49 | then | test.rs:252:22:252:22 | a | $@ | test.rs:250:46:250:49 | then | then |
--- a/rust/ql/test/library-tests/dataflow/sources/web_frameworks/test.rs
+++ b/rust/ql/test/library-tests/dataflow/sources/web_frameworks/test.rs
@@ -21,8 +21,8 @@ mod poem_test {
    fn my_poem_handler_2(
        Path((a, b)): Path<(String, String)>, // $ Alert[rust/summary/taint-sources]
    ) -> String {
-        sink(a); // $ MISSING: hasTaintFlow
-        sink(b); // $ MISSING: hasTaintFlow
+        sink(a); // $ hasTaintFlow
+        sink(b); // $ hasTaintFlow

        "".to_string()
    }
@@ -47,8 +47,8 @@ mod poem_test {
    fn my_poem_handler_4(
        Path(MyStruct { a, b }): Path<MyStruct>, // $ Alert[rust/summary/taint-sources]
    ) -> String {
-        sink(a); // $ MISSING: hasTaintFlow
-        sink(b); // $ MISSING: hasTaintFlow
+        sink(a); // $ hasTaintFlow
+        sink(b); // $ hasTaintFlow

        "".to_string()
    }
@@ -57,8 +57,8 @@ mod poem_test {
    fn my_poem_handler_5(
        Path(ms): Path<MyStruct>, // $ Alert[rust/summary/taint-sources]
    ) -> String {
-        sink(ms.a); // $ MISSING: hasTaintFlow
-        sink(ms.b); // $ MISSING: hasTaintFlow
+        sink(ms.a); // $ hasTaintFlow
+        sink(ms.b); // $ hasTaintFlow

        "".to_string()
    }
@@ -119,7 +119,7 @@ mod actix_test {
    async fn my_actix_handler_3(
        web::Query(a): web::Query<String>,
    ) -> String {
-        sink(a); // $ MISSING: hasTaintFlow
+        sink(a); // $ hasTaintFlow=my_actix_handler_3

        "".to_string()
    }