hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-14 11:19:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rust: Add test cases for xmlReadFd, xmlCtxtReadFile that were stubbed but not used.

Browse Source
This commit is contained in:
Geoffrey White
2026-02-24 16:43:58 +00:00
parent bd195e59a5
commit 0cb077cd66
2 changed files with 144 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

221
rust/ql/test/query-tests/security/CWE-611/Xxe.expected
View File

@@ -1,98 +1,133 @@
#select
| main.rs:68:19:68:26 | user_xml | main.rs:132:20:132:33 | ...::args | main.rs:68:19:68:26 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:132:20:132:33 | ...::args | user-provided value |
| main.rs:73:19:73:26 | user_xml | main.rs:132:20:132:33 | ...::args | main.rs:73:19:73:26 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:132:20:132:33 | ...::args | user-provided value |
| main.rs:78:19:78:26 | user_xml | main.rs:132:20:132:33 | ...::args | main.rs:78:19:78:26 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:132:20:132:33 | ...::args | user-provided value |
| main.rs:83:17:83:29 | user_filename | main.rs:133:25:133:38 | ...::args | main.rs:83:17:83:29 | user_filename | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:133:25:133:38 | ...::args | user-provided value |
| main.rs:88:16:88:23 | user_xml | main.rs:132:20:132:33 | ...::args | main.rs:88:16:88:23 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:132:20:132:33 | ...::args | user-provided value |
| main.rs:93:42:93:49 | user_xml | main.rs:132:20:132:33 | ...::args | main.rs:93:42:93:49 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:132:20:132:33 | ...::args | user-provided value |
| main.rs:100:9:100:16 | user_xml | main.rs:132:20:132:33 | ...::args | main.rs:100:9:100:16 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:132:20:132:33 | ...::args | user-provided value |
| main.rs:110:19:110:26 | user_xml | main.rs:132:20:132:33 | ...::args | main.rs:110:19:110:26 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:132:20:132:33 | ...::args | user-provided value |
| main.rs:70:19:70:26 | user_xml | main.rs:144:20:144:33 | ...::args | main.rs:70:19:70:26 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:144:20:144:33 | ...::args | user-provided value |
| main.rs:75:19:75:26 | user_xml | main.rs:144:20:144:33 | ...::args | main.rs:75:19:75:26 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:144:20:144:33 | ...::args | user-provided value |
| main.rs:80:19:80:26 | user_xml | main.rs:144:20:144:33 | ...::args | main.rs:80:19:80:26 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:144:20:144:33 | ...::args | user-provided value |
| main.rs:85:17:85:29 | user_filename | main.rs:145:25:145:38 | ...::args | main.rs:85:17:85:29 | user_filename | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:145:25:145:38 | ...::args | user-provided value |
| main.rs:90:16:90:23 | user_xml | main.rs:144:20:144:33 | ...::args | main.rs:90:16:90:23 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:144:20:144:33 | ...::args | user-provided value |
| main.rs:95:15:95:21 | user_fd | main.rs:146:21:146:39 | ...::open | main.rs:95:15:95:21 | user_fd | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:146:21:146:39 | ...::open | user-provided value |
| main.rs:100:43:100:55 | user_filename | main.rs:145:25:145:38 | ...::args | main.rs:100:43:100:55 | user_filename | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:145:25:145:38 | ...::args | user-provided value |
| main.rs:105:42:105:49 | user_xml | main.rs:144:20:144:33 | ...::args | main.rs:105:42:105:49 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:144:20:144:33 | ...::args | user-provided value |
| main.rs:112:9:112:16 | user_xml | main.rs:144:20:144:33 | ...::args | main.rs:112:9:112:16 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:144:20:144:33 | ...::args | user-provided value |
| main.rs:122:19:122:26 | user_xml | main.rs:144:20:144:33 | ...::args | main.rs:122:19:122:26 | user_xml | XML parsing depends on a $@ without guarding against external entity expansion. | main.rs:144:20:144:33 | ...::args | user-provided value |
edges
| main.rs:66:25:66:38 | ...: ... [&ref] | main.rs:68:19:68:26 | user_xml | provenance | |
| main.rs:71:27:71:40 | ...: ... [&ref] | main.rs:73:19:73:26 | user_xml | provenance | |
| main.rs:76:28:76:41 | ...: ... [&ref] | main.rs:78:19:78:26 | user_xml | provenance | |
| main.rs:81:27:81:45 | ...: ... [&ref] | main.rs:83:17:83:29 | user_filename | provenance | |
| main.rs:86:26:86:39 | ...: ... [&ref] | main.rs:88:16:88:23 | user_xml | provenance | |
| main.rs:91:31:91:44 | ...: ... [&ref] | main.rs:93:42:93:49 | user_xml | provenance | |
| main.rs:96:34:96:47 | ...: ... [&ref] | main.rs:100:9:100:16 | user_xml | provenance | |
| main.rs:108:29:108:42 | ...: ... [&ref] | main.rs:110:19:110:26 | user_xml | provenance | |
| main.rs:132:9:132:16 | user_xml | main.rs:135:27:135:34 | user_xml | provenance | |
| main.rs:132:9:132:16 | user_xml | main.rs:136:29:136:36 | user_xml | provenance | |
| main.rs:132:9:132:16 | user_xml | main.rs:137:30:137:37 | user_xml | provenance | |
| main.rs:132:9:132:16 | user_xml | main.rs:139:28:139:35 | user_xml | provenance | |
| main.rs:132:9:132:16 | user_xml | main.rs:140:33:140:40 | user_xml | provenance | |
| main.rs:132:9:132:16 | user_xml | main.rs:141:36:141:43 | user_xml | provenance | |
| main.rs:132:9:132:16 | user_xml | main.rs:142:31:142:38 | user_xml | provenance | |
| main.rs:132:20:132:33 | ...::args | main.rs:132:20:132:35 | ...::args(...) [element] | provenance | Src:MaD:1 |
| main.rs:132:20:132:35 | ...::args(...) [element] | main.rs:132:20:132:42 | ... .nth(...) [Some] | provenance | MaD:2 |
| main.rs:132:20:132:42 | ... .nth(...) [Some] | main.rs:132:20:132:62 | ... .unwrap_or_default() | provenance | MaD:3 |
| main.rs:132:20:132:62 | ... .unwrap_or_default() | main.rs:132:9:132:16 | user_xml | provenance | |
| main.rs:133:9:133:21 | user_filename | main.rs:138:29:138:41 | user_filename | provenance | |
| main.rs:133:25:133:38 | ...::args | main.rs:133:25:133:40 | ...::args(...) [element] | provenance | Src:MaD:1 |
| main.rs:133:25:133:40 | ...::args(...) [element] | main.rs:133:25:133:47 | ... .nth(...) [Some] | provenance | MaD:2 |
| main.rs:133:25:133:47 | ... .nth(...) [Some] | main.rs:133:25:133:67 | ... .unwrap_or_default() | provenance | MaD:3 |
| main.rs:133:25:133:67 | ... .unwrap_or_default() | main.rs:133:9:133:21 | user_filename | provenance | |
| main.rs:135:26:135:34 | &user_xml [&ref] | main.rs:66:25:66:38 | ...: ... [&ref] | provenance | |
| main.rs:135:27:135:34 | user_xml | main.rs:135:26:135:34 | &user_xml [&ref] | provenance | |
| main.rs:136:28:136:36 | &user_xml [&ref] | main.rs:71:27:71:40 | ...: ... [&ref] | provenance | |
| main.rs:136:29:136:36 | user_xml | main.rs:136:28:136:36 | &user_xml [&ref] | provenance | |
| main.rs:137:29:137:37 | &user_xml [&ref] | main.rs:76:28:76:41 | ...: ... [&ref] | provenance | |
| main.rs:137:30:137:37 | user_xml | main.rs:137:29:137:37 | &user_xml [&ref] | provenance | |
| main.rs:138:28:138:41 | &user_filename [&ref] | main.rs:81:27:81:45 | ...: ... [&ref] | provenance | |
| main.rs:138:29:138:41 | user_filename | main.rs:138:28:138:41 | &user_filename [&ref] | provenance | |
| main.rs:139:27:139:35 | &user_xml [&ref] | main.rs:86:26:86:39 | ...: ... [&ref] | provenance | |
| main.rs:139:28:139:35 | user_xml | main.rs:139:27:139:35 | &user_xml [&ref] | provenance | |
| main.rs:140:32:140:40 | &user_xml [&ref] | main.rs:91:31:91:44 | ...: ... [&ref] | provenance | |
| main.rs:140:33:140:40 | user_xml | main.rs:140:32:140:40 | &user_xml [&ref] | provenance | |
| main.rs:141:35:141:43 | &user_xml [&ref] | main.rs:96:34:96:47 | ...: ... [&ref] | provenance | |
| main.rs:141:36:141:43 | user_xml | main.rs:141:35:141:43 | &user_xml [&ref] | provenance | |
| main.rs:142:30:142:38 | &user_xml [&ref] | main.rs:108:29:108:42 | ...: ... [&ref] | provenance | |
| main.rs:142:31:142:38 | user_xml | main.rs:142:30:142:38 | &user_xml [&ref] | provenance | |
| main.rs:68:25:68:38 | ...: ... [&ref] | main.rs:70:19:70:26 | user_xml | provenance | |
| main.rs:73:27:73:40 | ...: ... [&ref] | main.rs:75:19:75:26 | user_xml | provenance | |
| main.rs:78:28:78:41 | ...: ... [&ref] | main.rs:80:19:80:26 | user_xml | provenance | |
| main.rs:83:27:83:45 | ...: ... [&ref] | main.rs:85:17:85:29 | user_filename | provenance | |
| main.rs:88:26:88:39 | ...: ... [&ref] | main.rs:90:16:90:23 | user_xml | provenance | |
| main.rs:93:25:93:36 | ...: i32 [&ref] | main.rs:95:15:95:21 | user_fd | provenance | |
| main.rs:98:32:98:50 | ...: ... [&ref] | main.rs:100:43:100:55 | user_filename | provenance | |
| main.rs:103:31:103:44 | ...: ... [&ref] | main.rs:105:42:105:49 | user_xml | provenance | |
| main.rs:108:34:108:47 | ...: ... [&ref] | main.rs:112:9:112:16 | user_xml | provenance | |
| main.rs:120:29:120:42 | ...: ... [&ref] | main.rs:122:19:122:26 | user_xml | provenance | |
| main.rs:144:9:144:16 | user_xml | main.rs:149:27:149:34 | user_xml | provenance | |
| main.rs:144:9:144:16 | user_xml | main.rs:150:29:150:36 | user_xml | provenance | |
| main.rs:144:9:144:16 | user_xml | main.rs:151:30:151:37 | user_xml | provenance | |
| main.rs:144:9:144:16 | user_xml | main.rs:153:28:153:35 | user_xml | provenance | |
| main.rs:144:9:144:16 | user_xml | main.rs:156:33:156:40 | user_xml | provenance | |
| main.rs:144:9:144:16 | user_xml | main.rs:157:36:157:43 | user_xml | provenance | |
| main.rs:144:9:144:16 | user_xml | main.rs:158:31:158:38 | user_xml | provenance | |
| main.rs:144:20:144:33 | ...::args | main.rs:144:20:144:35 | ...::args(...) [element] | provenance | Src:MaD:2 |
| main.rs:144:20:144:35 | ...::args(...) [element] | main.rs:144:20:144:42 | ... .nth(...) [Some] | provenance | MaD:3 |
| main.rs:144:20:144:42 | ... .nth(...) [Some] | main.rs:144:20:144:62 | ... .unwrap_or_default() | provenance | MaD:6 |
| main.rs:144:20:144:62 | ... .unwrap_or_default() | main.rs:144:9:144:16 | user_xml | provenance | |
| main.rs:145:9:145:21 | user_filename | main.rs:152:29:152:41 | user_filename | provenance | |
| main.rs:145:9:145:21 | user_filename | main.rs:155:34:155:46 | user_filename | provenance | |
| main.rs:145:25:145:38 | ...::args | main.rs:145:25:145:40 | ...::args(...) [element] | provenance | Src:MaD:2 |
| main.rs:145:25:145:40 | ...::args(...) [element] | main.rs:145:25:145:47 | ... .nth(...) [Some] | provenance | MaD:3 |
| main.rs:145:25:145:47 | ... .nth(...) [Some] | main.rs:145:25:145:67 | ... .unwrap_or_default() | provenance | MaD:6 |
| main.rs:145:25:145:67 | ... .unwrap_or_default() | main.rs:145:9:145:21 | user_filename | provenance | |
| main.rs:146:9:146:17 | user_file [Some] | main.rs:147:19:147:27 | user_file [Some] | provenance | |
| main.rs:146:21:146:39 | ...::open | main.rs:146:21:146:55 | ...::open(...) [Ok] | provenance | Src:MaD:1 |
| main.rs:146:21:146:55 | ...::open(...) [Ok] | main.rs:146:21:146:60 | ... .ok() [Some] | provenance | MaD:7 |
| main.rs:146:21:146:60 | ... .ok() [Some] | main.rs:146:9:146:17 | user_file [Some] | provenance | |
| main.rs:147:9:147:15 | user_fd [&ref] | main.rs:154:26:154:32 | user_fd [&ref] | provenance | |
| main.rs:147:19:147:27 | user_file [Some] | main.rs:147:19:147:36 | user_file.as_ref() [Some, &ref] | provenance | MaD:4 |
| main.rs:147:19:147:36 | user_file.as_ref() [Some, &ref] | main.rs:147:19:147:72 | ... .map_or(...) [&ref] | provenance | MaD:5 |
| main.rs:147:19:147:72 | ... .map_or(...) [&ref] | main.rs:147:9:147:15 | user_fd [&ref] | provenance | |
| main.rs:149:26:149:34 | &user_xml [&ref] | main.rs:68:25:68:38 | ...: ... [&ref] | provenance | |
| main.rs:149:27:149:34 | user_xml | main.rs:149:26:149:34 | &user_xml [&ref] | provenance | |
| main.rs:150:28:150:36 | &user_xml [&ref] | main.rs:73:27:73:40 | ...: ... [&ref] | provenance | |
| main.rs:150:29:150:36 | user_xml | main.rs:150:28:150:36 | &user_xml [&ref] | provenance | |
| main.rs:151:29:151:37 | &user_xml [&ref] | main.rs:78:28:78:41 | ...: ... [&ref] | provenance | |
| main.rs:151:30:151:37 | user_xml | main.rs:151:29:151:37 | &user_xml [&ref] | provenance | |
| main.rs:152:28:152:41 | &user_filename [&ref] | main.rs:83:27:83:45 | ...: ... [&ref] | provenance | |
| main.rs:152:29:152:41 | user_filename | main.rs:152:28:152:41 | &user_filename [&ref] | provenance | |
| main.rs:153:27:153:35 | &user_xml [&ref] | main.rs:88:26:88:39 | ...: ... [&ref] | provenance | |
| main.rs:153:28:153:35 | user_xml | main.rs:153:27:153:35 | &user_xml [&ref] | provenance | |
| main.rs:154:26:154:32 | user_fd [&ref] | main.rs:93:25:93:36 | ...: i32 [&ref] | provenance | |
| main.rs:155:33:155:46 | &user_filename [&ref] | main.rs:98:32:98:50 | ...: ... [&ref] | provenance | |
| main.rs:155:34:155:46 | user_filename | main.rs:155:33:155:46 | &user_filename [&ref] | provenance | |
| main.rs:156:32:156:40 | &user_xml [&ref] | main.rs:103:31:103:44 | ...: ... [&ref] | provenance | |
| main.rs:156:33:156:40 | user_xml | main.rs:156:32:156:40 | &user_xml [&ref] | provenance | |
| main.rs:157:35:157:43 | &user_xml [&ref] | main.rs:108:34:108:47 | ...: ... [&ref] | provenance | |
| main.rs:157:36:157:43 | user_xml | main.rs:157:35:157:43 | &user_xml [&ref] | provenance | |
| main.rs:158:30:158:38 | &user_xml [&ref] | main.rs:120:29:120:42 | ...: ... [&ref] | provenance | |
| main.rs:158:31:158:38 | user_xml | main.rs:158:30:158:38 | &user_xml [&ref] | provenance | |
models
| 1 | Source: std::env::args; ReturnValue.Element; commandargs |
| 2 | Summary: <_ as core::iter::traits::iterator::Iterator>::nth; Argument[self].Reference.Element; ReturnValue.Field[core::option::Option::Some(0)]; value |
| 3 | Summary: <core::option::Option>::unwrap_or_default; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
| 1 | Source: <std::fs::File>::open; ReturnValue.Field[core::result::Result::Ok(0)]; file |
| 2 | Source: std::env::args; ReturnValue.Element; commandargs |
| 3 | Summary: <_ as core::iter::traits::iterator::Iterator>::nth; Argument[self].Reference.Element; ReturnValue.Field[core::option::Option::Some(0)]; value |
| 4 | Summary: <core::option::Option>::as_ref; Argument[self].Reference.Field[core::option::Option::Some(0)]; ReturnValue.Field[core::option::Option::Some(0)].Reference; value |
| 5 | Summary: <core::option::Option>::map_or; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
| 6 | Summary: <core::option::Option>::unwrap_or_default; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
| 7 | Summary: <core::result::Result>::ok; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue.Field[core::option::Option::Some(0)]; value |
nodes
| main.rs:66:25:66:38 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:68:19:68:26 | user_xml | semmle.label | user_xml |
| main.rs:71:27:71:40 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:73:19:73:26 | user_xml | semmle.label | user_xml |
| main.rs:76:28:76:41 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:78:19:78:26 | user_xml | semmle.label | user_xml |
| main.rs:81:27:81:45 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:83:17:83:29 | user_filename | semmle.label | user_filename |
| main.rs:86:26:86:39 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:88:16:88:23 | user_xml | semmle.label | user_xml |
| main.rs:91:31:91:44 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:93:42:93:49 | user_xml | semmle.label | user_xml |
| main.rs:96:34:96:47 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:100:9:100:16 | user_xml | semmle.label | user_xml |
| main.rs:108:29:108:42 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:110:19:110:26 | user_xml | semmle.label | user_xml |
| main.rs:132:9:132:16 | user_xml | semmle.label | user_xml |
| main.rs:132:20:132:33 | ...::args | semmle.label | ...::args |
| main.rs:132:20:132:35 | ...::args(...) [element] | semmle.label | ...::args(...) [element] |
| main.rs:132:20:132:42 | ... .nth(...) [Some] | semmle.label | ... .nth(...) [Some] |
| main.rs:132:20:132:62 | ... .unwrap_or_default() | semmle.label | ... .unwrap_or_default() |
| main.rs:133:9:133:21 | user_filename | semmle.label | user_filename |
| main.rs:133:25:133:38 | ...::args | semmle.label | ...::args |
| main.rs:133:25:133:40 | ...::args(...) [element] | semmle.label | ...::args(...) [element] |
| main.rs:133:25:133:47 | ... .nth(...) [Some] | semmle.label | ... .nth(...) [Some] |
| main.rs:133:25:133:67 | ... .unwrap_or_default() | semmle.label | ... .unwrap_or_default() |
| main.rs:135:26:135:34 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:135:27:135:34 | user_xml | semmle.label | user_xml |
| main.rs:136:28:136:36 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:136:29:136:36 | user_xml | semmle.label | user_xml |
| main.rs:137:29:137:37 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:137:30:137:37 | user_xml | semmle.label | user_xml |
| main.rs:138:28:138:41 | &user_filename [&ref] | semmle.label | &user_filename [&ref] |
| main.rs:138:29:138:41 | user_filename | semmle.label | user_filename |
| main.rs:139:27:139:35 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:139:28:139:35 | user_xml | semmle.label | user_xml |
| main.rs:140:32:140:40 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:140:33:140:40 | user_xml | semmle.label | user_xml |
| main.rs:141:35:141:43 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:141:36:141:43 | user_xml | semmle.label | user_xml |
| main.rs:142:30:142:38 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:142:31:142:38 | user_xml | semmle.label | user_xml |
| main.rs:68:25:68:38 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:70:19:70:26 | user_xml | semmle.label | user_xml |
| main.rs:73:27:73:40 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:75:19:75:26 | user_xml | semmle.label | user_xml |
| main.rs:78:28:78:41 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:80:19:80:26 | user_xml | semmle.label | user_xml |
| main.rs:83:27:83:45 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:85:17:85:29 | user_filename | semmle.label | user_filename |
| main.rs:88:26:88:39 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:90:16:90:23 | user_xml | semmle.label | user_xml |
| main.rs:93:25:93:36 | ...: i32 [&ref] | semmle.label | ...: i32 [&ref] |
| main.rs:95:15:95:21 | user_fd | semmle.label | user_fd |
| main.rs:98:32:98:50 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:100:43:100:55 | user_filename | semmle.label | user_filename |
| main.rs:103:31:103:44 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:105:42:105:49 | user_xml | semmle.label | user_xml |
| main.rs:108:34:108:47 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:112:9:112:16 | user_xml | semmle.label | user_xml |
| main.rs:120:29:120:42 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
| main.rs:122:19:122:26 | user_xml | semmle.label | user_xml |
| main.rs:144:9:144:16 | user_xml | semmle.label | user_xml |
| main.rs:144:20:144:33 | ...::args | semmle.label | ...::args |
| main.rs:144:20:144:35 | ...::args(...) [element] | semmle.label | ...::args(...) [element] |
| main.rs:144:20:144:42 | ... .nth(...) [Some] | semmle.label | ... .nth(...) [Some] |
| main.rs:144:20:144:62 | ... .unwrap_or_default() | semmle.label | ... .unwrap_or_default() |
| main.rs:145:9:145:21 | user_filename | semmle.label | user_filename |
| main.rs:145:25:145:38 | ...::args | semmle.label | ...::args |
| main.rs:145:25:145:40 | ...::args(...) [element] | semmle.label | ...::args(...) [element] |
| main.rs:145:25:145:47 | ... .nth(...) [Some] | semmle.label | ... .nth(...) [Some] |
| main.rs:145:25:145:67 | ... .unwrap_or_default() | semmle.label | ... .unwrap_or_default() |
| main.rs:146:9:146:17 | user_file [Some] | semmle.label | user_file [Some] |
| main.rs:146:21:146:39 | ...::open | semmle.label | ...::open |
| main.rs:146:21:146:55 | ...::open(...) [Ok] | semmle.label | ...::open(...) [Ok] |
| main.rs:146:21:146:60 | ... .ok() [Some] | semmle.label | ... .ok() [Some] |
| main.rs:147:9:147:15 | user_fd [&ref] | semmle.label | user_fd [&ref] |
| main.rs:147:19:147:27 | user_file [Some] | semmle.label | user_file [Some] |
| main.rs:147:19:147:36 | user_file.as_ref() [Some, &ref] | semmle.label | user_file.as_ref() [Some, &ref] |
| main.rs:147:19:147:72 | ... .map_or(...) [&ref] | semmle.label | ... .map_or(...) [&ref] |
| main.rs:149:26:149:34 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:149:27:149:34 | user_xml | semmle.label | user_xml |
| main.rs:150:28:150:36 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:150:29:150:36 | user_xml | semmle.label | user_xml |
| main.rs:151:29:151:37 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:151:30:151:37 | user_xml | semmle.label | user_xml |
| main.rs:152:28:152:41 | &user_filename [&ref] | semmle.label | &user_filename [&ref] |
| main.rs:152:29:152:41 | user_filename | semmle.label | user_filename |
| main.rs:153:27:153:35 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:153:28:153:35 | user_xml | semmle.label | user_xml |
| main.rs:154:26:154:32 | user_fd [&ref] | semmle.label | user_fd [&ref] |
| main.rs:155:33:155:46 | &user_filename [&ref] | semmle.label | &user_filename [&ref] |
| main.rs:155:34:155:46 | user_filename | semmle.label | user_filename |
| main.rs:156:32:156:40 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:156:33:156:40 | user_xml | semmle.label | user_xml |
| main.rs:157:35:157:43 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:157:36:157:43 | user_xml | semmle.label | user_xml |
| main.rs:158:30:158:38 | &user_xml [&ref] | semmle.label | &user_xml [&ref] |
| main.rs:158:31:158:38 | user_xml | semmle.label | user_xml |
subpaths

16
rust/ql/test/query-tests/security/CWE-611/main.rs
View File

@@ -1,3 +1,5 @@
use std::os::fd::AsRawFd;
// Stub types and constants to simulate libxml2 bindings
pub struct XmlDoc;
pub struct XmlParserCtxt;
@@ -88,6 +90,16 @@ fn test_xml_read_doc_bad(user_xml: &str) {
xmlReadDoc(user_xml, "", "", XML_PARSE_DTDLOAD); // $ Alert[rust/xxe]
}
fn test_xml_read_fd_bad(user_fd: i32) {
// BAD: user-controlled file descriptor with XML_PARSE_DTDLOAD
xmlReadFd(user_fd, "", "", XML_PARSE_DTDLOAD); // $ Alert[rust/xxe]
}
fn test_xml_ctxt_read_file_bad(user_filename: &str) {
// BAD: user-controlled filename with XML_PARSE_NOENT via ctxt variant
xmlCtxtReadFile(std::ptr::null_mut(), user_filename, "", XML_PARSE_NOENT); // $ Alert[rust/xxe]
}
fn test_xml_ctxt_read_doc_bad(user_xml: &str) {
// BAD: user-controlled XML with unsafe options via ctxt variant
xmlCtxtReadDoc(std::ptr::null_mut(), user_xml, "", "", XML_PARSE_NOENT); // $ Alert[rust/xxe]
@@ -131,12 +143,16 @@ fn test_xml_hardcoded_unsafe() {
fn main() {
let user_xml = std::env::args().nth(1).unwrap_or_default(); // $ Source
let user_filename = std::env::args().nth(2).unwrap_or_default(); // $ Source
let user_file = std::fs::File::open(&user_filename).ok(); // $ Source
let user_fd = user_file.as_ref().map_or(-1, |file| file.as_raw_fd());
test_xml_parse_noent(&user_xml);
test_xml_parse_dtdload(&user_xml);
test_xml_parse_combined(&user_xml);
test_xml_read_file_bad(&user_filename);
test_xml_read_doc_bad(&user_xml);
test_xml_read_fd_bad(user_fd);
test_xml_ctxt_read_file_bad(&user_filename);
test_xml_ctxt_read_doc_bad(&user_xml);
test_xml_ctxt_read_memory_bad(&user_xml);
test_integer_literal_bad(&user_xml);