hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 02:35:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rust: Handle arrays in taint tracking

Browse Source
This commit is contained in:
Simon Friis Vindum
2024-12-05 11:41:32 +01:00
parent 44239cbf2e
commit 1f4e7d1f37
5 changed files with 31 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
rust/ql/test/library-tests/dataflow/taint/TaintFlowStep.expected
View File

@@ -6,3 +6,6 @@
| main.rs:23:13:23:13 | a | main.rs:23:13:23:19 | a as u8 | |
| main.rs:24:10:24:10 | b | main.rs:24:10:24:17 | b as i64 | |
| main.rs:38:23:38:23 | s | main.rs:38:23:38:29 | s[...] | |
| main.rs:54:14:54:16 | arr | main.rs:54:14:54:19 | arr[1] | |
| main.rs:64:24:64:24 | s | main.rs:64:24:64:27 | s[1] | |
| main.rs:69:9:69:12 | arr2 | main.rs:69:9:69:15 | arr2[1] | |

10
rust/ql/test/library-tests/dataflow/taint/inline-taint-flow.expected
View File

@@ -3,6 +3,9 @@ edges
| main.rs:12:13:12:22 | source(...) | main.rs:13:10:13:14 | ... + ... | provenance | |
| main.rs:17:13:17:22 | source(...) | main.rs:18:10:18:11 | - ... | provenance | |
| main.rs:22:13:22:22 | source(...) | main.rs:24:10:24:17 | b as i64 | provenance | |
| main.rs:53:19:53:28 | source(...) | main.rs:54:14:54:19 | arr[1] | provenance | |
| main.rs:69:9:69:12 | [post] arr2 [array[]] | main.rs:70:14:70:17 | arr2 | provenance | |
| main.rs:69:19:69:28 | source(...) | main.rs:69:9:69:12 | [post] arr2 [array[]] | provenance | |
nodes
| main.rs:12:13:12:22 | source(...) | semmle.label | source(...) |
| main.rs:13:10:13:14 | ... + ... | semmle.label | ... + ... |
@@ -10,9 +13,16 @@ nodes
| main.rs:18:10:18:11 | - ... | semmle.label | - ... |
| main.rs:22:13:22:22 | source(...) | semmle.label | source(...) |
| main.rs:24:10:24:17 | b as i64 | semmle.label | b as i64 |
| main.rs:53:19:53:28 | source(...) | semmle.label | source(...) |
| main.rs:54:14:54:19 | arr[1] | semmle.label | arr[1] |
| main.rs:69:9:69:12 | [post] arr2 [array[]] | semmle.label | [post] arr2 [array[]] |
| main.rs:69:19:69:28 | source(...) | semmle.label | source(...) |
| main.rs:70:14:70:17 | arr2 | semmle.label | arr2 |
subpaths
testFailures
#select
| main.rs:13:10:13:14 | ... + ... | main.rs:12:13:12:22 | source(...) | main.rs:13:10:13:14 | ... + ... | $@ | main.rs:12:13:12:22 | source(...) | source(...) |
| main.rs:18:10:18:11 | - ... | main.rs:17:13:17:22 | source(...) | main.rs:18:10:18:11 | - ... | $@ | main.rs:17:13:17:22 | source(...) | source(...) |
| main.rs:24:10:24:17 | b as i64 | main.rs:22:13:22:22 | source(...) | main.rs:24:10:24:17 | b as i64 | $@ | main.rs:22:13:22:22 | source(...) | source(...) |
| main.rs:54:14:54:19 | arr[1] | main.rs:53:19:53:28 | source(...) | main.rs:54:14:54:19 | arr[1] | $@ | main.rs:53:19:53:28 | source(...) | source(...) |
| main.rs:70:14:70:17 | arr2 | main.rs:69:19:69:28 | source(...) | main.rs:70:14:70:17 | arr2 | $@ | main.rs:69:19:69:28 | source(...) | source(...) |

4
rust/ql/test/library-tests/dataflow/taint/main.rs
View File

@@ -51,7 +51,7 @@ mod array_source {
pub fn array_tainted() {
let arr = source(76);
sink(arr[1]); // $ MISSING: hasTaintFlow=76
sink(arr[1]); // $ hasTaintFlow=76
}
}
@@ -67,7 +67,7 @@ mod array_sink {
pub fn array_with_taint() {
let mut arr2 = [1, 2, 3];
arr2[1] = source(36);
sink(arr2); // $ MISSING: hasTaintFlow=36
sink(arr2); // $ hasTaintFlow=36
}
}