hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into gen1

Browse Source
This commit is contained in:
Geoffrey White
2025-10-16 09:35:29 +01:00
parent 510597666a 1936abaaee
commit 217508e2c2
7 changed files with 793 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
rust/ql/lib/change-notes/2025-09-29-actix-web-model.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: majorAnalysis
---
* Added basic models for the `actix-web` web framework.

18
rust/ql/lib/codeql/rust/frameworks/actix-web.model.yml Normal file
View File

@@ -0,0 +1,18 @@
extensions:
- addsTo:
pack: codeql/rust-all
extensible: sourceModel
data:
- ["<actix_web::route::Route>::to", "Argument[0].Parameter[0..7]", "remote", "manual"]
# Actix attributes such as `get` expand to this `to` call on the handler.
- ["<actix_web::resource::Resource>::to", "Argument[0].Parameter[0..7]", "remote", "manual"]
- addsTo:
pack: codeql/rust-all
extensible: summaryModel
data:
- ["<actix_web::types::path::Path>::into_inner", "Argument[self]", "ReturnValue", "taint", "manual"]
- ["<actix_web::types::path::Path>::into_inner", "Argument[self]", "ReturnValue.Field[0]", "taint", "manual"]
- ["<actix_web::types::path::Path>::into_inner", "Argument[self]", "ReturnValue.Field[1]", "taint", "manual"]
- ["<actix_web::types::path::Path>::into_inner", "Argument[self]", "ReturnValue.Field[2]", "taint", "manual"]
- ["<actix_web::types::path::Path>::into_inner", "Argument[self]", "ReturnValue.Field[3]", "taint", "manual"]
- ["<actix_web::types::path::Path>::into_inner", "Argument[self]", "ReturnValue.Field[4]", "taint", "manual"]

0
rust/ql/lib/codeql/rust/frameworks/stdlib/lang-alloc.model.yml → rust/ql/lib/codeql/rust/frameworks/stdlib/alloc.model.yml
View File

0
rust/ql/lib/codeql/rust/frameworks/stdlib/lang-core.model.yml → rust/ql/lib/codeql/rust/frameworks/stdlib/core.model.yml
View File

766
rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected
View File

File diff suppressed because it is too large Load Diff

32
rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
View File

@@ -100,6 +100,38 @@
| web_frameworks.rs:58:14:58:15 | ms | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:68:15:68:15 | a | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:68:15:68:15 | a | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:127:5:127:20 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:127:5:127:20 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:127:5:127:20 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:127:5:127:20 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:127:5:127:20 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:127:5:127:20 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:127:5:127:20 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:127:5:127:20 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:139:41:139:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:139:41:139:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:139:41:139:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:139:41:139:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:139:41:139:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:139:41:139:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:139:41:139:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:139:41:139:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:140:45:140:46 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:140:45:140:46 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:140:45:140:46 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:140:45:140:46 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:140:45:140:46 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:140:45:140:46 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:140:45:140:46 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:140:45:140:46 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:141:41:141:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:141:41:141:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:141:41:141:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:141:41:141:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:141:41:141:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:141:41:141:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:141:41:141:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:141:41:141:42 | to | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:242:33:242:35 | map | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:242:33:242:35 | map | Flow source 'RemoteSource' of type remote (DEFAULT). |
| web_frameworks.rs:242:33:242:35 | map | Flow source 'RemoteSource' of type remote (DEFAULT). |

28
rust/ql/test/library-tests/dataflow/sources/web_frameworks.rs
View File

@@ -95,50 +95,50 @@ mod actix_test {
use actix_web::{get, web, App};
async fn my_actix_handler_1(
path: web::Path<String>, // $ MISSING: Alert[rust/summary/taint-sources]
path: web::Path<String>,
) -> String {
let a = path.into_inner();
sink(a.as_str()); // $ MISSING: hasTaintFlow
sink(a.as_bytes()); // $ MISSING: hasTaintFlow
sink(a); // $ MISSING: hasTaintFlow
sink(a.as_str()); // $ hasTaintFlow=my_actix_handler_1
sink(a.as_bytes()); // $ hasTaintFlow=my_actix_handler_1
sink(a); // $ hasTaintFlow=my_actix_handler_1
"".to_string()
}
async fn my_actix_handler_2(
path: web::Path<(String, String)>, // $ MISSING: Alert[rust/summary/taint-sources]
path: web::Path<(String, String)>,
) -> String {
let (a, b) = path.into_inner();
sink(a); // $ MISSING: hasTaintFlow
sink(b); // $ MISSING: hasTaintFlow
sink(a); // $ hasTaintFlow=my_actix_handler_2
sink(b); // $ hasTaintFlow=my_actix_handler_2
"".to_string()
}
async fn my_actix_handler_3(
web::Query(a): web::Query<String>, // $ MISSING: Alert[rust/summary/taint-sources]
web::Query(a): web::Query<String>,
) -> String {
sink(a); // $ MISSING: hasTaintFlow
"".to_string()
}
#[get("/4/{a}")]
#[get("/4/{a}")] // $ Alert[rust/summary/taint-sources]
async fn my_actix_handler_4(
path: web::Path<String>, // $ MISSING: Alert[rust/summary/taint-sources]
path: web::Path<String>,
) -> String {
let a = path.into_inner();
sink(a); // $ MISSING: hasTaintFlow
sink(a); // $ hasTaintFlow=my_actix_handler_4
"".to_string()
}
async fn test_actix() {
let app = App::new()
.route("/1/{a}", web::get().to(my_actix_handler_1))
.route("/2/{a}/{b}", web::get().to(my_actix_handler_2))
.route("/3/{a}", web::get().to(my_actix_handler_3))
.route("/1/{a}", web::get().to(my_actix_handler_1)) // $ Alert[rust/summary/taint-sources]
.route("/2/{a}/{b}", web::get().to(my_actix_handler_2)) // $ Alert[rust/summary/taint-sources]
.route("/3/{a}", web::get().to(my_actix_handler_3)) // $ Alert[rust/summary/taint-sources]
.service(my_actix_handler_4);
// ...