diff --git a/rust/ql/test/query-tests/security/CWE-117/Cargo.lock b/rust/ql/test/query-tests/security/CWE-117/Cargo.lock
index a4c67f043d0..7629f8fa2fe 100644
--- a/rust/ql/test/query-tests/security/CWE-117/Cargo.lock
+++ b/rust/ql/test/query-tests/security/CWE-117/Cargo.lock
@@ -34,6 +34,58 @@ version = "1.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0"
 
+[[package]]
+name = "axum"
+version = "0.8.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8b52af3cb4058c895d37317bb27508dccc8e5f2d39454016b297bf4a400597b8"
+dependencies = [
+ "axum-core",
+ "bytes",
+ "form_urlencoded",
+ "futures-util",
+ "http",
+ "http-body",
+ "http-body-util",
+ "hyper",
+ "hyper-util",
+ "itoa",
+ "matchit",
+ "memchr",
+ "mime",
+ "percent-encoding",
+ "pin-project-lite",
+ "serde_core",
+ "serde_json",
+ "serde_path_to_error",
+ "serde_urlencoded",
+ "sync_wrapper",
+ "tokio",
+ "tower",
+ "tower-layer",
+ "tower-service",
+ "tracing",
+]
+
+[[package]]
+name = "axum-core"
+version = "0.5.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "08c78f31d7b1291f7ee735c1c6780ccde7785daae9a9206026862dab7d8792d1"
+dependencies = [
+ "bytes",
+ "futures-core",
+ "http",
+ "http-body",
+ "http-body-util",
+ "mime",
+ "pin-project-lite",
+ "sync_wrapper",
+ "tower-layer",
+ "tower-service",
+ "tracing",
+]
+
 [[package]]
 name = "backtrace"
 version = "0.3.75"
@@ -339,6 +391,12 @@ version = "1.10.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6dbf3de79e51f3d586ab4cb9d5c3e2c14aa28ed23d180cf89b4df0454a69cc87"
 
+[[package]]
+name = "httpdate"
+version = "1.0.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9"
+
 [[package]]
 name = "humantime"
 version = "2.2.0"
@@ -358,6 +416,7 @@ dependencies = [
  "http",
  "http-body",
  "httparse",
+ "httpdate",
  "itoa",
  "pin-project-lite",
  "smallvec",
@@ -592,6 +651,12 @@ version = "0.4.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f"
 
+[[package]]
+name = "matchit"
+version = "0.8.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "47e1ffaa40ddd1f3ed91f717a33c8c0ee23fff369e3aa8772b9605cc1d22f4c3"
+
 [[package]]
 name = "memchr"
 version = "2.7.5"
@@ -951,18 +1016,27 @@ dependencies = [
 
 [[package]]
 name = "serde"
-version = "1.0.219"
+version = "1.0.228"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6"
+checksum = "9a8e94ea7f378bd32cbbd37198a4a91436180c5bb472411e48b5ec2e2124ae9e"
+dependencies = [
+ "serde_core",
+]
+
+[[package]]
+name = "serde_core"
+version = "1.0.228"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "41d385c7d4ca58e59fc732af25c3983b67ac852c1a25000afe1175de458b67ad"
 dependencies = [
  "serde_derive",
 ]
 
 [[package]]
 name = "serde_derive"
-version = "1.0.219"
+version = "1.0.228"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00"
+checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -981,6 +1055,17 @@ dependencies = [
  "serde",
 ]
 
+[[package]]
+name = "serde_path_to_error"
+version = "0.1.20"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "10a9ff822e371bb5403e391ecd83e182e0e77ba7f6fe0160b795797109d1b457"
+dependencies = [
+ "itoa",
+ "serde",
+ "serde_core",
+]
+
 [[package]]
 name = "serde_urlencoded"
 version = "0.7.1"
@@ -1111,6 +1196,7 @@ dependencies = [
 name = "test"
 version = "0.0.1"
 dependencies = [
+ "axum",
  "env_logger",
  "log",
  "reqwest",
@@ -1138,9 +1224,21 @@ dependencies = [
  "mio",
  "pin-project-lite",
  "socket2",
+ "tokio-macros",
  "windows-sys 0.52.0",
 ]
 
+[[package]]
+name = "tokio-macros"
+version = "2.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6e06d43f1345a3bcd39f6a56dbb7dcab2ba47e68e8ac134855e7e2bdbaf8cab8"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
 [[package]]
 name = "tokio-native-tls"
 version = "0.3.1"
@@ -1174,6 +1272,28 @@ dependencies = [
  "tokio",
 ]
 
+[[package]]
+name = "tower"
+version = "0.5.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ebe5ef63511595f1344e2d5cfa636d973292adc0eec1f0ad45fae9f0851ab1d4"
+dependencies = [
+ "futures-core",
+ "futures-util",
+ "pin-project-lite",
+ "sync_wrapper",
+ "tokio",
+ "tower-layer",
+ "tower-service",
+ "tracing",
+]
+
+[[package]]
+name = "tower-layer"
+version = "0.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "121c2a6cda46980bb0fcd1647ffaf6cd3fc79a013de288782836f6df9c48780e"
+
 [[package]]
 name = "tower-service"
 version = "0.3.3"
@@ -1186,6 +1306,7 @@ version = "0.1.41"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "784e0ac535deb450455cbfa28a6f0df145ea1bb7ae51b821cf5e7927fdcfbdd0"
 dependencies = [
+ "log",
  "pin-project-lite",
  "tracing-core",
 ]
diff --git a/rust/ql/test/query-tests/security/CWE-117/LogInjection.expected b/rust/ql/test/query-tests/security/CWE-117/LogInjection.expected
index e326a87c42d..5a67a057acf 100644
--- a/rust/ql/test/query-tests/security/CWE-117/LogInjection.expected
+++ b/rust/ql/test/query-tests/security/CWE-117/LogInjection.expected
@@ -17,10 +17,11 @@
 | main.rs:119:9:119:13 | ...::log | main.rs:109:25:109:38 | ...::args | main.rs:119:9:119:13 | ...::log | Log entry depends on a $@. | main.rs:109:25:109:38 | ...::args | user-provided value |
 | main.rs:126:9:126:16 | ...::_print | main.rs:123:25:123:37 | ...::var | main.rs:126:9:126:16 | ...::_print | Log entry depends on a $@. | main.rs:123:25:123:37 | ...::var | user-provided value |
 | main.rs:127:9:127:17 | ...::_eprint | main.rs:123:25:123:37 | ...::var | main.rs:127:9:127:17 | ...::_eprint | Log entry depends on a $@. | main.rs:123:25:123:37 | ...::var | user-provided value |
+| main.rs:137:29:137:31 | map | main.rs:146:28:146:30 | get | main.rs:137:29:137:31 | map | Log entry depends on a $@. | main.rs:146:28:146:30 | get | user-provided value |
 edges
 | main.rs:8:9:8:12 | args [element] | main.rs:9:20:9:23 | args [element] | provenance |  |
-| main.rs:8:29:8:37 | ...::args | main.rs:8:29:8:39 | ...::args(...) [element] | provenance | Src:MaD:5  |
-| main.rs:8:29:8:39 | ...::args(...) [element] | main.rs:8:29:8:49 | ... .collect() [element] | provenance | MaD:9 |
+| main.rs:8:29:8:37 | ...::args | main.rs:8:29:8:39 | ...::args(...) [element] | provenance | Src:MaD:7  |
+| main.rs:8:29:8:39 | ...::args(...) [element] | main.rs:8:29:8:49 | ... .collect() [element] | provenance | MaD:11 |
 | main.rs:8:29:8:49 | ... .collect() [element] | main.rs:8:9:8:12 | args [element] | provenance |  |
 | main.rs:9:9:9:16 | username | main.rs:15:11:15:36 | MacroExpr | provenance |  |
 | main.rs:9:9:9:16 | username | main.rs:18:12:18:37 | MacroExpr | provenance |  |
@@ -28,47 +29,47 @@ edges
 | main.rs:9:9:9:16 | username | main.rs:26:55:26:62 | username | provenance |  |
 | main.rs:9:9:9:16 | username | main.rs:30:11:30:66 | MacroExpr | provenance |  |
 | main.rs:9:9:9:16 | username | main.rs:52:29:52:36 | username | provenance |  |
-| main.rs:9:20:9:23 | args [element] | main.rs:9:20:9:30 | args.get(...) [Some, &ref] | provenance | MaD:12 |
-| main.rs:9:20:9:30 | args.get(...) [Some, &ref] | main.rs:9:20:9:64 | ... .unwrap_or(...) [&ref] | provenance | MaD:13 |
-| main.rs:9:20:9:64 | ... .unwrap_or(...) [&ref] | main.rs:9:20:9:72 | ... .clone() | provenance | MaD:8 |
+| main.rs:9:20:9:23 | args [element] | main.rs:9:20:9:30 | args.get(...) [Some, &ref] | provenance | MaD:14 |
+| main.rs:9:20:9:30 | args.get(...) [Some, &ref] | main.rs:9:20:9:64 | ... .unwrap_or(...) [&ref] | provenance | MaD:15 |
+| main.rs:9:20:9:64 | ... .unwrap_or(...) [&ref] | main.rs:9:20:9:72 | ... .clone() | provenance | MaD:10 |
 | main.rs:9:20:9:72 | ... .clone() | main.rs:9:9:9:16 | username | provenance |  |
 | main.rs:10:9:10:18 | user_input | main.rs:16:11:16:44 | MacroExpr | provenance |  |
 | main.rs:10:9:10:18 | user_input | main.rs:19:12:19:39 | MacroExpr | provenance |  |
-| main.rs:10:22:10:34 | ...::var | main.rs:10:22:10:48 | ...::var(...) [Ok] | provenance | Src:MaD:6  |
-| main.rs:10:22:10:48 | ...::var(...) [Ok] | main.rs:10:22:10:81 | ... .unwrap_or(...) | provenance | MaD:16 |
+| main.rs:10:22:10:34 | ...::var | main.rs:10:22:10:48 | ...::var(...) [Ok] | provenance | Src:MaD:8  |
+| main.rs:10:22:10:48 | ...::var(...) [Ok] | main.rs:10:22:10:81 | ... .unwrap_or(...) | provenance | MaD:18 |
 | main.rs:10:22:10:81 | ... .unwrap_or(...) | main.rs:10:9:10:18 | user_input | provenance |  |
 | main.rs:11:9:11:19 | remote_data | main.rs:17:12:17:46 | MacroExpr | provenance |  |
 | main.rs:11:9:11:19 | remote_data | main.rs:30:11:30:66 | MacroExpr | provenance |  |
-| main.rs:11:23:11:44 | ...::get | main.rs:11:23:11:71 | ...::get(...) [Ok] | provenance | Src:MaD:4  |
-| main.rs:11:23:11:71 | ...::get(...) [Ok] | main.rs:11:23:12:17 | ... .unwrap() | provenance | MaD:15 |
-| main.rs:11:23:12:17 | ... .unwrap() | main.rs:11:23:12:24 | ... .text() [Ok] | provenance | MaD:18 |
-| main.rs:11:23:12:24 | ... .text() [Ok] | main.rs:11:23:12:61 | ... .unwrap_or(...) | provenance | MaD:16 |
+| main.rs:11:23:11:44 | ...::get | main.rs:11:23:11:71 | ...::get(...) [Ok] | provenance | Src:MaD:6  |
+| main.rs:11:23:11:71 | ...::get(...) [Ok] | main.rs:11:23:12:17 | ... .unwrap() | provenance | MaD:17 |
+| main.rs:11:23:12:17 | ... .unwrap() | main.rs:11:23:12:24 | ... .text() [Ok] | provenance | MaD:20 |
+| main.rs:11:23:12:24 | ... .text() [Ok] | main.rs:11:23:12:61 | ... .unwrap_or(...) | provenance | MaD:18 |
 | main.rs:11:23:12:61 | ... .unwrap_or(...) | main.rs:11:9:11:19 | remote_data | provenance |  |
-| main.rs:15:11:15:36 | MacroExpr | main.rs:15:5:15:9 | ...::log | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:16:11:16:44 | MacroExpr | main.rs:16:5:16:9 | ...::log | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:17:12:17:46 | MacroExpr | main.rs:17:5:17:10 | ...::log | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:18:12:18:37 | MacroExpr | main.rs:18:5:18:10 | ...::log | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:19:12:19:39 | MacroExpr | main.rs:19:5:19:10 | ...::log | provenance | MaD:1 Sink:MaD:1 |
+| main.rs:15:11:15:36 | MacroExpr | main.rs:15:5:15:9 | ...::log | provenance | MaD:2 Sink:MaD:2 |
+| main.rs:16:11:16:44 | MacroExpr | main.rs:16:5:16:9 | ...::log | provenance | MaD:2 Sink:MaD:2 |
+| main.rs:17:12:17:46 | MacroExpr | main.rs:17:5:17:10 | ...::log | provenance | MaD:2 Sink:MaD:2 |
+| main.rs:18:12:18:37 | MacroExpr | main.rs:18:5:18:10 | ...::log | provenance | MaD:2 Sink:MaD:2 |
+| main.rs:19:12:19:39 | MacroExpr | main.rs:19:5:19:10 | ...::log | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:22:9:22:21 | formatted_msg | main.rs:23:11:23:29 | MacroExpr | provenance |  |
 | main.rs:22:33:22:63 | ...::format(...) | main.rs:22:33:22:63 | { ... } | provenance |  |
 | main.rs:22:33:22:63 | ...::must_use(...) | main.rs:22:9:22:21 | formatted_msg | provenance |  |
-| main.rs:22:33:22:63 | MacroExpr | main.rs:22:33:22:63 | ...::format(...) | provenance | MaD:19 |
-| main.rs:22:33:22:63 | { ... } | main.rs:22:33:22:63 | ...::must_use(...) | provenance | MaD:20 |
-| main.rs:23:11:23:29 | MacroExpr | main.rs:23:5:23:9 | ...::log | provenance | MaD:1 Sink:MaD:1 |
+| main.rs:22:33:22:63 | MacroExpr | main.rs:22:33:22:63 | ...::format(...) | provenance | MaD:21 |
+| main.rs:22:33:22:63 | { ... } | main.rs:22:33:22:63 | ...::must_use(...) | provenance | MaD:22 |
+| main.rs:23:11:23:29 | MacroExpr | main.rs:23:5:23:9 | ...::log | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:26:9:26:18 | concat_msg | main.rs:27:11:27:26 | MacroExpr | provenance |  |
 | main.rs:26:22:26:62 | ... + ... | main.rs:26:9:26:18 | concat_msg | provenance |  |
-| main.rs:26:54:26:62 | &username [&ref] | main.rs:26:22:26:62 | ... + ... | provenance | MaD:11 |
+| main.rs:26:54:26:62 | &username [&ref] | main.rs:26:22:26:62 | ... + ... | provenance | MaD:13 |
 | main.rs:26:55:26:62 | username | main.rs:26:54:26:62 | &username [&ref] | provenance |  |
-| main.rs:27:11:27:26 | MacroExpr | main.rs:27:5:27:9 | ...::log | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:30:11:30:66 | MacroExpr | main.rs:30:5:30:9 | ...::log | provenance | MaD:1 Sink:MaD:1 |
+| main.rs:27:11:27:26 | MacroExpr | main.rs:27:5:27:9 | ...::log | provenance | MaD:2 Sink:MaD:2 |
+| main.rs:30:11:30:66 | MacroExpr | main.rs:30:5:30:9 | ...::log | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:52:28:52:36 | &username [&ref] | main.rs:56:27:56:40 | ...: ... [&ref] | provenance |  |
 | main.rs:52:29:52:36 | username | main.rs:52:28:52:36 | &username [&ref] | provenance |  |
 | main.rs:56:27:56:40 | ...: ... [&ref] | main.rs:65:38:65:45 | username [&ref] | provenance |  |
 | main.rs:65:9:65:17 | user_info [UserInfo] | main.rs:66:28:66:36 | user_info [UserInfo] | provenance |  |
 | main.rs:65:21:65:59 | UserInfo {...} [UserInfo] | main.rs:65:9:65:17 | user_info [UserInfo] | provenance |  |
-| main.rs:65:38:65:45 | username [&ref] | main.rs:65:38:65:57 | username.to_string() | provenance | MaD:7 |
+| main.rs:65:38:65:45 | username [&ref] | main.rs:65:38:65:57 | username.to_string() | provenance | MaD:9 |
 | main.rs:65:38:65:57 | username.to_string() | main.rs:65:21:65:59 | UserInfo {...} [UserInfo] | provenance |  |
-| main.rs:66:11:66:41 | MacroExpr | main.rs:66:5:66:9 | ...::log | provenance | MaD:1 Sink:MaD:1 |
+| main.rs:66:11:66:41 | MacroExpr | main.rs:66:5:66:9 | ...::log | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:66:28:66:36 | user_info [UserInfo] | main.rs:66:28:66:41 | user_info.name | provenance |  |
 | main.rs:66:28:66:41 | user_info.name | main.rs:66:11:66:41 | MacroExpr | provenance |  |
 | main.rs:109:13:109:21 | user_data | main.rs:112:15:112:35 | MacroExpr | provenance |  |
@@ -77,44 +78,49 @@ edges
 | main.rs:109:13:109:21 | user_data | main.rs:115:16:115:37 | MacroExpr | provenance |  |
 | main.rs:109:13:109:21 | user_data | main.rs:116:16:116:37 | MacroExpr | provenance |  |
 | main.rs:109:13:109:21 | user_data | main.rs:119:15:119:75 | MacroExpr | provenance |  |
-| main.rs:109:25:109:38 | ...::args | main.rs:109:25:109:40 | ...::args(...) [element] | provenance | Src:MaD:5  |
-| main.rs:109:25:109:40 | ...::args(...) [element] | main.rs:109:25:109:47 | ... .nth(...) [Some] | provenance | MaD:10 |
-| main.rs:109:25:109:47 | ... .nth(...) [Some] | main.rs:109:25:109:67 | ... .unwrap_or_default() | provenance | MaD:14 |
+| main.rs:109:25:109:38 | ...::args | main.rs:109:25:109:40 | ...::args(...) [element] | provenance | Src:MaD:7  |
+| main.rs:109:25:109:40 | ...::args(...) [element] | main.rs:109:25:109:47 | ... .nth(...) [Some] | provenance | MaD:12 |
+| main.rs:109:25:109:47 | ... .nth(...) [Some] | main.rs:109:25:109:67 | ... .unwrap_or_default() | provenance | MaD:16 |
 | main.rs:109:25:109:67 | ... .unwrap_or_default() | main.rs:109:13:109:21 | user_data | provenance |  |
-| main.rs:112:15:112:35 | MacroExpr | main.rs:112:9:112:13 | ...::log | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:113:15:113:38 | MacroExpr | main.rs:113:9:113:13 | ...::log | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:114:16:114:37 | MacroExpr | main.rs:114:9:114:14 | ...::log | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:115:16:115:37 | MacroExpr | main.rs:115:9:115:14 | ...::log | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:116:16:116:37 | MacroExpr | main.rs:116:9:116:14 | ...::log | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:119:15:119:75 | MacroExpr | main.rs:119:9:119:13 | ...::log | provenance | MaD:1 Sink:MaD:1 |
+| main.rs:112:15:112:35 | MacroExpr | main.rs:112:9:112:13 | ...::log | provenance | MaD:2 Sink:MaD:2 |
+| main.rs:113:15:113:38 | MacroExpr | main.rs:113:9:113:13 | ...::log | provenance | MaD:2 Sink:MaD:2 |
+| main.rs:114:16:114:37 | MacroExpr | main.rs:114:9:114:14 | ...::log | provenance | MaD:2 Sink:MaD:2 |
+| main.rs:115:16:115:37 | MacroExpr | main.rs:115:9:115:14 | ...::log | provenance | MaD:2 Sink:MaD:2 |
+| main.rs:116:16:116:37 | MacroExpr | main.rs:116:9:116:14 | ...::log | provenance | MaD:2 Sink:MaD:2 |
+| main.rs:119:15:119:75 | MacroExpr | main.rs:119:9:119:13 | ...::log | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:123:13:123:21 | user_data | main.rs:126:18:126:38 | MacroExpr | provenance |  |
 | main.rs:123:13:123:21 | user_data | main.rs:127:19:127:49 | MacroExpr | provenance |  |
-| main.rs:123:25:123:37 | ...::var | main.rs:123:25:123:45 | ...::var(...) [Ok] | provenance | Src:MaD:6  |
-| main.rs:123:25:123:45 | ...::var(...) [Ok] | main.rs:123:25:123:65 | ... .unwrap_or_default() | provenance | MaD:17 |
+| main.rs:123:25:123:37 | ...::var | main.rs:123:25:123:45 | ...::var(...) [Ok] | provenance | Src:MaD:8  |
+| main.rs:123:25:123:45 | ...::var(...) [Ok] | main.rs:123:25:123:65 | ... .unwrap_or_default() | provenance | MaD:19 |
 | main.rs:123:25:123:65 | ... .unwrap_or_default() | main.rs:123:13:123:21 | user_data | provenance |  |
-| main.rs:126:18:126:38 | MacroExpr | main.rs:126:9:126:16 | ...::_print | provenance | MaD:3 Sink:MaD:3 |
-| main.rs:127:19:127:49 | MacroExpr | main.rs:127:9:127:17 | ...::_eprint | provenance | MaD:2 Sink:MaD:2 |
+| main.rs:126:18:126:38 | MacroExpr | main.rs:126:9:126:16 | ...::_print | provenance | MaD:4 Sink:MaD:4 |
+| main.rs:127:19:127:49 | MacroExpr | main.rs:127:9:127:17 | ...::_eprint | provenance | MaD:3 Sink:MaD:3 |
+| main.rs:136:32:136:59 | ...: Option::<...> | main.rs:137:22:137:27 | o_path | provenance |  |
+| main.rs:137:22:137:27 | o_path | main.rs:137:29:137:31 | map | provenance | MaD:1 Sink:MaD:1 |
+| main.rs:146:28:146:30 | get | main.rs:136:32:136:59 | ...: Option::<...> | provenance | Src:MaD:5  |
 models
-| 1 | Sink: log::__private_api::log; Argument[0]; log-injection |
-| 2 | Sink: std::io::stdio::_eprint; Argument[0]; log-injection |
-| 3 | Sink: std::io::stdio::_print; Argument[0]; log-injection |
-| 4 | Source: reqwest::blocking::get; ReturnValue.Field[core::result::Result::Ok(0)]; remote |
-| 5 | Source: std::env::args; ReturnValue.Element; commandargs |
-| 6 | Source: std::env::var; ReturnValue.Field[core::result::Result::Ok(0)]; environment |
-| 7 | Summary: <_ as alloc::string::ToString>::to_string; Argument[self].Reference; ReturnValue; taint |
-| 8 | Summary: <_ as core::clone::Clone>::clone; Argument[self].Reference; ReturnValue; value |
-| 9 | Summary: <_ as core::iter::traits::iterator::Iterator>::collect; Argument[self].Element; ReturnValue.Element; value |
-| 10 | Summary: <_ as core::iter::traits::iterator::Iterator>::nth; Argument[self].Reference.Element; ReturnValue.Field[core::option::Option::Some(0)]; value |
-| 11 | Summary: <alloc::string::String as core::ops::arith::Add>::add; Argument[0].Reference; ReturnValue; taint |
-| 12 | Summary: <alloc::vec::Vec as core::ops::deref::Deref>::deref; Argument[self].Reference.Element; ReturnValue.Reference.Element; value |
-| 13 | Summary: <core::option::Option>::unwrap_or; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
-| 14 | Summary: <core::option::Option>::unwrap_or_default; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
-| 15 | Summary: <core::result::Result>::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
-| 16 | Summary: <core::result::Result>::unwrap_or; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
-| 17 | Summary: <core::result::Result>::unwrap_or_default; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
-| 18 | Summary: <reqwest::blocking::response::Response>::text; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint |
-| 19 | Summary: alloc::fmt::format; Argument[0]; ReturnValue; taint |
-| 20 | Summary: core::hint::must_use; Argument[0]; ReturnValue; value |
+| 1 | Sink: <core::option::Option>::map; Argument[self]; log-injection |
+| 2 | Sink: log::__private_api::log; Argument[0]; log-injection |
+| 3 | Sink: std::io::stdio::_eprint; Argument[0]; log-injection |
+| 4 | Sink: std::io::stdio::_print; Argument[0]; log-injection |
+| 5 | Source: axum::routing::method_routing::get; Argument[0].Parameter[0..7]; remote |
+| 6 | Source: reqwest::blocking::get; ReturnValue.Field[core::result::Result::Ok(0)]; remote |
+| 7 | Source: std::env::args; ReturnValue.Element; commandargs |
+| 8 | Source: std::env::var; ReturnValue.Field[core::result::Result::Ok(0)]; environment |
+| 9 | Summary: <_ as alloc::string::ToString>::to_string; Argument[self].Reference; ReturnValue; taint |
+| 10 | Summary: <_ as core::clone::Clone>::clone; Argument[self].Reference; ReturnValue; value |
+| 11 | Summary: <_ as core::iter::traits::iterator::Iterator>::collect; Argument[self].Element; ReturnValue.Element; value |
+| 12 | Summary: <_ as core::iter::traits::iterator::Iterator>::nth; Argument[self].Reference.Element; ReturnValue.Field[core::option::Option::Some(0)]; value |
+| 13 | Summary: <alloc::string::String as core::ops::arith::Add>::add; Argument[0].Reference; ReturnValue; taint |
+| 14 | Summary: <alloc::vec::Vec as core::ops::deref::Deref>::deref; Argument[self].Reference.Element; ReturnValue.Reference.Element; value |
+| 15 | Summary: <core::option::Option>::unwrap_or; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
+| 16 | Summary: <core::option::Option>::unwrap_or_default; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
+| 17 | Summary: <core::result::Result>::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
+| 18 | Summary: <core::result::Result>::unwrap_or; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
+| 19 | Summary: <core::result::Result>::unwrap_or_default; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
+| 20 | Summary: <reqwest::blocking::response::Response>::text; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint |
+| 21 | Summary: alloc::fmt::format; Argument[0]; ReturnValue; taint |
+| 22 | Summary: core::hint::must_use; Argument[0]; ReturnValue; value |
 nodes
 | main.rs:8:9:8:12 | args [element] | semmle.label | args [element] |
 | main.rs:8:29:8:37 | ...::args | semmle.label | ...::args |
@@ -196,4 +202,8 @@ nodes
 | main.rs:126:18:126:38 | MacroExpr | semmle.label | MacroExpr |
 | main.rs:127:9:127:17 | ...::_eprint | semmle.label | ...::_eprint |
 | main.rs:127:19:127:49 | MacroExpr | semmle.label | MacroExpr |
+| main.rs:136:32:136:59 | ...: Option::<...> | semmle.label | ...: Option::<...> |
+| main.rs:137:22:137:27 | o_path | semmle.label | o_path |
+| main.rs:137:29:137:31 | map | semmle.label | map |
+| main.rs:146:28:146:30 | get | semmle.label | get |
 subpaths
diff --git a/rust/ql/test/query-tests/security/CWE-117/main.rs b/rust/ql/test/query-tests/security/CWE-117/main.rs
index 9fb3558b3d2..48fefbaba37 100644
--- a/rust/ql/test/query-tests/security/CWE-117/main.rs
+++ b/rust/ql/test/query-tests/security/CWE-117/main.rs
@@ -127,3 +127,22 @@ mod additional_tests {
         eprintln!("Error for user: {}", user_data); // $ Alert[rust/log-injection]=environment
     }
 }
+
+mod axum_tests {
+    use axum::extract::{Json, Path, Query, Request};
+    use axum::routing::{get, post, put, MethodFilter};
+    use axum::Router;
+
+    async fn my_axum_handler_1(o_path: Option<Path<String>>) -> &'static str {
+        let m_path = o_path.map(|x| x); // $ SPURIOUS: Alert[rust/log-injection]=post_handler
+
+        println!("{:?}", m_path.unwrap()); // $ MISSING: Alert[rust/log-injection]=post_handler
+
+        ""
+    }
+
+    async fn test_axum() {
+        let app = Router::<()>::new()
+            .route("/{a}", get(my_axum_handler_1)); // $ Source=post_handler
+    }
+}
diff --git a/rust/ql/test/query-tests/security/CWE-117/options.yml b/rust/ql/test/query-tests/security/CWE-117/options.yml
index fae9beded52..8807ab63631 100644
--- a/rust/ql/test/query-tests/security/CWE-117/options.yml
+++ b/rust/ql/test/query-tests/security/CWE-117/options.yml
@@ -2,4 +2,5 @@ qltest_cargo_check: true
 qltest_dependencies:
     - log = "0.4"
     - env_logger = "0.10"
-    - reqwest = { version = "0.12.9", features = ["blocking"] }
\ No newline at end of file
+    - reqwest = { version = "0.12.9", features = ["blocking"] }
+    - axum = { version = "0.8.7" }