hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #20452 from paldepind/rust/mad-source-parameter

Browse Source 
Rust, shared: Support `Parameter` in source MaD models
This commit is contained in:
Simon Friis Vindum
2025-09-24 09:37:25 +02:00
committed by GitHub
parent 2e8091f0fb 1183e50435
commit 26aa938acc
23 changed files with 998 additions and 684 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cpp/ql/lib/semmle/code/cpp/dataflow/internal/FlowSummaryImpl.qll
View File

@@ -104,7 +104,9 @@ private module StepsInput implements Impl::Private::StepsInputSig {
result.getStaticCallTarget().getUnderlyingCallable() = sc
}
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponent sc) { none() }
DataFlowCallable getSourceNodeEnclosingCallable(Input::SourceBase source) { none() }
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponentStack s) { none() }
Node getSinkNode(Input::SinkBase sink, Impl::Private::SummaryComponent sc) { none() }
}

6
csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll
View File

@@ -183,7 +183,7 @@ private module TypesInput implements Impl::Private::TypesInputSig {
)
}
DataFlowType getSourceType(Input::SourceBase source, Impl::Private::SummaryComponent sc) {
DataFlowType getSourceType(Input::SourceBase source, Impl::Private::SummaryComponentStack s) {
none()
}
@@ -195,7 +195,9 @@ private module StepsInput implements Impl::Private::StepsInputSig {
sc = viableCallable(result).asSummarizedCallable()
}
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponent sc) { none() }
DataFlowCallable getSourceNodeEnclosingCallable(Input::SourceBase source) { none() }
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponentStack s) { none() }
Node getSinkNode(Input::SinkBase sink, Impl::Private::SummaryComponent sc) { none() }
}

4
go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll
View File

@@ -117,7 +117,9 @@ private module StepsInput implements Impl::Private::StepsInputSig {
)
}
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponent sc) { none() }
DataFlowCallable getSourceNodeEnclosingCallable(Input::SourceBase source) { none() }
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponentStack s) { none() }
Node getSinkNode(Input::SinkBase sink, Impl::Private::SummaryComponent sc) { none() }
}

6
java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll
View File

@@ -132,7 +132,7 @@ private module TypesInput implements Impl::Private::TypesInputSig {
exists(rk)
}
DataFlowType getSourceType(Input::SourceBase source, Impl::Private::SummaryComponent sc) {
DataFlowType getSourceType(Input::SourceBase source, Impl::Private::SummaryComponentStack s) {
none()
}
@@ -144,7 +144,9 @@ private module StepsInput implements Impl::Private::StepsInputSig {
sc = viableCallable(result).asSummarizedCallable()
}
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponent sc) { none() }
DataFlowCallable getSourceNodeEnclosingCallable(Input::SourceBase source) { none() }
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponentStack s) { none() }
Node getSinkNode(Input::SinkBase sink, Impl::Private::SummaryComponent sc) { none() }
}

4
javascript/ql/lib/semmle/javascript/dataflow/internal/FlowSummaryPrivate.qll
View File

@@ -150,7 +150,9 @@ private module FlowSummaryStepInput implements Private::StepsInputSig {
)
}
DataFlow::Node getSourceNode(SourceBase source, Private::SummaryComponent sc) { none() }
DataFlowCallable getSourceNodeEnclosingCallable(SourceBase source) { none() }
DataFlow::Node getSourceNode(SourceBase source, Private::SummaryComponentStack s) { none() }
DataFlow::Node getSinkNode(SinkBase sink, Private::SummaryComponent sc) { none() }
}

4
python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll
View File

@@ -105,7 +105,9 @@ private module StepsInput implements Impl::Private::StepsInputSig {
])
}
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponent sc) { none() }
DataFlowCallable getSourceNodeEnclosingCallable(Input::SourceBase source) { none() }
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponentStack s) { none() }
Node getSinkNode(Input::SinkBase sink, Impl::Private::SummaryComponent sc) { none() }
}

4
ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll
View File

@@ -161,7 +161,9 @@ private module StepsInput implements Impl::Private::StepsInputSig {
result.asCall().getAstNode() = sc.(LibraryCallable).getACallSimple()
}
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponent sc) { none() }
DataFlowCallable getSourceNodeEnclosingCallable(Input::SourceBase source) { none() }
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponentStack s) { none() }
Node getSinkNode(Input::SinkBase sink, Impl::Private::SummaryComponent sc) { none() }
}

7
rust/ql/lib/change-notes/2025-09-19-parameter-mad.md Normal file
View File

@@ -0,0 +1,7 @@
---
category: feature
---
* The models-as-data format for sources now supports access paths of the form
`Argument[i].Parameter[j]`. This denotes that the source passes tainted data to
the `j`th parameter of its `i`th argument (which must be a function or a
closure).

3
rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
View File

@@ -508,7 +508,8 @@ module RustDataFlow implements InputSig<Location> {
*/
predicate jumpStep(Node node1, Node node2) {
FlowSummaryImpl::Private::Steps::summaryJumpStep(node1.(FlowSummaryNode).getSummaryNode(),
node2.(FlowSummaryNode).getSummaryNode())
node2.(FlowSummaryNode).getSummaryNode()) or
FlowSummaryImpl::Private::Steps::sourceJumpStep(node1.(FlowSummaryNode).getSummaryNode(), node2)
}
pragma[nomagic]

45
rust/ql/lib/codeql/rust/dataflow/internal/FlowSummaryImpl.qll
View File

@@ -6,7 +6,10 @@ private import rust
private import codeql.dataflow.internal.FlowSummaryImpl
private import codeql.dataflow.internal.AccessPathSyntax as AccessPath
private import codeql.rust.dataflow.internal.DataFlowImpl
private import codeql.rust.internal.PathResolution
private import codeql.rust.dataflow.FlowSummary
private import codeql.rust.dataflow.Ssa
private import codeql.rust.controlflow.CfgNodes
private import Content
module Input implements InputSig<Location, RustDataFlow> {
@@ -133,16 +136,44 @@ private module StepsInput implements Impl::Private::StepsInputSig {
result.asCallCfgNode().getCall().getStaticTarget() = sc
}
RustDataFlow::Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponent sc) {
sc = Impl::Private::SummaryComponent::return(_) and
/** Gets the argument of `source` described by `sc`, if any. */
private Expr getSourceNodeArgument(Input::SourceBase source, Impl::Private::SummaryComponent sc) {
exists(ArgumentPosition pos |
sc = Impl::Private::SummaryComponent::argument(pos) and
result = pos.getArgument(source.getCall())
)
}
/** Get the callable that `expr` refers to. */
private Callable getCallable(Expr expr) {
result = resolvePath(expr.(PathExpr).getPath()).(Function)
or
result = expr.(ClosureExpr)
or
// The expression is an SSA read of an assignment of a closure
exists(Ssa::Definition def, ExprCfgNode value |
def.getARead().getAstNode() = expr and
def.getAnUltimateDefinition().(Ssa::WriteDefinition).assigns(value) and
result = value.getExpr().(ClosureExpr)
)
}
RustDataFlow::DataFlowCallable getSourceNodeEnclosingCallable(Input::SourceBase source) {
result.asCfgScope() = source.getEnclosingCfgScope()
}
RustDataFlow::Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponentStack s) {
s.head() = Impl::Private::SummaryComponent::return(_) and
result.asExpr().getExpr() = source.getCall()
or
exists(CallExprBase call, Expr arg, ArgumentPosition pos |
result.(RustDataFlow::PostUpdateNode).getPreUpdateNode().asExpr().getExpr() = arg and
sc = Impl::Private::SummaryComponent::argument(pos) and
call = source.getCall() and
arg = pos.getArgument(call)
exists(ArgumentPosition pos, Expr arg |
s.head() = Impl::Private::SummaryComponent::parameter(pos) and
arg = getSourceNodeArgument(source, s.tail().headOfSingleton()) and
result.asParameter() = getCallable(arg).getParam(pos.getPosition())
)
or
result.(RustDataFlow::PostUpdateNode).getPreUpdateNode().asExpr().getExpr() =
getSourceNodeArgument(source, s.headOfSingleton())
}
RustDataFlow::Node getSinkNode(Input::SinkBase sink, Impl::Private::SummaryComponent sc) {

7
rust/ql/lib/utils/test/InlineFlowTest.qll
View File

@@ -34,10 +34,9 @@ private module FlowTestImpl implements InputSig<Location, RustDataFlow> {
result = src.asExpr().(CallExprCfgNode).getArgument(0).toString()
or
sourceNode(src, _) and
exists(CallExprBase call |
call = src.(Node::FlowSummaryNode).getSourceElement().getCall() and
result = call.getArgList().getArg(0).toString()
)
result = src.(Node::FlowSummaryNode).getSourceElement().getCall().getArg(0).toString() and
// Don't use the result if it contains spaces
not result.matches("% %")
}
bindingset[src, sink]

2
rust/ql/test/library-tests/dataflow/models/CONSISTENCY/PathResolutionConsistency.expected
View File

@@ -1,2 +1,2 @@
multipleCallTargets
| main.rs:362:14:362:30 | ... .lt(...) |
| main.rs:389:14:389:30 | ... .lt(...) |

27
rust/ql/test/library-tests/dataflow/models/main.rs
View File

@@ -249,6 +249,33 @@ fn test_enum_method_source() {
}
}
mod source_into_function {
use super::sink;
// has a source model
fn pass_source<A>(_i: i64, f: impl FnOnce(i64) -> A) -> A {
f(42)
}
fn test_source_into_function() {
let a = |a| sink(a); // $ hasValueFlow=1
pass_source(1, a);
pass_source(2, |a| {
sink(a); // $ hasValueFlow=2
});
fn f(a: i64) {
sink(a) // $ hasValueFlow=3
}
pass_source(3, f);
pass_source(4, async move |a| {
sink(a); // $ hasValueFlow=4
});
}
}
// has a sink model
fn enum_sink(e: MyFieldEnum) {}

475
rust/ql/test/library-tests/dataflow/models/models.expected
View File

@@ -6,22 +6,23 @@ models
| 5 | Source: main::arg_source; Argument[0]; test-source |
| 6 | Source: main::enum_source; ReturnValue.Field[main::MyFieldEnum::D::field_d]; test-source |
| 7 | Source: main::simple_source; ReturnValue; test-source |
| 8 | Summary: <_ as core::cmp::Ord>::max; Argument[self]; ReturnValue; value |
| 9 | Summary: <_ as core::cmp::PartialOrd>::lt; Argument[self].Reference; ReturnValue; taint |
| 10 | Summary: main::apply; Argument[0]; Argument[1].Parameter[0]; value |
| 11 | Summary: main::apply; Argument[1].ReturnValue; ReturnValue; value |
| 12 | Summary: main::coerce; Argument[0]; ReturnValue; taint |
| 13 | Summary: main::get_array_element; Argument[0].Element; ReturnValue; value |
| 14 | Summary: main::get_async_number; Argument[0]; ReturnValue.Future; value |
| 15 | Summary: main::get_struct_field; Argument[0].Field[main::MyStruct::field1]; ReturnValue; value |
| 16 | Summary: main::get_tuple_element; Argument[0].Field[0]; ReturnValue; value |
| 17 | Summary: main::get_var_field; Argument[0].Field[main::MyFieldEnum::C::field_c]; ReturnValue; value |
| 18 | Summary: main::get_var_pos; Argument[0].Field[main::MyPosEnum::A(0)]; ReturnValue; value |
| 19 | Summary: main::set_array_element; Argument[0]; ReturnValue.Element; value |
| 20 | Summary: main::set_struct_field; Argument[0]; ReturnValue.Field[main::MyStruct::field2]; value |
| 21 | Summary: main::set_tuple_element; Argument[0]; ReturnValue.Field[1]; value |
| 22 | Summary: main::set_var_field; Argument[0]; ReturnValue.Field[main::MyFieldEnum::D::field_d]; value |
| 23 | Summary: main::set_var_pos; Argument[0]; ReturnValue.Field[main::MyPosEnum::B(0)]; value |
| 8 | Source: main::source_into_function::pass_source; Argument[1].Parameter[0]; test-source |
| 9 | Summary: <_ as core::cmp::Ord>::max; Argument[self]; ReturnValue; value |
| 10 | Summary: <_ as core::cmp::PartialOrd>::lt; Argument[self].Reference; ReturnValue; taint |
| 11 | Summary: main::apply; Argument[0]; Argument[1].Parameter[0]; value |
| 12 | Summary: main::apply; Argument[1].ReturnValue; ReturnValue; value |
| 13 | Summary: main::coerce; Argument[0]; ReturnValue; taint |
| 14 | Summary: main::get_array_element; Argument[0].Element; ReturnValue; value |
| 15 | Summary: main::get_async_number; Argument[0]; ReturnValue.Future; value |
| 16 | Summary: main::get_struct_field; Argument[0].Field[main::MyStruct::field1]; ReturnValue; value |
| 17 | Summary: main::get_tuple_element; Argument[0].Field[0]; ReturnValue; value |
| 18 | Summary: main::get_var_field; Argument[0].Field[main::MyFieldEnum::C::field_c]; ReturnValue; value |
| 19 | Summary: main::get_var_pos; Argument[0].Field[main::MyPosEnum::A(0)]; ReturnValue; value |
| 20 | Summary: main::set_array_element; Argument[0]; ReturnValue.Element; value |
| 21 | Summary: main::set_struct_field; Argument[0]; ReturnValue.Field[main::MyStruct::field2]; value |
| 22 | Summary: main::set_tuple_element; Argument[0]; ReturnValue.Field[1]; value |
| 23 | Summary: main::set_var_field; Argument[0]; ReturnValue.Field[main::MyFieldEnum::D::field_d]; value |
| 24 | Summary: main::set_var_pos; Argument[0]; ReturnValue.Field[main::MyPosEnum::B(0)]; value |
edges
| main.rs:15:9:15:9 | s | main.rs:16:19:16:19 | s | provenance | |
| main.rs:15:9:15:9 | s | main.rs:16:19:16:19 | s | provenance | |
@@ -31,7 +32,7 @@ edges
| main.rs:16:19:16:19 | s | main.rs:16:10:16:20 | identity(...) | provenance | QL |
| main.rs:25:9:25:9 | s | main.rs:26:17:26:17 | s | provenance | |
| main.rs:25:13:25:22 | source(...) | main.rs:25:9:25:9 | s | provenance | |
| main.rs:26:17:26:17 | s | main.rs:26:10:26:18 | coerce(...) | provenance | MaD:12 |
| main.rs:26:17:26:17 | s | main.rs:26:10:26:18 | coerce(...) | provenance | MaD:13 |
| main.rs:40:9:40:9 | s | main.rs:41:27:41:27 | s | provenance | |
| main.rs:40:9:40:9 | s | main.rs:41:27:41:27 | s | provenance | |
| main.rs:40:13:40:21 | source(...) | main.rs:40:9:40:9 | s | provenance | |
@@ -42,8 +43,8 @@ edges
| main.rs:41:14:41:28 | ...::A(...) [A] | main.rs:41:9:41:10 | e1 [A] | provenance | |
| main.rs:41:27:41:27 | s | main.rs:41:14:41:28 | ...::A(...) [A] | provenance | |
| main.rs:41:27:41:27 | s | main.rs:41:14:41:28 | ...::A(...) [A] | provenance | |
| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:18 |
| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:18 |
| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:19 |
| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:19 |
| main.rs:53:9:53:9 | s | main.rs:54:26:54:26 | s | provenance | |
| main.rs:53:9:53:9 | s | main.rs:54:26:54:26 | s | provenance | |
| main.rs:53:13:53:21 | source(...) | main.rs:53:9:53:9 | s | provenance | |
@@ -52,8 +53,8 @@ edges
| main.rs:54:9:54:10 | e1 [B] | main.rs:55:11:55:12 | e1 [B] | provenance | |
| main.rs:54:14:54:27 | set_var_pos(...) [B] | main.rs:54:9:54:10 | e1 [B] | provenance | |
| main.rs:54:14:54:27 | set_var_pos(...) [B] | main.rs:54:9:54:10 | e1 [B] | provenance | |
| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:23 |
| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:23 |
| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:24 |
| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:24 |
| main.rs:55:11:55:12 | e1 [B] | main.rs:57:9:57:23 | ...::B(...) [B] | provenance | |
| main.rs:55:11:55:12 | e1 [B] | main.rs:57:9:57:23 | ...::B(...) [B] | provenance | |
| main.rs:57:9:57:23 | ...::B(...) [B] | main.rs:57:22:57:22 | i | provenance | |
@@ -70,8 +71,8 @@ edges
| main.rs:73:14:73:42 | ...::C {...} [C] | main.rs:73:9:73:10 | e1 [C] | provenance | |
| main.rs:73:40:73:40 | s | main.rs:73:14:73:42 | ...::C {...} [C] | provenance | |
| main.rs:73:40:73:40 | s | main.rs:73:14:73:42 | ...::C {...} [C] | provenance | |
| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:17 |
| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:17 |
| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:18 |
| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:18 |
| main.rs:85:9:85:9 | s | main.rs:86:28:86:28 | s | provenance | |
| main.rs:85:9:85:9 | s | main.rs:86:28:86:28 | s | provenance | |
| main.rs:85:13:85:21 | source(...) | main.rs:85:9:85:9 | s | provenance | |
@@ -80,8 +81,8 @@ edges
| main.rs:86:9:86:10 | e1 [D] | main.rs:87:11:87:12 | e1 [D] | provenance | |
| main.rs:86:14:86:29 | set_var_field(...) [D] | main.rs:86:9:86:10 | e1 [D] | provenance | |
| main.rs:86:14:86:29 | set_var_field(...) [D] | main.rs:86:9:86:10 | e1 [D] | provenance | |
| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:22 |
| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:22 |
| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:23 |
| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:23 |
| main.rs:87:11:87:12 | e1 [D] | main.rs:89:9:89:37 | ...::D {...} [D] | provenance | |
| main.rs:87:11:87:12 | e1 [D] | main.rs:89:9:89:37 | ...::D {...} [D] | provenance | |
| main.rs:89:9:89:37 | ...::D {...} [D] | main.rs:89:35:89:35 | i | provenance | |
@@ -98,8 +99,8 @@ edges
| main.rs:105:21:108:5 | MyStruct {...} [MyStruct.field1] | main.rs:105:9:105:17 | my_struct [MyStruct.field1] | provenance | |
| main.rs:106:17:106:17 | s | main.rs:105:21:108:5 | MyStruct {...} [MyStruct.field1] | provenance | |
| main.rs:106:17:106:17 | s | main.rs:105:21:108:5 | MyStruct {...} [MyStruct.field1] | provenance | |
| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:15 |
| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:15 |
| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:16 |
| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:16 |
| main.rs:126:9:126:9 | s | main.rs:127:38:127:38 | s | provenance | |
| main.rs:126:9:126:9 | s | main.rs:127:38:127:38 | s | provenance | |
| main.rs:126:13:126:21 | source(...) | main.rs:126:9:126:9 | s | provenance | |
@@ -108,16 +109,16 @@ edges
| main.rs:127:9:127:17 | my_struct [MyStruct.field2] | main.rs:129:10:129:18 | my_struct [MyStruct.field2] | provenance | |
| main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | main.rs:127:9:127:17 | my_struct [MyStruct.field2] | provenance | |
| main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | main.rs:127:9:127:17 | my_struct [MyStruct.field2] | provenance | |
| main.rs:127:38:127:38 | s | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | provenance | MaD:20 |
| main.rs:127:38:127:38 | s | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | provenance | MaD:20 |
| main.rs:127:38:127:38 | s | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | provenance | MaD:21 |
| main.rs:127:38:127:38 | s | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | provenance | MaD:21 |
| main.rs:129:10:129:18 | my_struct [MyStruct.field2] | main.rs:129:10:129:25 | my_struct.field2 | provenance | |
| main.rs:129:10:129:18 | my_struct [MyStruct.field2] | main.rs:129:10:129:25 | my_struct.field2 | provenance | |
| main.rs:138:9:138:9 | s | main.rs:139:29:139:29 | s | provenance | |
| main.rs:138:9:138:9 | s | main.rs:139:29:139:29 | s | provenance | |
| main.rs:138:13:138:21 | source(...) | main.rs:138:9:138:9 | s | provenance | |
| main.rs:138:13:138:21 | source(...) | main.rs:138:9:138:9 | s | provenance | |
| main.rs:139:28:139:30 | [...] [element] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:13 |
| main.rs:139:28:139:30 | [...] [element] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:13 |
| main.rs:139:28:139:30 | [...] [element] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:14 |
| main.rs:139:28:139:30 | [...] [element] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:14 |
| main.rs:139:29:139:29 | s | main.rs:139:28:139:30 | [...] [element] | provenance | |
| main.rs:139:29:139:29 | s | main.rs:139:28:139:30 | [...] [element] | provenance | |
| main.rs:148:9:148:9 | s | main.rs:149:33:149:33 | s | provenance | |
@@ -128,8 +129,8 @@ edges
| main.rs:149:9:149:11 | arr [element] | main.rs:150:10:150:12 | arr [element] | provenance | |
| main.rs:149:15:149:34 | set_array_element(...) [element] | main.rs:149:9:149:11 | arr [element] | provenance | |
| main.rs:149:15:149:34 | set_array_element(...) [element] | main.rs:149:9:149:11 | arr [element] | provenance | |
| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [element] | provenance | MaD:19 |
| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [element] | provenance | MaD:19 |
| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [element] | provenance | MaD:20 |
| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [element] | provenance | MaD:20 |
| main.rs:150:10:150:12 | arr [element] | main.rs:150:10:150:15 | arr[0] | provenance | |
| main.rs:150:10:150:12 | arr [element] | main.rs:150:10:150:15 | arr[0] | provenance | |
| main.rs:159:9:159:9 | s | main.rs:160:14:160:14 | s | provenance | |
@@ -142,8 +143,8 @@ edges
| main.rs:160:13:160:18 | TupleExpr [tuple.0] | main.rs:160:9:160:9 | t [tuple.0] | provenance | |
| main.rs:160:14:160:14 | s | main.rs:160:13:160:18 | TupleExpr [tuple.0] | provenance | |
| main.rs:160:14:160:14 | s | main.rs:160:13:160:18 | TupleExpr [tuple.0] | provenance | |
| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:16 |
| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:16 |
| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:17 |
| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:17 |
| main.rs:172:9:172:9 | s | main.rs:173:31:173:31 | s | provenance | |
| main.rs:172:9:172:9 | s | main.rs:173:31:173:31 | s | provenance | |
| main.rs:172:13:172:22 | source(...) | main.rs:172:9:172:9 | s | provenance | |
@@ -152,8 +153,8 @@ edges
| main.rs:173:9:173:9 | t [tuple.1] | main.rs:175:10:175:10 | t [tuple.1] | provenance | |
| main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | main.rs:173:9:173:9 | t [tuple.1] | provenance | |
| main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | main.rs:173:9:173:9 | t [tuple.1] | provenance | |
| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:21 |
| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:21 |
| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:22 |
| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:22 |
| main.rs:175:10:175:10 | t [tuple.1] | main.rs:175:10:175:12 | t.1 | provenance | |
| main.rs:175:10:175:10 | t [tuple.1] | main.rs:175:10:175:12 | t.1 | provenance | |
| main.rs:187:9:187:9 | s | main.rs:192:11:192:11 | s | provenance | |
@@ -162,8 +163,8 @@ edges
| main.rs:187:13:187:22 | source(...) | main.rs:187:9:187:9 | s | provenance | |
| main.rs:188:14:188:14 | ... | main.rs:189:14:189:14 | n | provenance | |
| main.rs:188:14:188:14 | ... | main.rs:189:14:189:14 | n | provenance | |
| main.rs:192:11:192:11 | s | main.rs:188:14:188:14 | ... | provenance | MaD:10 |
| main.rs:192:11:192:11 | s | main.rs:188:14:188:14 | ... | provenance | MaD:10 |
| main.rs:192:11:192:11 | s | main.rs:188:14:188:14 | ... | provenance | MaD:11 |
| main.rs:192:11:192:11 | s | main.rs:188:14:188:14 | ... | provenance | MaD:11 |
| main.rs:196:13:196:22 | source(...) | main.rs:198:23:198:23 | f [captured s] | provenance | |
| main.rs:196:13:196:22 | source(...) | main.rs:198:23:198:23 | f [captured s] | provenance | |
| main.rs:197:40:197:40 | s | main.rs:197:17:197:42 | if ... {...} else {...} | provenance | |
@@ -172,14 +173,14 @@ edges
| main.rs:198:9:198:9 | t | main.rs:199:10:199:10 | t | provenance | |
| main.rs:198:13:198:24 | apply(...) | main.rs:198:9:198:9 | t | provenance | |
| main.rs:198:13:198:24 | apply(...) | main.rs:198:9:198:9 | t | provenance | |
| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:10 |
| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:10 |
| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:11 |
| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:11 |
| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:10 |
| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:10 |
| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:12 |
| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:12 |
| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:11 |
| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:11 |
| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:12 |
| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:12 |
| main.rs:203:9:203:9 | s | main.rs:205:19:205:19 | s | provenance | |
| main.rs:203:9:203:9 | s | main.rs:205:19:205:19 | s | provenance | |
| main.rs:203:13:203:22 | source(...) | main.rs:203:9:203:9 | s | provenance | |
@@ -190,10 +191,10 @@ edges
| main.rs:205:9:205:9 | t | main.rs:206:10:206:10 | t | provenance | |
| main.rs:205:13:205:23 | apply(...) | main.rs:205:9:205:9 | t | provenance | |
| main.rs:205:13:205:23 | apply(...) | main.rs:205:9:205:9 | t | provenance | |
| main.rs:205:19:205:19 | s | main.rs:204:14:204:14 | ... | provenance | MaD:10 |
| main.rs:205:19:205:19 | s | main.rs:204:14:204:14 | ... | provenance | MaD:10 |
| main.rs:205:19:205:19 | s | main.rs:205:13:205:23 | apply(...) | provenance | MaD:10 |
| main.rs:205:19:205:19 | s | main.rs:205:13:205:23 | apply(...) | provenance | MaD:10 |
| main.rs:205:19:205:19 | s | main.rs:204:14:204:14 | ... | provenance | MaD:11 |
| main.rs:205:19:205:19 | s | main.rs:204:14:204:14 | ... | provenance | MaD:11 |
| main.rs:205:19:205:19 | s | main.rs:205:13:205:23 | apply(...) | provenance | MaD:11 |
| main.rs:205:19:205:19 | s | main.rs:205:13:205:23 | apply(...) | provenance | MaD:11 |
| main.rs:215:9:215:9 | s | main.rs:216:30:216:30 | s | provenance | |
| main.rs:215:9:215:9 | s | main.rs:216:30:216:30 | s | provenance | |
| main.rs:215:13:215:22 | source(...) | main.rs:215:9:215:9 | s | provenance | |
@@ -204,8 +205,8 @@ edges
| main.rs:216:13:216:31 | get_async_number(...) [future] | main.rs:216:13:216:37 | await ... | provenance | |
| main.rs:216:13:216:37 | await ... | main.rs:216:9:216:9 | t | provenance | |
| main.rs:216:13:216:37 | await ... | main.rs:216:9:216:9 | t | provenance | |
| main.rs:216:30:216:30 | s | main.rs:216:13:216:31 | get_async_number(...) [future] | provenance | MaD:14 |
| main.rs:216:30:216:30 | s | main.rs:216:13:216:31 | get_async_number(...) [future] | provenance | MaD:14 |
| main.rs:216:30:216:30 | s | main.rs:216:13:216:31 | get_async_number(...) [future] | provenance | MaD:15 |
| main.rs:216:30:216:30 | s | main.rs:216:13:216:31 | get_async_number(...) [future] | provenance | MaD:15 |
| main.rs:236:9:236:9 | s [D] | main.rs:237:11:237:11 | s [D] | provenance | |
| main.rs:236:9:236:9 | s [D] | main.rs:237:11:237:11 | s [D] | provenance | |
| main.rs:236:13:236:23 | enum_source | main.rs:236:13:236:27 | enum_source(...) [D] | provenance | Src:MaD:6 |
@@ -230,70 +231,86 @@ edges
| main.rs:247:9:247:37 | ...::C {...} [C] | main.rs:247:35:247:35 | i | provenance | |
| main.rs:247:35:247:35 | i | main.rs:247:47:247:47 | i | provenance | |
| main.rs:247:35:247:35 | i | main.rs:247:47:247:47 | i | provenance | |
| main.rs:256:9:256:9 | s | main.rs:257:41:257:41 | s | provenance | |
| main.rs:256:9:256:9 | s | main.rs:257:41:257:41 | s | provenance | |
| main.rs:256:13:256:22 | source(...) | main.rs:256:9:256:9 | s | provenance | |
| main.rs:256:13:256:22 | source(...) | main.rs:256:9:256:9 | s | provenance | |
| main.rs:257:15:257:43 | ...::C {...} [C] | main.rs:257:5:257:13 | enum_sink | provenance | MaD:2 Sink:MaD:2 |
| main.rs:257:15:257:43 | ...::C {...} [C] | main.rs:257:5:257:13 | enum_sink | provenance | MaD:2 Sink:MaD:2 |
| main.rs:257:41:257:41 | s | main.rs:257:15:257:43 | ...::C {...} [C] | provenance | |
| main.rs:257:41:257:41 | s | main.rs:257:15:257:43 | ...::C {...} [C] | provenance | |
| main.rs:262:9:262:9 | s | main.rs:263:39:263:39 | s | provenance | |
| main.rs:262:9:262:9 | s | main.rs:263:39:263:39 | s | provenance | |
| main.rs:262:13:262:22 | source(...) | main.rs:262:9:262:9 | s | provenance | |
| main.rs:262:13:262:22 | source(...) | main.rs:262:9:262:9 | s | provenance | |
| main.rs:263:9:263:9 | e [D] | main.rs:264:5:264:5 | e [D] | provenance | |
| main.rs:263:9:263:9 | e [D] | main.rs:264:5:264:5 | e [D] | provenance | |
| main.rs:263:13:263:41 | ...::D {...} [D] | main.rs:263:9:263:9 | e [D] | provenance | |
| main.rs:263:13:263:41 | ...::D {...} [D] | main.rs:263:9:263:9 | e [D] | provenance | |
| main.rs:263:39:263:39 | s | main.rs:263:13:263:41 | ...::D {...} [D] | provenance | |
| main.rs:263:39:263:39 | s | main.rs:263:13:263:41 | ...::D {...} [D] | provenance | |
| main.rs:264:5:264:5 | e [D] | main.rs:264:7:264:10 | sink | provenance | MaD:1 Sink:MaD:1 |
| main.rs:264:5:264:5 | e [D] | main.rs:264:7:264:10 | sink | provenance | MaD:1 Sink:MaD:1 |
| main.rs:273:9:273:9 | s | main.rs:274:10:274:10 | s | provenance | |
| main.rs:273:9:273:9 | s | main.rs:274:10:274:10 | s | provenance | |
| main.rs:273:13:273:25 | simple_source | main.rs:273:13:273:29 | simple_source(...) | provenance | Src:MaD:7 MaD:7 |
| main.rs:273:13:273:25 | simple_source | main.rs:273:13:273:29 | simple_source(...) | provenance | Src:MaD:7 MaD:7 |
| main.rs:273:13:273:29 | simple_source(...) | main.rs:273:9:273:9 | s | provenance | |
| main.rs:273:13:273:29 | simple_source(...) | main.rs:273:9:273:9 | s | provenance | |
| main.rs:281:9:281:9 | s | main.rs:282:17:282:17 | s | provenance | |
| main.rs:281:9:281:9 | s | main.rs:282:17:282:17 | s | provenance | |
| main.rs:281:13:281:22 | source(...) | main.rs:281:9:281:9 | s | provenance | |
| main.rs:281:13:281:22 | source(...) | main.rs:281:9:281:9 | s | provenance | |
| main.rs:282:17:282:17 | s | main.rs:282:5:282:15 | simple_sink | provenance | MaD:3 Sink:MaD:3 |
| main.rs:282:17:282:17 | s | main.rs:282:5:282:15 | simple_sink | provenance | MaD:3 Sink:MaD:3 |
| main.rs:290:5:290:14 | arg_source | main.rs:290:16:290:16 | [post] i | provenance | Src:MaD:5 MaD:5 |
| main.rs:290:5:290:14 | arg_source | main.rs:290:16:290:16 | [post] i | provenance | Src:MaD:5 MaD:5 |
| main.rs:290:16:290:16 | [post] i | main.rs:291:10:291:10 | i | provenance | |
| main.rs:290:16:290:16 | [post] i | main.rs:291:10:291:10 | i | provenance | |
| main.rs:343:9:343:10 | x1 | main.rs:344:10:344:11 | x1 | provenance | |
| main.rs:343:9:343:10 | x1 | main.rs:344:10:344:11 | x1 | provenance | |
| main.rs:343:14:343:23 | source(...) | main.rs:343:14:343:30 | ... .max(...) | provenance | MaD:8 |
| main.rs:343:14:343:23 | source(...) | main.rs:343:14:343:30 | ... .max(...) | provenance | MaD:8 |
| main.rs:343:14:343:30 | ... .max(...) | main.rs:343:9:343:10 | x1 | provenance | |
| main.rs:343:14:343:30 | ... .max(...) | main.rs:343:9:343:10 | x1 | provenance | |
| main.rs:346:9:346:10 | x2 [MyStruct.field1] | main.rs:354:10:354:11 | x2 [MyStruct.field1] | provenance | |
| main.rs:346:9:346:10 | x2 [MyStruct.field1] | main.rs:354:10:354:11 | x2 [MyStruct.field1] | provenance | |
| main.rs:346:14:353:6 | ... .max(...) [MyStruct.field1] | main.rs:346:9:346:10 | x2 [MyStruct.field1] | provenance | |
| main.rs:346:14:353:6 | ... .max(...) [MyStruct.field1] | main.rs:346:9:346:10 | x2 [MyStruct.field1] | provenance | |
| main.rs:346:15:349:5 | MyStruct {...} [MyStruct.field1] | main.rs:346:14:353:6 | ... .max(...) [MyStruct.field1] | provenance | MaD:8 |
| main.rs:346:15:349:5 | MyStruct {...} [MyStruct.field1] | main.rs:346:14:353:6 | ... .max(...) [MyStruct.field1] | provenance | MaD:8 |
| main.rs:347:17:347:26 | source(...) | main.rs:346:15:349:5 | MyStruct {...} [MyStruct.field1] | provenance | |
| main.rs:347:17:347:26 | source(...) | main.rs:346:15:349:5 | MyStruct {...} [MyStruct.field1] | provenance | |
| main.rs:354:10:354:11 | x2 [MyStruct.field1] | main.rs:354:10:354:18 | x2.field1 | provenance | |
| main.rs:354:10:354:11 | x2 [MyStruct.field1] | main.rs:354:10:354:18 | x2.field1 | provenance | |
| main.rs:359:9:359:10 | x4 | main.rs:360:10:360:11 | x4 | provenance | |
| main.rs:359:9:359:10 | x4 | main.rs:360:10:360:11 | x4 | provenance | |
| main.rs:359:14:359:23 | source(...) | main.rs:359:14:359:30 | ... .max(...) | provenance | MaD:8 |
| main.rs:359:14:359:23 | source(...) | main.rs:359:14:359:30 | ... .max(...) | provenance | MaD:8 |
| main.rs:359:14:359:30 | ... .max(...) | main.rs:359:9:359:10 | x4 | provenance | |
| main.rs:359:14:359:30 | ... .max(...) | main.rs:359:9:359:10 | x4 | provenance | |
| main.rs:362:9:362:10 | x5 | main.rs:363:10:363:11 | x5 | provenance | |
| main.rs:362:14:362:23 | source(...) | main.rs:362:14:362:30 | ... .lt(...) | provenance | MaD:9 |
| main.rs:362:14:362:30 | ... .lt(...) | main.rs:362:9:362:10 | x5 | provenance | |
| main.rs:365:9:365:10 | x6 | main.rs:366:10:366:11 | x6 | provenance | |
| main.rs:365:14:365:23 | source(...) | main.rs:365:14:365:27 | ... < ... | provenance | MaD:9 |
| main.rs:365:14:365:27 | ... < ... | main.rs:365:9:365:10 | x6 | provenance | |
| main.rs:261:18:261:18 | ... | main.rs:261:26:261:26 | a | provenance | |
| main.rs:261:18:261:18 | ... | main.rs:261:26:261:26 | a | provenance | |
| main.rs:262:9:262:19 | pass_source | main.rs:261:18:261:18 | ... | provenance | Src:MaD:8 |
| main.rs:262:9:262:19 | pass_source | main.rs:261:18:261:18 | ... | provenance | Src:MaD:8 |
| main.rs:264:9:264:19 | pass_source | main.rs:264:25:264:25 | ... | provenance | Src:MaD:8 |
| main.rs:264:9:264:19 | pass_source | main.rs:264:25:264:25 | ... | provenance | Src:MaD:8 |
| main.rs:264:25:264:25 | ... | main.rs:265:18:265:18 | a | provenance | |
| main.rs:264:25:264:25 | ... | main.rs:265:18:265:18 | a | provenance | |
| main.rs:268:14:268:19 | ...: i64 | main.rs:269:18:269:18 | a | provenance | |
| main.rs:268:14:268:19 | ...: i64 | main.rs:269:18:269:18 | a | provenance | |
| main.rs:271:9:271:19 | pass_source | main.rs:268:14:268:19 | ...: i64 | provenance | Src:MaD:8 |
| main.rs:271:9:271:19 | pass_source | main.rs:268:14:268:19 | ...: i64 | provenance | Src:MaD:8 |
| main.rs:273:9:273:19 | pass_source | main.rs:273:36:273:36 | ... | provenance | Src:MaD:8 |
| main.rs:273:9:273:19 | pass_source | main.rs:273:36:273:36 | ... | provenance | Src:MaD:8 |
| main.rs:273:36:273:36 | ... | main.rs:274:18:274:18 | a | provenance | |
| main.rs:273:36:273:36 | ... | main.rs:274:18:274:18 | a | provenance | |
| main.rs:283:9:283:9 | s | main.rs:284:41:284:41 | s | provenance | |
| main.rs:283:9:283:9 | s | main.rs:284:41:284:41 | s | provenance | |
| main.rs:283:13:283:22 | source(...) | main.rs:283:9:283:9 | s | provenance | |
| main.rs:283:13:283:22 | source(...) | main.rs:283:9:283:9 | s | provenance | |
| main.rs:284:15:284:43 | ...::C {...} [C] | main.rs:284:5:284:13 | enum_sink | provenance | MaD:2 Sink:MaD:2 |
| main.rs:284:15:284:43 | ...::C {...} [C] | main.rs:284:5:284:13 | enum_sink | provenance | MaD:2 Sink:MaD:2 |
| main.rs:284:41:284:41 | s | main.rs:284:15:284:43 | ...::C {...} [C] | provenance | |
| main.rs:284:41:284:41 | s | main.rs:284:15:284:43 | ...::C {...} [C] | provenance | |
| main.rs:289:9:289:9 | s | main.rs:290:39:290:39 | s | provenance | |
| main.rs:289:9:289:9 | s | main.rs:290:39:290:39 | s | provenance | |
| main.rs:289:13:289:22 | source(...) | main.rs:289:9:289:9 | s | provenance | |
| main.rs:289:13:289:22 | source(...) | main.rs:289:9:289:9 | s | provenance | |
| main.rs:290:9:290:9 | e [D] | main.rs:291:5:291:5 | e [D] | provenance | |
| main.rs:290:9:290:9 | e [D] | main.rs:291:5:291:5 | e [D] | provenance | |
| main.rs:290:13:290:41 | ...::D {...} [D] | main.rs:290:9:290:9 | e [D] | provenance | |
| main.rs:290:13:290:41 | ...::D {...} [D] | main.rs:290:9:290:9 | e [D] | provenance | |
| main.rs:290:39:290:39 | s | main.rs:290:13:290:41 | ...::D {...} [D] | provenance | |
| main.rs:290:39:290:39 | s | main.rs:290:13:290:41 | ...::D {...} [D] | provenance | |
| main.rs:291:5:291:5 | e [D] | main.rs:291:7:291:10 | sink | provenance | MaD:1 Sink:MaD:1 |
| main.rs:291:5:291:5 | e [D] | main.rs:291:7:291:10 | sink | provenance | MaD:1 Sink:MaD:1 |
| main.rs:300:9:300:9 | s | main.rs:301:10:301:10 | s | provenance | |
| main.rs:300:9:300:9 | s | main.rs:301:10:301:10 | s | provenance | |
| main.rs:300:13:300:25 | simple_source | main.rs:300:13:300:29 | simple_source(...) | provenance | Src:MaD:7 MaD:7 |
| main.rs:300:13:300:25 | simple_source | main.rs:300:13:300:29 | simple_source(...) | provenance | Src:MaD:7 MaD:7 |
| main.rs:300:13:300:29 | simple_source(...) | main.rs:300:9:300:9 | s | provenance | |
| main.rs:300:13:300:29 | simple_source(...) | main.rs:300:9:300:9 | s | provenance | |
| main.rs:308:9:308:9 | s | main.rs:309:17:309:17 | s | provenance | |
| main.rs:308:9:308:9 | s | main.rs:309:17:309:17 | s | provenance | |
| main.rs:308:13:308:22 | source(...) | main.rs:308:9:308:9 | s | provenance | |
| main.rs:308:13:308:22 | source(...) | main.rs:308:9:308:9 | s | provenance | |
| main.rs:309:17:309:17 | s | main.rs:309:5:309:15 | simple_sink | provenance | MaD:3 Sink:MaD:3 |
| main.rs:309:17:309:17 | s | main.rs:309:5:309:15 | simple_sink | provenance | MaD:3 Sink:MaD:3 |
| main.rs:317:5:317:14 | arg_source | main.rs:317:16:317:16 | [post] i | provenance | Src:MaD:5 MaD:5 |
| main.rs:317:5:317:14 | arg_source | main.rs:317:16:317:16 | [post] i | provenance | Src:MaD:5 MaD:5 |
| main.rs:317:16:317:16 | [post] i | main.rs:318:10:318:10 | i | provenance | |
| main.rs:317:16:317:16 | [post] i | main.rs:318:10:318:10 | i | provenance | |
| main.rs:370:9:370:10 | x1 | main.rs:371:10:371:11 | x1 | provenance | |
| main.rs:370:9:370:10 | x1 | main.rs:371:10:371:11 | x1 | provenance | |
| main.rs:370:14:370:23 | source(...) | main.rs:370:14:370:30 | ... .max(...) | provenance | MaD:9 |
| main.rs:370:14:370:23 | source(...) | main.rs:370:14:370:30 | ... .max(...) | provenance | MaD:9 |
| main.rs:370:14:370:30 | ... .max(...) | main.rs:370:9:370:10 | x1 | provenance | |
| main.rs:370:14:370:30 | ... .max(...) | main.rs:370:9:370:10 | x1 | provenance | |
| main.rs:373:9:373:10 | x2 [MyStruct.field1] | main.rs:381:10:381:11 | x2 [MyStruct.field1] | provenance | |
| main.rs:373:9:373:10 | x2 [MyStruct.field1] | main.rs:381:10:381:11 | x2 [MyStruct.field1] | provenance | |
| main.rs:373:14:380:6 | ... .max(...) [MyStruct.field1] | main.rs:373:9:373:10 | x2 [MyStruct.field1] | provenance | |
| main.rs:373:14:380:6 | ... .max(...) [MyStruct.field1] | main.rs:373:9:373:10 | x2 [MyStruct.field1] | provenance | |
| main.rs:373:15:376:5 | MyStruct {...} [MyStruct.field1] | main.rs:373:14:380:6 | ... .max(...) [MyStruct.field1] | provenance | MaD:9 |
| main.rs:373:15:376:5 | MyStruct {...} [MyStruct.field1] | main.rs:373:14:380:6 | ... .max(...) [MyStruct.field1] | provenance | MaD:9 |
| main.rs:374:17:374:26 | source(...) | main.rs:373:15:376:5 | MyStruct {...} [MyStruct.field1] | provenance | |
| main.rs:374:17:374:26 | source(...) | main.rs:373:15:376:5 | MyStruct {...} [MyStruct.field1] | provenance | |
| main.rs:381:10:381:11 | x2 [MyStruct.field1] | main.rs:381:10:381:18 | x2.field1 | provenance | |
| main.rs:381:10:381:11 | x2 [MyStruct.field1] | main.rs:381:10:381:18 | x2.field1 | provenance | |
| main.rs:386:9:386:10 | x4 | main.rs:387:10:387:11 | x4 | provenance | |
| main.rs:386:9:386:10 | x4 | main.rs:387:10:387:11 | x4 | provenance | |
| main.rs:386:14:386:23 | source(...) | main.rs:386:14:386:30 | ... .max(...) | provenance | MaD:9 |
| main.rs:386:14:386:23 | source(...) | main.rs:386:14:386:30 | ... .max(...) | provenance | MaD:9 |
| main.rs:386:14:386:30 | ... .max(...) | main.rs:386:9:386:10 | x4 | provenance | |
| main.rs:386:14:386:30 | ... .max(...) | main.rs:386:9:386:10 | x4 | provenance | |
| main.rs:389:9:389:10 | x5 | main.rs:390:10:390:11 | x5 | provenance | |
| main.rs:389:14:389:23 | source(...) | main.rs:389:14:389:30 | ... .lt(...) | provenance | MaD:10 |
| main.rs:389:14:389:30 | ... .lt(...) | main.rs:389:9:389:10 | x5 | provenance | |
| main.rs:392:9:392:10 | x6 | main.rs:393:10:393:11 | x6 | provenance | |
| main.rs:392:14:392:23 | source(...) | main.rs:392:14:392:27 | ... < ... | provenance | MaD:10 |
| main.rs:392:14:392:27 | ... < ... | main.rs:392:9:392:10 | x6 | provenance | |
nodes
| main.rs:15:9:15:9 | s | semmle.label | s |
| main.rs:15:9:15:9 | s | semmle.label | s |
@@ -533,88 +550,112 @@ nodes
| main.rs:247:35:247:35 | i | semmle.label | i |
| main.rs:247:47:247:47 | i | semmle.label | i |
| main.rs:247:47:247:47 | i | semmle.label | i |
| main.rs:256:9:256:9 | s | semmle.label | s |
| main.rs:256:9:256:9 | s | semmle.label | s |
| main.rs:256:13:256:22 | source(...) | semmle.label | source(...) |
| main.rs:256:13:256:22 | source(...) | semmle.label | source(...) |
| main.rs:257:5:257:13 | enum_sink | semmle.label | enum_sink |
| main.rs:257:5:257:13 | enum_sink | semmle.label | enum_sink |
| main.rs:257:15:257:43 | ...::C {...} [C] | semmle.label | ...::C {...} [C] |
| main.rs:257:15:257:43 | ...::C {...} [C] | semmle.label | ...::C {...} [C] |
| main.rs:257:41:257:41 | s | semmle.label | s |
| main.rs:257:41:257:41 | s | semmle.label | s |
| main.rs:262:9:262:9 | s | semmle.label | s |
| main.rs:262:9:262:9 | s | semmle.label | s |
| main.rs:262:13:262:22 | source(...) | semmle.label | source(...) |
| main.rs:262:13:262:22 | source(...) | semmle.label | source(...) |
| main.rs:263:9:263:9 | e [D] | semmle.label | e [D] |
| main.rs:263:9:263:9 | e [D] | semmle.label | e [D] |
| main.rs:263:13:263:41 | ...::D {...} [D] | semmle.label | ...::D {...} [D] |
| main.rs:263:13:263:41 | ...::D {...} [D] | semmle.label | ...::D {...} [D] |
| main.rs:263:39:263:39 | s | semmle.label | s |
| main.rs:263:39:263:39 | s | semmle.label | s |
| main.rs:264:5:264:5 | e [D] | semmle.label | e [D] |
| main.rs:264:5:264:5 | e [D] | semmle.label | e [D] |
| main.rs:264:7:264:10 | sink | semmle.label | sink |
| main.rs:264:7:264:10 | sink | semmle.label | sink |
| main.rs:273:9:273:9 | s | semmle.label | s |
| main.rs:273:9:273:9 | s | semmle.label | s |
| main.rs:273:13:273:25 | simple_source | semmle.label | simple_source |
| main.rs:273:13:273:25 | simple_source | semmle.label | simple_source |
| main.rs:273:13:273:29 | simple_source(...) | semmle.label | simple_source(...) |
| main.rs:273:13:273:29 | simple_source(...) | semmle.label | simple_source(...) |
| main.rs:274:10:274:10 | s | semmle.label | s |
| main.rs:274:10:274:10 | s | semmle.label | s |
| main.rs:281:9:281:9 | s | semmle.label | s |
| main.rs:281:9:281:9 | s | semmle.label | s |
| main.rs:281:13:281:22 | source(...) | semmle.label | source(...) |
| main.rs:281:13:281:22 | source(...) | semmle.label | source(...) |
| main.rs:282:5:282:15 | simple_sink | semmle.label | simple_sink |
| main.rs:282:5:282:15 | simple_sink | semmle.label | simple_sink |
| main.rs:282:17:282:17 | s | semmle.label | s |
| main.rs:282:17:282:17 | s | semmle.label | s |
| main.rs:290:5:290:14 | arg_source | semmle.label | arg_source |
| main.rs:290:5:290:14 | arg_source | semmle.label | arg_source |
| main.rs:290:16:290:16 | [post] i | semmle.label | [post] i |
| main.rs:290:16:290:16 | [post] i | semmle.label | [post] i |
| main.rs:291:10:291:10 | i | semmle.label | i |
| main.rs:291:10:291:10 | i | semmle.label | i |
| main.rs:343:9:343:10 | x1 | semmle.label | x1 |
| main.rs:343:9:343:10 | x1 | semmle.label | x1 |
| main.rs:343:14:343:23 | source(...) | semmle.label | source(...) |
| main.rs:343:14:343:23 | source(...) | semmle.label | source(...) |
| main.rs:343:14:343:30 | ... .max(...) | semmle.label | ... .max(...) |
| main.rs:343:14:343:30 | ... .max(...) | semmle.label | ... .max(...) |
| main.rs:344:10:344:11 | x1 | semmle.label | x1 |
| main.rs:344:10:344:11 | x1 | semmle.label | x1 |
| main.rs:346:9:346:10 | x2 [MyStruct.field1] | semmle.label | x2 [MyStruct.field1] |
| main.rs:346:9:346:10 | x2 [MyStruct.field1] | semmle.label | x2 [MyStruct.field1] |
| main.rs:346:14:353:6 | ... .max(...) [MyStruct.field1] | semmle.label | ... .max(...) [MyStruct.field1] |
| main.rs:346:14:353:6 | ... .max(...) [MyStruct.field1] | semmle.label | ... .max(...) [MyStruct.field1] |
| main.rs:346:15:349:5 | MyStruct {...} [MyStruct.field1] | semmle.label | MyStruct {...} [MyStruct.field1] |
| main.rs:346:15:349:5 | MyStruct {...} [MyStruct.field1] | semmle.label | MyStruct {...} [MyStruct.field1] |
| main.rs:347:17:347:26 | source(...) | semmle.label | source(...) |
| main.rs:347:17:347:26 | source(...) | semmle.label | source(...) |
| main.rs:354:10:354:11 | x2 [MyStruct.field1] | semmle.label | x2 [MyStruct.field1] |
| main.rs:354:10:354:11 | x2 [MyStruct.field1] | semmle.label | x2 [MyStruct.field1] |
| main.rs:354:10:354:18 | x2.field1 | semmle.label | x2.field1 |
| main.rs:354:10:354:18 | x2.field1 | semmle.label | x2.field1 |
| main.rs:359:9:359:10 | x4 | semmle.label | x4 |
| main.rs:359:9:359:10 | x4 | semmle.label | x4 |
| main.rs:359:14:359:23 | source(...) | semmle.label | source(...) |
| main.rs:359:14:359:23 | source(...) | semmle.label | source(...) |
| main.rs:359:14:359:30 | ... .max(...) | semmle.label | ... .max(...) |
| main.rs:359:14:359:30 | ... .max(...) | semmle.label | ... .max(...) |
| main.rs:360:10:360:11 | x4 | semmle.label | x4 |
| main.rs:360:10:360:11 | x4 | semmle.label | x4 |
| main.rs:362:9:362:10 | x5 | semmle.label | x5 |
| main.rs:362:14:362:23 | source(...) | semmle.label | source(...) |
| main.rs:362:14:362:30 | ... .lt(...) | semmle.label | ... .lt(...) |
| main.rs:363:10:363:11 | x5 | semmle.label | x5 |
| main.rs:365:9:365:10 | x6 | semmle.label | x6 |
| main.rs:365:14:365:23 | source(...) | semmle.label | source(...) |
| main.rs:365:14:365:27 | ... < ... | semmle.label | ... < ... |
| main.rs:366:10:366:11 | x6 | semmle.label | x6 |
| main.rs:261:18:261:18 | ... | semmle.label | ... |
| main.rs:261:18:261:18 | ... | semmle.label | ... |
| main.rs:261:26:261:26 | a | semmle.label | a |
| main.rs:261:26:261:26 | a | semmle.label | a |
| main.rs:262:9:262:19 | pass_source | semmle.label | pass_source |
| main.rs:262:9:262:19 | pass_source | semmle.label | pass_source |
| main.rs:264:9:264:19 | pass_source | semmle.label | pass_source |
| main.rs:264:9:264:19 | pass_source | semmle.label | pass_source |
| main.rs:264:25:264:25 | ... | semmle.label | ... |
| main.rs:264:25:264:25 | ... | semmle.label | ... |
| main.rs:265:18:265:18 | a | semmle.label | a |
| main.rs:265:18:265:18 | a | semmle.label | a |
| main.rs:268:14:268:19 | ...: i64 | semmle.label | ...: i64 |
| main.rs:268:14:268:19 | ...: i64 | semmle.label | ...: i64 |
| main.rs:269:18:269:18 | a | semmle.label | a |
| main.rs:269:18:269:18 | a | semmle.label | a |
| main.rs:271:9:271:19 | pass_source | semmle.label | pass_source |
| main.rs:271:9:271:19 | pass_source | semmle.label | pass_source |
| main.rs:273:9:273:19 | pass_source | semmle.label | pass_source |
| main.rs:273:9:273:19 | pass_source | semmle.label | pass_source |
| main.rs:273:36:273:36 | ... | semmle.label | ... |
| main.rs:273:36:273:36 | ... | semmle.label | ... |
| main.rs:274:18:274:18 | a | semmle.label | a |
| main.rs:274:18:274:18 | a | semmle.label | a |
| main.rs:283:9:283:9 | s | semmle.label | s |
| main.rs:283:9:283:9 | s | semmle.label | s |
| main.rs:283:13:283:22 | source(...) | semmle.label | source(...) |
| main.rs:283:13:283:22 | source(...) | semmle.label | source(...) |
| main.rs:284:5:284:13 | enum_sink | semmle.label | enum_sink |
| main.rs:284:5:284:13 | enum_sink | semmle.label | enum_sink |
| main.rs:284:15:284:43 | ...::C {...} [C] | semmle.label | ...::C {...} [C] |
| main.rs:284:15:284:43 | ...::C {...} [C] | semmle.label | ...::C {...} [C] |
| main.rs:284:41:284:41 | s | semmle.label | s |
| main.rs:284:41:284:41 | s | semmle.label | s |
| main.rs:289:9:289:9 | s | semmle.label | s |
| main.rs:289:9:289:9 | s | semmle.label | s |
| main.rs:289:13:289:22 | source(...) | semmle.label | source(...) |
| main.rs:289:13:289:22 | source(...) | semmle.label | source(...) |
| main.rs:290:9:290:9 | e [D] | semmle.label | e [D] |
| main.rs:290:9:290:9 | e [D] | semmle.label | e [D] |
| main.rs:290:13:290:41 | ...::D {...} [D] | semmle.label | ...::D {...} [D] |
| main.rs:290:13:290:41 | ...::D {...} [D] | semmle.label | ...::D {...} [D] |
| main.rs:290:39:290:39 | s | semmle.label | s |
| main.rs:290:39:290:39 | s | semmle.label | s |
| main.rs:291:5:291:5 | e [D] | semmle.label | e [D] |
| main.rs:291:5:291:5 | e [D] | semmle.label | e [D] |
| main.rs:291:7:291:10 | sink | semmle.label | sink |
| main.rs:291:7:291:10 | sink | semmle.label | sink |
| main.rs:300:9:300:9 | s | semmle.label | s |
| main.rs:300:9:300:9 | s | semmle.label | s |
| main.rs:300:13:300:25 | simple_source | semmle.label | simple_source |
| main.rs:300:13:300:25 | simple_source | semmle.label | simple_source |
| main.rs:300:13:300:29 | simple_source(...) | semmle.label | simple_source(...) |
| main.rs:300:13:300:29 | simple_source(...) | semmle.label | simple_source(...) |
| main.rs:301:10:301:10 | s | semmle.label | s |
| main.rs:301:10:301:10 | s | semmle.label | s |
| main.rs:308:9:308:9 | s | semmle.label | s |
| main.rs:308:9:308:9 | s | semmle.label | s |
| main.rs:308:13:308:22 | source(...) | semmle.label | source(...) |
| main.rs:308:13:308:22 | source(...) | semmle.label | source(...) |
| main.rs:309:5:309:15 | simple_sink | semmle.label | simple_sink |
| main.rs:309:5:309:15 | simple_sink | semmle.label | simple_sink |
| main.rs:309:17:309:17 | s | semmle.label | s |
| main.rs:309:17:309:17 | s | semmle.label | s |
| main.rs:317:5:317:14 | arg_source | semmle.label | arg_source |
| main.rs:317:5:317:14 | arg_source | semmle.label | arg_source |
| main.rs:317:16:317:16 | [post] i | semmle.label | [post] i |
| main.rs:317:16:317:16 | [post] i | semmle.label | [post] i |
| main.rs:318:10:318:10 | i | semmle.label | i |
| main.rs:318:10:318:10 | i | semmle.label | i |
| main.rs:370:9:370:10 | x1 | semmle.label | x1 |
| main.rs:370:9:370:10 | x1 | semmle.label | x1 |
| main.rs:370:14:370:23 | source(...) | semmle.label | source(...) |
| main.rs:370:14:370:23 | source(...) | semmle.label | source(...) |
| main.rs:370:14:370:30 | ... .max(...) | semmle.label | ... .max(...) |
| main.rs:370:14:370:30 | ... .max(...) | semmle.label | ... .max(...) |
| main.rs:371:10:371:11 | x1 | semmle.label | x1 |
| main.rs:371:10:371:11 | x1 | semmle.label | x1 |
| main.rs:373:9:373:10 | x2 [MyStruct.field1] | semmle.label | x2 [MyStruct.field1] |
| main.rs:373:9:373:10 | x2 [MyStruct.field1] | semmle.label | x2 [MyStruct.field1] |
| main.rs:373:14:380:6 | ... .max(...) [MyStruct.field1] | semmle.label | ... .max(...) [MyStruct.field1] |
| main.rs:373:14:380:6 | ... .max(...) [MyStruct.field1] | semmle.label | ... .max(...) [MyStruct.field1] |
| main.rs:373:15:376:5 | MyStruct {...} [MyStruct.field1] | semmle.label | MyStruct {...} [MyStruct.field1] |
| main.rs:373:15:376:5 | MyStruct {...} [MyStruct.field1] | semmle.label | MyStruct {...} [MyStruct.field1] |
| main.rs:374:17:374:26 | source(...) | semmle.label | source(...) |
| main.rs:374:17:374:26 | source(...) | semmle.label | source(...) |
| main.rs:381:10:381:11 | x2 [MyStruct.field1] | semmle.label | x2 [MyStruct.field1] |
| main.rs:381:10:381:11 | x2 [MyStruct.field1] | semmle.label | x2 [MyStruct.field1] |
| main.rs:381:10:381:18 | x2.field1 | semmle.label | x2.field1 |
| main.rs:381:10:381:18 | x2.field1 | semmle.label | x2.field1 |
| main.rs:386:9:386:10 | x4 | semmle.label | x4 |
| main.rs:386:9:386:10 | x4 | semmle.label | x4 |
| main.rs:386:14:386:23 | source(...) | semmle.label | source(...) |
| main.rs:386:14:386:23 | source(...) | semmle.label | source(...) |
| main.rs:386:14:386:30 | ... .max(...) | semmle.label | ... .max(...) |
| main.rs:386:14:386:30 | ... .max(...) | semmle.label | ... .max(...) |
| main.rs:387:10:387:11 | x4 | semmle.label | x4 |
| main.rs:387:10:387:11 | x4 | semmle.label | x4 |
| main.rs:389:9:389:10 | x5 | semmle.label | x5 |
| main.rs:389:14:389:23 | source(...) | semmle.label | source(...) |
| main.rs:389:14:389:30 | ... .lt(...) | semmle.label | ... .lt(...) |
| main.rs:390:10:390:11 | x5 | semmle.label | x5 |
| main.rs:392:9:392:10 | x6 | semmle.label | x6 |
| main.rs:392:14:392:23 | source(...) | semmle.label | source(...) |
| main.rs:392:14:392:27 | ... < ... | semmle.label | ... < ... |
| main.rs:393:10:393:11 | x6 | semmle.label | x6 |
subpaths
| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | main.rs:197:17:197:42 | if ... {...} else {...} | main.rs:198:13:198:24 | apply(...) |
| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | main.rs:197:17:197:42 | if ... {...} else {...} | main.rs:198:13:198:24 | apply(...) |
@@ -658,21 +699,29 @@ invalidSpecComponent
| main.rs:239:47:239:47 | i | main.rs:236:13:236:23 | enum_source | main.rs:239:47:239:47 | i | $@ | main.rs:236:13:236:23 | enum_source | enum_source |
| main.rs:247:47:247:47 | i | main.rs:245:15:245:20 | source | main.rs:247:47:247:47 | i | $@ | main.rs:245:15:245:20 | source | source |
| main.rs:247:47:247:47 | i | main.rs:245:15:245:20 | source | main.rs:247:47:247:47 | i | $@ | main.rs:245:15:245:20 | source | source |
| main.rs:257:5:257:13 | enum_sink | main.rs:256:13:256:22 | source(...) | main.rs:257:5:257:13 | enum_sink | $@ | main.rs:256:13:256:22 | source(...) | source(...) |
| main.rs:257:5:257:13 | enum_sink | main.rs:256:13:256:22 | source(...) | main.rs:257:5:257:13 | enum_sink | $@ | main.rs:256:13:256:22 | source(...) | source(...) |
| main.rs:264:7:264:10 | sink | main.rs:262:13:262:22 | source(...) | main.rs:264:7:264:10 | sink | $@ | main.rs:262:13:262:22 | source(...) | source(...) |
| main.rs:264:7:264:10 | sink | main.rs:262:13:262:22 | source(...) | main.rs:264:7:264:10 | sink | $@ | main.rs:262:13:262:22 | source(...) | source(...) |
| main.rs:274:10:274:10 | s | main.rs:273:13:273:25 | simple_source | main.rs:274:10:274:10 | s | $@ | main.rs:273:13:273:25 | simple_source | simple_source |
| main.rs:274:10:274:10 | s | main.rs:273:13:273:25 | simple_source | main.rs:274:10:274:10 | s | $@ | main.rs:273:13:273:25 | simple_source | simple_source |
| main.rs:282:5:282:15 | simple_sink | main.rs:281:13:281:22 | source(...) | main.rs:282:5:282:15 | simple_sink | $@ | main.rs:281:13:281:22 | source(...) | source(...) |
| main.rs:282:5:282:15 | simple_sink | main.rs:281:13:281:22 | source(...) | main.rs:282:5:282:15 | simple_sink | $@ | main.rs:281:13:281:22 | source(...) | source(...) |
| main.rs:291:10:291:10 | i | main.rs:290:5:290:14 | arg_source | main.rs:291:10:291:10 | i | $@ | main.rs:290:5:290:14 | arg_source | arg_source |
| main.rs:291:10:291:10 | i | main.rs:290:5:290:14 | arg_source | main.rs:291:10:291:10 | i | $@ | main.rs:290:5:290:14 | arg_source | arg_source |
| main.rs:344:10:344:11 | x1 | main.rs:343:14:343:23 | source(...) | main.rs:344:10:344:11 | x1 | $@ | main.rs:343:14:343:23 | source(...) | source(...) |
| main.rs:344:10:344:11 | x1 | main.rs:343:14:343:23 | source(...) | main.rs:344:10:344:11 | x1 | $@ | main.rs:343:14:343:23 | source(...) | source(...) |
| main.rs:354:10:354:18 | x2.field1 | main.rs:347:17:347:26 | source(...) | main.rs:354:10:354:18 | x2.field1 | $@ | main.rs:347:17:347:26 | source(...) | source(...) |
| main.rs:354:10:354:18 | x2.field1 | main.rs:347:17:347:26 | source(...) | main.rs:354:10:354:18 | x2.field1 | $@ | main.rs:347:17:347:26 | source(...) | source(...) |
| main.rs:360:10:360:11 | x4 | main.rs:359:14:359:23 | source(...) | main.rs:360:10:360:11 | x4 | $@ | main.rs:359:14:359:23 | source(...) | source(...) |
| main.rs:360:10:360:11 | x4 | main.rs:359:14:359:23 | source(...) | main.rs:360:10:360:11 | x4 | $@ | main.rs:359:14:359:23 | source(...) | source(...) |
| main.rs:363:10:363:11 | x5 | main.rs:362:14:362:23 | source(...) | main.rs:363:10:363:11 | x5 | $@ | main.rs:362:14:362:23 | source(...) | source(...) |
| main.rs:366:10:366:11 | x6 | main.rs:365:14:365:23 | source(...) | main.rs:366:10:366:11 | x6 | $@ | main.rs:365:14:365:23 | source(...) | source(...) |
| main.rs:261:26:261:26 | a | main.rs:262:9:262:19 | pass_source | main.rs:261:26:261:26 | a | $@ | main.rs:262:9:262:19 | pass_source | pass_source |
| main.rs:261:26:261:26 | a | main.rs:262:9:262:19 | pass_source | main.rs:261:26:261:26 | a | $@ | main.rs:262:9:262:19 | pass_source | pass_source |
| main.rs:265:18:265:18 | a | main.rs:264:9:264:19 | pass_source | main.rs:265:18:265:18 | a | $@ | main.rs:264:9:264:19 | pass_source | pass_source |
| main.rs:265:18:265:18 | a | main.rs:264:9:264:19 | pass_source | main.rs:265:18:265:18 | a | $@ | main.rs:264:9:264:19 | pass_source | pass_source |
| main.rs:269:18:269:18 | a | main.rs:271:9:271:19 | pass_source | main.rs:269:18:269:18 | a | $@ | main.rs:271:9:271:19 | pass_source | pass_source |
| main.rs:269:18:269:18 | a | main.rs:271:9:271:19 | pass_source | main.rs:269:18:269:18 | a | $@ | main.rs:271:9:271:19 | pass_source | pass_source |
| main.rs:274:18:274:18 | a | main.rs:273:9:273:19 | pass_source | main.rs:274:18:274:18 | a | $@ | main.rs:273:9:273:19 | pass_source | pass_source |
| main.rs:274:18:274:18 | a | main.rs:273:9:273:19 | pass_source | main.rs:274:18:274:18 | a | $@ | main.rs:273:9:273:19 | pass_source | pass_source |
| main.rs:284:5:284:13 | enum_sink | main.rs:283:13:283:22 | source(...) | main.rs:284:5:284:13 | enum_sink | $@ | main.rs:283:13:283:22 | source(...) | source(...) |
| main.rs:284:5:284:13 | enum_sink | main.rs:283:13:283:22 | source(...) | main.rs:284:5:284:13 | enum_sink | $@ | main.rs:283:13:283:22 | source(...) | source(...) |
| main.rs:291:7:291:10 | sink | main.rs:289:13:289:22 | source(...) | main.rs:291:7:291:10 | sink | $@ | main.rs:289:13:289:22 | source(...) | source(...) |
| main.rs:291:7:291:10 | sink | main.rs:289:13:289:22 | source(...) | main.rs:291:7:291:10 | sink | $@ | main.rs:289:13:289:22 | source(...) | source(...) |
| main.rs:301:10:301:10 | s | main.rs:300:13:300:25 | simple_source | main.rs:301:10:301:10 | s | $@ | main.rs:300:13:300:25 | simple_source | simple_source |
| main.rs:301:10:301:10 | s | main.rs:300:13:300:25 | simple_source | main.rs:301:10:301:10 | s | $@ | main.rs:300:13:300:25 | simple_source | simple_source |
| main.rs:309:5:309:15 | simple_sink | main.rs:308:13:308:22 | source(...) | main.rs:309:5:309:15 | simple_sink | $@ | main.rs:308:13:308:22 | source(...) | source(...) |
| main.rs:309:5:309:15 | simple_sink | main.rs:308:13:308:22 | source(...) | main.rs:309:5:309:15 | simple_sink | $@ | main.rs:308:13:308:22 | source(...) | source(...) |
| main.rs:318:10:318:10 | i | main.rs:317:5:317:14 | arg_source | main.rs:318:10:318:10 | i | $@ | main.rs:317:5:317:14 | arg_source | arg_source |
| main.rs:318:10:318:10 | i | main.rs:317:5:317:14 | arg_source | main.rs:318:10:318:10 | i | $@ | main.rs:317:5:317:14 | arg_source | arg_source |
| main.rs:371:10:371:11 | x1 | main.rs:370:14:370:23 | source(...) | main.rs:371:10:371:11 | x1 | $@ | main.rs:370:14:370:23 | source(...) | source(...) |
| main.rs:371:10:371:11 | x1 | main.rs:370:14:370:23 | source(...) | main.rs:371:10:371:11 | x1 | $@ | main.rs:370:14:370:23 | source(...) | source(...) |
| main.rs:381:10:381:18 | x2.field1 | main.rs:374:17:374:26 | source(...) | main.rs:381:10:381:18 | x2.field1 | $@ | main.rs:374:17:374:26 | source(...) | source(...) |
| main.rs:381:10:381:18 | x2.field1 | main.rs:374:17:374:26 | source(...) | main.rs:381:10:381:18 | x2.field1 | $@ | main.rs:374:17:374:26 | source(...) | source(...) |
| main.rs:387:10:387:11 | x4 | main.rs:386:14:386:23 | source(...) | main.rs:387:10:387:11 | x4 | $@ | main.rs:386:14:386:23 | source(...) | source(...) |
| main.rs:387:10:387:11 | x4 | main.rs:386:14:386:23 | source(...) | main.rs:387:10:387:11 | x4 | $@ | main.rs:386:14:386:23 | source(...) | source(...) |
| main.rs:390:10:390:11 | x5 | main.rs:389:14:389:23 | source(...) | main.rs:390:10:390:11 | x5 | $@ | main.rs:389:14:389:23 | source(...) | source(...) |
| main.rs:393:10:393:11 | x6 | main.rs:392:14:392:23 | source(...) | main.rs:393:10:393:11 | x6 | $@ | main.rs:392:14:392:23 | source(...) | source(...) |

1
rust/ql/test/library-tests/dataflow/models/models.ext.yml
View File

@@ -7,6 +7,7 @@ extensions:
- ["main::enum_source", "ReturnValue.Field[main::MyFieldEnum::D::field_d]", "test-source", "manual"]
- ["<main::MyFieldEnum>::source", "ReturnValue.Field[main::MyFieldEnum::C::field_c]", "test-source", "manual"]
- ["main::arg_source", "Argument[0]", "test-source", "manual"]
- ["main::source_into_function::pass_source", "Argument[1].Parameter[0]", "test-source", "manual"]
- addsTo:
pack: codeql/rust-all
extensible: sinkModel

897
rust/ql/test/library-tests/dataflow/sources/InlineFlow.expected
View File

File diff suppressed because it is too large Load Diff

8
rust/ql/test/library-tests/dataflow/sources/web_frameworks.rs
View File

@@ -241,7 +241,7 @@ mod warp_test {
let map_route =
warp::path::param().map(|a: String| // $ Alert[rust/summary/taint-sources]
{
sink(a); // $ MISSING: hasTaintFlow
sink(a); // $ hasTaintFlow
"".to_string()
});
@@ -249,7 +249,7 @@ mod warp_test {
// A route with parameter and `then`
let then_route = warp::path::param().then( // $ Alert[rust/summary/taint-sources]
async move |a: String| {
sink(a); // $ MISSING: hasTaintFlow
sink(a); // $ hasTaintFlow
"".to_string()
},
@@ -260,7 +260,7 @@ mod warp_test {
async move | id: u64 |
{
if id != 0 {
sink(id); // $ MISSING: hasTaintFlow
sink(id); // $ hasTaintFlow
Ok("".to_string())
} else {
Err(warp::reject::not_found())
@@ -272,7 +272,7 @@ mod warp_test {
let path_and_map_route = warp::path("1").and(warp::path::param()).map( // $ Alert[rust/summary/taint-sources]
| a: String |
{
sink(a); // $ MISSING: hasTaintFlow
sink(a); // $ hasTaintFlow
"".to_string()
},

73
rust/ql/test/query-tests/security/CWE-918/Cargo.lock generated
View File

@@ -714,6 +714,16 @@ version = "0.3.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a"
[[package]]
name = "mime_guess"
version = "2.0.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f7c44f8e672c00fe5308fa235f821cb4198414e1c77935c1ab6948d3fd78550e"
dependencies = [
"mime",
"unicase",
]
[[package]]
name = "miniz_oxide"
version = "0.8.9"
@@ -851,6 +861,26 @@ version = "2.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9b4f627cb1b25917193a259e49bdad08f671f8d9708acfd5fe0a8c1455d87220"
[[package]]
name = "pin-project"
version = "1.1.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "677f1add503faace112b9f1373e43e9e054bfdd22ff1a63c1bc485eaec6a6a8a"
dependencies = [
"pin-project-internal",
]
[[package]]
name = "pin-project-internal"
version = "1.1.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6e918e4ff8c4549eb882f14b3a4bc8c8bc93de829416eacf579f1207a8fbf861"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "pin-project-lite"
version = "0.2.16"
@@ -1132,6 +1162,12 @@ dependencies = [
"windows-sys 0.59.0",
]
[[package]]
name = "scoped-tls"
version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e1cf6437eb19a8f4a6cc0f7dca544973b0b78843adbfeb3683d1a94a0024a294"
[[package]]
name = "scopeguard"
version = "1.2.0"
@@ -1337,6 +1373,7 @@ dependencies = [
"poem",
"reqwest",
"tokio",
"warp",
]
[[package]]
@@ -1501,6 +1538,7 @@ version = "0.1.41"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "784e0ac535deb450455cbfa28a6f0df145ea1bb7ae51b821cf5e7927fdcfbdd0"
dependencies = [
"log",
"pin-project-lite",
"tracing-attributes",
"tracing-core",
@@ -1547,6 +1585,12 @@ dependencies = [
"version_check",
]
[[package]]
name = "unicase"
version = "2.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "75b844d17643ee918803943289730bec8aac480150456169e647ed0b576ba539"
[[package]]
name = "unicode-ident"
version = "1.0.18"
@@ -1598,6 +1642,35 @@ dependencies = [
"try-lock",
]
[[package]]
name = "warp"
version = "0.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "51d06d9202adc1f15d709c4f4a2069be5428aa912cc025d6f268ac441ab066b0"
dependencies = [
"bytes",
"futures-util",
"headers",
"http",
"http-body",
"http-body-util",
"hyper",
"hyper-util",
"log",
"mime",
"mime_guess",
"percent-encoding",
"pin-project",
"scoped-tls",
"serde",
"serde_json",
"serde_urlencoded",
"tokio",
"tokio-util",
"tower-service",
"tracing",
]
[[package]]
name = "wasi"
version = "0.11.1+wasi-snapshot-preview1"

37
rust/ql/test/query-tests/security/CWE-918/RequestForgery.expected
View File

@@ -8,6 +8,8 @@
| request_forgery_tests.rs:31:29:31:40 | ...::get | request_forgery_tests.rs:5:29:5:36 | user_url | request_forgery_tests.rs:31:29:31:40 | ...::get | The URL of this request depends on a $@. | request_forgery_tests.rs:5:29:5:36 | user_url | user-provided value |
| request_forgery_tests.rs:37:37:37:48 | ...::get | request_forgery_tests.rs:5:29:5:36 | user_url | request_forgery_tests.rs:37:37:37:48 | ...::get | The URL of this request depends on a $@. | request_forgery_tests.rs:5:29:5:36 | user_url | user-provided value |
| request_forgery_tests.rs:37:37:37:48 | ...::get | request_forgery_tests.rs:5:29:5:36 | user_url | request_forgery_tests.rs:37:37:37:48 | ...::get | The URL of this request depends on a $@. | request_forgery_tests.rs:5:29:5:36 | user_url | user-provided value |
| request_forgery_tests.rs:68:28:68:39 | ...::get | request_forgery_tests.rs:65:33:65:40 | and_then | request_forgery_tests.rs:68:28:68:39 | ...::get | The URL of this request depends on a $@. | request_forgery_tests.rs:65:33:65:40 | and_then | user-provided value |
| request_forgery_tests.rs:68:28:68:39 | ...::get | request_forgery_tests.rs:65:33:65:40 | and_then | request_forgery_tests.rs:68:28:68:39 | ...::get | The URL of this request depends on a $@. | request_forgery_tests.rs:65:33:65:40 | and_then | user-provided value |
edges
| request_forgery_tests.rs:4:5:4:14 | res | request_forgery_tests.rs:16:27:16:49 | { ... } | provenance | |
| request_forgery_tests.rs:4:5:4:14 | res | request_forgery_tests.rs:20:27:20:57 | { ... } | provenance | |
@@ -28,22 +30,22 @@ edges
| request_forgery_tests.rs:16:13:16:15 | url | request_forgery_tests.rs:17:39:17:41 | url | provenance | |
| request_forgery_tests.rs:16:27:16:49 | ...::format(...) | request_forgery_tests.rs:4:5:4:14 | res | provenance | |
| request_forgery_tests.rs:16:27:16:49 | ...::must_use(...) | request_forgery_tests.rs:16:13:16:15 | url | provenance | |
| request_forgery_tests.rs:16:27:16:49 | MacroExpr | request_forgery_tests.rs:16:27:16:49 | ...::format(...) | provenance | MaD:2 |
| request_forgery_tests.rs:16:27:16:49 | { ... } | request_forgery_tests.rs:16:27:16:49 | ...::must_use(...) | provenance | MaD:3 |
| request_forgery_tests.rs:16:27:16:49 | MacroExpr | request_forgery_tests.rs:16:27:16:49 | ...::format(...) | provenance | MaD:3 |
| request_forgery_tests.rs:16:27:16:49 | { ... } | request_forgery_tests.rs:16:27:16:49 | ...::must_use(...) | provenance | MaD:4 |
| request_forgery_tests.rs:17:38:17:41 | &url [&ref] | request_forgery_tests.rs:17:25:17:36 | ...::get | provenance | MaD:1 Sink:MaD:1 |
| request_forgery_tests.rs:17:39:17:41 | url | request_forgery_tests.rs:17:38:17:41 | &url [&ref] | provenance | |
| request_forgery_tests.rs:20:13:20:15 | url | request_forgery_tests.rs:21:39:21:41 | url | provenance | |
| request_forgery_tests.rs:20:27:20:57 | ...::format(...) | request_forgery_tests.rs:4:5:4:14 | res | provenance | |
| request_forgery_tests.rs:20:27:20:57 | ...::must_use(...) | request_forgery_tests.rs:20:13:20:15 | url | provenance | |
| request_forgery_tests.rs:20:27:20:57 | MacroExpr | request_forgery_tests.rs:20:27:20:57 | ...::format(...) | provenance | MaD:2 |
| request_forgery_tests.rs:20:27:20:57 | { ... } | request_forgery_tests.rs:20:27:20:57 | ...::must_use(...) | provenance | MaD:3 |
| request_forgery_tests.rs:20:27:20:57 | MacroExpr | request_forgery_tests.rs:20:27:20:57 | ...::format(...) | provenance | MaD:3 |
| request_forgery_tests.rs:20:27:20:57 | { ... } | request_forgery_tests.rs:20:27:20:57 | ...::must_use(...) | provenance | MaD:4 |
| request_forgery_tests.rs:21:38:21:41 | &url [&ref] | request_forgery_tests.rs:21:25:21:36 | ...::get | provenance | MaD:1 Sink:MaD:1 |
| request_forgery_tests.rs:21:39:21:41 | url | request_forgery_tests.rs:21:38:21:41 | &url [&ref] | provenance | |
| request_forgery_tests.rs:24:13:24:15 | url | request_forgery_tests.rs:25:39:25:41 | url | provenance | |
| request_forgery_tests.rs:24:27:24:70 | ...::format(...) | request_forgery_tests.rs:4:5:4:14 | res | provenance | |
| request_forgery_tests.rs:24:27:24:70 | ...::must_use(...) | request_forgery_tests.rs:24:13:24:15 | url | provenance | |
| request_forgery_tests.rs:24:27:24:70 | MacroExpr | request_forgery_tests.rs:24:27:24:70 | ...::format(...) | provenance | MaD:2 |
| request_forgery_tests.rs:24:27:24:70 | { ... } | request_forgery_tests.rs:24:27:24:70 | ...::must_use(...) | provenance | MaD:3 |
| request_forgery_tests.rs:24:27:24:70 | MacroExpr | request_forgery_tests.rs:24:27:24:70 | ...::format(...) | provenance | MaD:3 |
| request_forgery_tests.rs:24:27:24:70 | { ... } | request_forgery_tests.rs:24:27:24:70 | ...::must_use(...) | provenance | MaD:4 |
| request_forgery_tests.rs:25:38:25:41 | &url [&ref] | request_forgery_tests.rs:25:25:25:36 | ...::get | provenance | MaD:1 Sink:MaD:1 |
| request_forgery_tests.rs:25:39:25:41 | url | request_forgery_tests.rs:25:38:25:41 | &url [&ref] | provenance | |
| request_forgery_tests.rs:31:42:31:50 | &user_url [&ref] | request_forgery_tests.rs:31:29:31:40 | ...::get | provenance | MaD:1 Sink:MaD:1 |
@@ -54,10 +56,19 @@ edges
| request_forgery_tests.rs:37:50:37:58 | &user_url [&ref] | request_forgery_tests.rs:37:37:37:48 | ...::get | provenance | MaD:1 Sink:MaD:1 |
| request_forgery_tests.rs:37:51:37:58 | user_url | request_forgery_tests.rs:37:50:37:58 | &user_url [&ref] | provenance | |
| request_forgery_tests.rs:37:51:37:58 | user_url | request_forgery_tests.rs:37:50:37:58 | &user_url [&ref] | provenance | |
| request_forgery_tests.rs:65:33:65:40 | and_then | request_forgery_tests.rs:65:49:65:57 | ...: String | provenance | Src:MaD:2 |
| request_forgery_tests.rs:65:33:65:40 | and_then | request_forgery_tests.rs:65:49:65:57 | ...: String | provenance | Src:MaD:2 |
| request_forgery_tests.rs:65:49:65:57 | ...: String | request_forgery_tests.rs:68:42:68:42 | a | provenance | |
| request_forgery_tests.rs:65:49:65:57 | ...: String | request_forgery_tests.rs:68:42:68:42 | a | provenance | |
| request_forgery_tests.rs:68:41:68:42 | &a [&ref] | request_forgery_tests.rs:68:28:68:39 | ...::get | provenance | MaD:1 Sink:MaD:1 |
| request_forgery_tests.rs:68:41:68:42 | &a [&ref] | request_forgery_tests.rs:68:28:68:39 | ...::get | provenance | MaD:1 Sink:MaD:1 |
| request_forgery_tests.rs:68:42:68:42 | a | request_forgery_tests.rs:68:41:68:42 | &a [&ref] | provenance | |
| request_forgery_tests.rs:68:42:68:42 | a | request_forgery_tests.rs:68:41:68:42 | &a [&ref] | provenance | |
models
| 1 | Sink: reqwest::get; Argument[0]; request-url |
| 2 | Summary: alloc::fmt::format; Argument[0]; ReturnValue; taint |
| 3 | Summary: core::hint::must_use; Argument[0]; ReturnValue; value |
| 2 | Source: <_ as warp::filter::Filter>::and_then; Argument[0].Parameter[0..7]; remote |
| 3 | Summary: alloc::fmt::format; Argument[0]; ReturnValue; taint |
| 4 | Summary: core::hint::must_use; Argument[0]; ReturnValue; value |
nodes
| request_forgery_tests.rs:4:5:4:14 | res | semmle.label | res |
| request_forgery_tests.rs:4:5:4:14 | res | semmle.label | res |
@@ -106,4 +117,14 @@ nodes
| request_forgery_tests.rs:37:50:37:58 | &user_url [&ref] | semmle.label | &user_url [&ref] |
| request_forgery_tests.rs:37:51:37:58 | user_url | semmle.label | user_url |
| request_forgery_tests.rs:37:51:37:58 | user_url | semmle.label | user_url |
| request_forgery_tests.rs:65:33:65:40 | and_then | semmle.label | and_then |
| request_forgery_tests.rs:65:33:65:40 | and_then | semmle.label | and_then |
| request_forgery_tests.rs:65:49:65:57 | ...: String | semmle.label | ...: String |
| request_forgery_tests.rs:65:49:65:57 | ...: String | semmle.label | ...: String |
| request_forgery_tests.rs:68:28:68:39 | ...::get | semmle.label | ...::get |
| request_forgery_tests.rs:68:28:68:39 | ...::get | semmle.label | ...::get |
| request_forgery_tests.rs:68:41:68:42 | &a [&ref] | semmle.label | &a [&ref] |
| request_forgery_tests.rs:68:41:68:42 | &a [&ref] | semmle.label | &a [&ref] |
| request_forgery_tests.rs:68:42:68:42 | a | semmle.label | a |
| request_forgery_tests.rs:68:42:68:42 | a | semmle.label | a |
subpaths

1
rust/ql/test/query-tests/security/CWE-918/options.yml
View File

@@ -3,3 +3,4 @@ qltest_dependencies:
- reqwest = { version = "0.12.23", features = ["blocking", "json"] }
- tokio = { version = "1.0", features = ["full"] }
- poem = { version = "3.1.12", features = ["server"] }
- warp = { version = "0.4.2", features = ["server"] }

20
rust/ql/test/query-tests/security/CWE-918/request_forgery_tests.rs
View File

@@ -54,6 +54,26 @@ mod poem_server {
}
}
mod warp_test {
use warp::Filter;
#[tokio::main]
#[rustfmt::skip]
async fn test_warp() {
// A route with parameter and `and_then`
let map_route =
warp::path::param().and_then(async |a: String| // $ Source=a
{
let response = reqwest::get(&a).await; // $ Alert[rust/request-forgery]=a
match response {
Ok(resp) => Ok(resp.text().await.unwrap_or_default()),
Err(_err) => Err(warp::reject::not_found()),
}
});
}
}
/// Start the Poem web application
pub fn start() {
tokio::runtime::Runtime::new()

43
shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll
View File

@@ -709,6 +709,9 @@ module Make<
this = TConsSummaryComponentStack(result, _)
}
/** Gets the head of this stack if it is a singleton. */
SummaryComponent headOfSingleton() { this = TSingletonSummaryComponentStack(result) }
/** Gets the tail of this stack, if any. */
SummaryComponentStack tail() { this = TConsSummaryComponentStack(_, result) }
@@ -1206,12 +1209,12 @@ module Make<
* Holds if this node is an exit node, i.e. after all stores have been performed.
*
* A local flow step should be added from this node to a data flow node representing
* `sc` inside `source`.
* `s` inside `source`.
*/
predicate isExit(SourceElement source, SummaryComponent sc, string model) {
predicate isExit(SourceElement source, SummaryComponentStack s, string model) {
source = source_ and
model = model_ and
state_.isSourceOutputState(source, TSingletonSummaryComponentStack(sc), _, model)
state_.isSourceOutputState(source, s, _, model)
}
override predicate isHidden() { not this.isEntry(_, _) }
@@ -1460,7 +1463,7 @@ module Make<
DataFlowType getSyntheticGlobalType(SyntheticGlobal sg);
DataFlowType getSourceType(SourceBase source, SummaryComponent sc);
DataFlowType getSourceType(SourceBase source, SummaryComponentStack sc);
DataFlowType getSinkType(SinkBase sink, SummaryComponent sc);
}
@@ -1543,9 +1546,9 @@ module Make<
)
or
exists(SourceElement source |
exists(SummaryComponent sc |
n.(SourceOutputNode).isExit(source, sc, _) and
result = getSourceType(source, sc)
exists(SummaryComponentStack s |
n.(SourceOutputNode).isExit(source, s, _) and
result = getSourceType(source, s)
)
or
exists(SummaryComponentStack s, ContentSet cont |
@@ -1574,13 +1577,16 @@ module Make<
/** Gets a call that targets summarized callable `sc`. */
DataFlowCall getACall(SummarizedCallable sc);
/** Gets the enclosing callable of `source`. */
DataFlowCallable getSourceNodeEnclosingCallable(SourceBase source);
/**
* Gets a data flow node corresponding to the `sc` part of `source`.
* Gets a data flow node corresponding to the `s` part of `source`.
*
* `sc` is typically `ReturnValue` and the result is the node that
* `s` is typically `ReturnValue` and the result is the node that
* represents the return value of `source`.
*/
Node getSourceNode(SourceBase source, SummaryComponent sc);
Node getSourceNode(SourceBase source, SummaryComponentStack s);
/**
* Gets a data flow node corresponding to the `sc` part of `sink`.
@@ -1622,13 +1628,20 @@ module Make<
)
}
predicate sourceLocalStep(SourceOutputNode nodeFrom, Node nodeTo, string model) {
exists(SummaryComponent sc, SourceElement source |
predicate sourceStep(SourceOutputNode nodeFrom, Node nodeTo, string model, boolean local) {
exists(SummaryComponentStack sc, SourceElement source |
nodeFrom.isExit(source, sc, model) and
nodeTo = StepsInput::getSourceNode(source, sc)
nodeTo = StepsInput::getSourceNode(source, sc) and
if StepsInput::getSourceNodeEnclosingCallable(source) = getNodeEnclosingCallable(nodeTo)
then local = true
else local = false
)
}
predicate sourceLocalStep(SourceOutputNode nodeFrom, Node nodeTo, string model) {
sourceStep(nodeFrom, nodeTo, model, true)
}
predicate sinkLocalStep(Node nodeFrom, SinkInputNode nodeTo, string model) {
exists(SummaryComponent sc, SinkElement sink |
nodeFrom = StepsInput::getSinkNode(sink, sc) and
@@ -1689,6 +1702,10 @@ module Make<
)
}
predicate sourceJumpStep(SourceOutputNode nodeFrom, Node nodeTo) {
sourceStep(nodeFrom, nodeTo, _, false)
}
/**
* Holds if values stored inside content `c` are cleared at `n`. `n` is a
* synthesized summary node, so in order for values to be cleared at calls

4
swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll
View File

@@ -113,7 +113,9 @@ private import Make<Location, DataFlowImplSpecific::SwiftDataFlow, Input> as Imp
private module StepsInput implements Impl::Private::StepsInputSig {
DataFlowCall getACall(Public::SummarizedCallable sc) { result.asCall().getStaticTarget() = sc }
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponent sc) { none() }
DataFlowCallable getSourceNodeEnclosingCallable(Input::SourceBase source) { none() }
Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponentStack s) { none() }
Node getSinkNode(Input::SinkBase sink, Impl::Private::SummaryComponent sc) { none() }
}