mirror of
https://github.com/github/codeql.git
synced 2026-04-27 09:45:15 +02:00
Rust: Model path::new.
This commit is contained in:
Geoffrey White
@@ -45,6 +45,7 @@ extensions:
|
||||
data:
|
||||
- ["std::fs::canonicalize", "Argument[0]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"]
|
||||
- ["<std::path::PathBuf as core::convert::From>::from", "Argument[0]", "ReturnValue", "taint", "manual"]
|
||||
- ["<std::path::Path>::new", "Argument[0].Reference", "ReturnValue.Reference", "taint", "manual"]
|
||||
- ["<std::path::Path>::join", "Argument[self]", "ReturnValue", "taint", "manual"]
|
||||
- ["<std::path::Path>::join", "Argument[0]", "ReturnValue", "taint", "manual"]
|
||||
- ["<std::path::Path>::canonicalize", "Argument[self].OptionalStep[normalize-path]", "ReturnValue.Field[core::result::Result::Ok(0)]", "taint", "manual"]
|
||||
|
||||
@@ -1,79 +1,104 @@
|
||||
#select
|
||||
| src/main.rs:11:5:11:22 | ...::read_to_string | src/main.rs:7:11:7:19 | file_name | src/main.rs:11:5:11:22 | ...::read_to_string | This path depends on a $@. | src/main.rs:7:11:7:19 | file_name | user-provided value |
|
||||
| src/main.rs:71:5:71:22 | ...::read_to_string | src/main.rs:63:11:63:19 | file_path | src/main.rs:71:5:71:22 | ...::read_to_string | This path depends on a $@. | src/main.rs:63:11:63:19 | file_path | user-provided value |
|
||||
| src/main.rs:104:13:104:31 | ...::open | src/main.rs:103:17:103:30 | ...::args | src/main.rs:104:13:104:31 | ...::open | This path depends on a $@. | src/main.rs:103:17:103:30 | ...::args | user-provided value |
|
||||
| src/main.rs:107:13:107:31 | ...::open | src/main.rs:103:17:103:30 | ...::args | src/main.rs:107:13:107:31 | ...::open | This path depends on a $@. | src/main.rs:103:17:103:30 | ...::args | user-provided value |
|
||||
| src/main.rs:110:13:110:33 | ...::open | src/main.rs:103:17:103:30 | ...::args | src/main.rs:110:13:110:33 | ...::open | This path depends on a $@. | src/main.rs:103:17:103:30 | ...::args | user-provided value |
|
||||
| src/main.rs:113:13:113:37 | ...::open | src/main.rs:103:17:103:30 | ...::args | src/main.rs:113:13:113:37 | ...::open | This path depends on a $@. | src/main.rs:103:17:103:30 | ...::args | user-provided value |
|
||||
| src/main.rs:116:13:116:31 | ...::open | src/main.rs:103:17:103:30 | ...::args | src/main.rs:116:13:116:31 | ...::open | This path depends on a $@. | src/main.rs:103:17:103:30 | ...::args | user-provided value |
|
||||
| src/main.rs:122:13:122:25 | ...::copy | src/main.rs:103:17:103:30 | ...::args | src/main.rs:122:13:122:25 | ...::copy | This path depends on a $@. | src/main.rs:103:17:103:30 | ...::args | user-provided value |
|
||||
| src/main.rs:123:13:123:25 | ...::copy | src/main.rs:103:17:103:30 | ...::args | src/main.rs:123:13:123:25 | ...::copy | This path depends on a $@. | src/main.rs:103:17:103:30 | ...::args | user-provided value |
|
||||
| src/main.rs:173:13:173:18 | exists | src/main.rs:185:17:185:30 | ...::args | src/main.rs:173:13:173:18 | exists | This path depends on a $@. | src/main.rs:185:17:185:30 | ...::args | user-provided value |
|
||||
| src/main.rs:174:25:174:34 | ...::open | src/main.rs:185:17:185:30 | ...::args | src/main.rs:174:25:174:34 | ...::open | This path depends on a $@. | src/main.rs:185:17:185:30 | ...::args | user-provided value |
|
||||
| src/main.rs:177:25:177:34 | ...::open | src/main.rs:185:17:185:30 | ...::args | src/main.rs:177:25:177:34 | ...::open | This path depends on a $@. | src/main.rs:185:17:185:30 | ...::args | user-provided value |
|
||||
edges
|
||||
| src/main.rs:7:11:7:19 | file_name | src/main.rs:9:35:9:43 | file_name | provenance | |
|
||||
| src/main.rs:9:9:9:17 | file_path | src/main.rs:11:24:11:32 | file_path | provenance | |
|
||||
| src/main.rs:9:21:9:44 | ...::from(...) | src/main.rs:9:9:9:17 | file_path | provenance | |
|
||||
| src/main.rs:9:35:9:43 | file_name | src/main.rs:9:21:9:44 | ...::from(...) | provenance | MaD:11 |
|
||||
| src/main.rs:9:35:9:43 | file_name | src/main.rs:9:21:9:44 | ...::from(...) | provenance | MaD:11 |
|
||||
| src/main.rs:11:24:11:32 | file_path | src/main.rs:11:5:11:22 | ...::read_to_string | provenance | MaD:5 Sink:MaD:5 |
|
||||
| src/main.rs:9:35:9:43 | file_name | src/main.rs:9:21:9:44 | ...::from(...) | provenance | MaD:13 |
|
||||
| src/main.rs:9:35:9:43 | file_name | src/main.rs:9:21:9:44 | ...::from(...) | provenance | MaD:13 |
|
||||
| src/main.rs:11:24:11:32 | file_path | src/main.rs:11:5:11:22 | ...::read_to_string | provenance | MaD:6 Sink:MaD:6 |
|
||||
| src/main.rs:63:11:63:19 | file_path | src/main.rs:66:32:66:40 | file_path | provenance | |
|
||||
| src/main.rs:66:9:66:17 | file_path [&ref] | src/main.rs:71:24:71:32 | file_path [&ref] | provenance | |
|
||||
| src/main.rs:66:21:66:41 | ...::new(...) [&ref] | src/main.rs:66:9:66:17 | file_path [&ref] | provenance | |
|
||||
| src/main.rs:66:31:66:40 | &file_path [&ref] | src/main.rs:66:21:66:41 | ...::new(...) [&ref] | provenance | MaD:12 |
|
||||
| src/main.rs:66:32:66:40 | file_path | src/main.rs:66:31:66:40 | &file_path [&ref] | provenance | |
|
||||
| src/main.rs:71:24:71:32 | file_path [&ref] | src/main.rs:71:5:71:22 | ...::read_to_string | provenance | MaD:6 Sink:MaD:6 |
|
||||
| src/main.rs:103:9:103:13 | path1 | src/main.rs:104:33:104:37 | path1 | provenance | |
|
||||
| src/main.rs:103:9:103:13 | path1 | src/main.rs:106:39:106:43 | path1 | provenance | |
|
||||
| src/main.rs:103:9:103:13 | path1 | src/main.rs:109:41:109:45 | path1 | provenance | |
|
||||
| src/main.rs:103:9:103:13 | path1 | src/main.rs:112:45:112:49 | path1 | provenance | |
|
||||
| src/main.rs:103:9:103:13 | path1 | src/main.rs:115:39:115:43 | path1 | provenance | |
|
||||
| src/main.rs:103:9:103:13 | path1 | src/main.rs:122:27:122:31 | path1 | provenance | |
|
||||
| src/main.rs:103:9:103:13 | path1 | src/main.rs:123:37:123:41 | path1 | provenance | |
|
||||
| src/main.rs:103:17:103:30 | ...::args | src/main.rs:103:17:103:32 | ...::args(...) [element] | provenance | Src:MaD:6 |
|
||||
| src/main.rs:103:17:103:32 | ...::args(...) [element] | src/main.rs:103:17:103:39 | ... .nth(...) [Some] | provenance | MaD:8 |
|
||||
| src/main.rs:103:17:103:39 | ... .nth(...) [Some] | src/main.rs:103:17:103:48 | ... .unwrap() | provenance | MaD:9 |
|
||||
| src/main.rs:103:17:103:30 | ...::args | src/main.rs:103:17:103:32 | ...::args(...) [element] | provenance | Src:MaD:7 |
|
||||
| src/main.rs:103:17:103:32 | ...::args(...) [element] | src/main.rs:103:17:103:39 | ... .nth(...) [Some] | provenance | MaD:9 |
|
||||
| src/main.rs:103:17:103:39 | ... .nth(...) [Some] | src/main.rs:103:17:103:48 | ... .unwrap() | provenance | MaD:10 |
|
||||
| src/main.rs:103:17:103:48 | ... .unwrap() | src/main.rs:103:9:103:13 | path1 | provenance | |
|
||||
| src/main.rs:104:33:104:37 | path1 | src/main.rs:104:33:104:45 | path1.clone() | provenance | MaD:7 |
|
||||
| src/main.rs:104:33:104:37 | path1 | src/main.rs:104:33:104:45 | path1.clone() | provenance | MaD:8 |
|
||||
| src/main.rs:104:33:104:45 | path1.clone() | src/main.rs:104:13:104:31 | ...::open | provenance | MaD:2 Sink:MaD:2 |
|
||||
| src/main.rs:106:9:106:13 | path2 | src/main.rs:107:33:107:37 | path2 | provenance | |
|
||||
| src/main.rs:106:17:106:52 | ...::canonicalize(...) [Ok] | src/main.rs:106:17:106:61 | ... .unwrap() | provenance | MaD:10 |
|
||||
| src/main.rs:106:17:106:52 | ...::canonicalize(...) [Ok] | src/main.rs:106:17:106:61 | ... .unwrap() | provenance | MaD:11 |
|
||||
| src/main.rs:106:17:106:61 | ... .unwrap() | src/main.rs:106:9:106:13 | path2 | provenance | |
|
||||
| src/main.rs:106:39:106:43 | path1 | src/main.rs:106:39:106:51 | path1.clone() | provenance | MaD:7 |
|
||||
| src/main.rs:106:39:106:51 | path1.clone() | src/main.rs:106:17:106:52 | ...::canonicalize(...) [Ok] | provenance | MaD:13 |
|
||||
| src/main.rs:106:39:106:43 | path1 | src/main.rs:106:39:106:51 | path1.clone() | provenance | MaD:8 |
|
||||
| src/main.rs:106:39:106:51 | path1.clone() | src/main.rs:106:17:106:52 | ...::canonicalize(...) [Ok] | provenance | MaD:15 |
|
||||
| src/main.rs:107:33:107:37 | path2 | src/main.rs:107:13:107:31 | ...::open | provenance | MaD:2 Sink:MaD:2 |
|
||||
| src/main.rs:109:9:109:13 | path3 | src/main.rs:110:35:110:39 | path3 | provenance | |
|
||||
| src/main.rs:109:17:109:54 | ...::canonicalize(...) [future, Ok] | src/main.rs:109:17:109:60 | await ... [Ok] | provenance | |
|
||||
| src/main.rs:109:17:109:60 | await ... [Ok] | src/main.rs:109:17:109:69 | ... .unwrap() | provenance | MaD:10 |
|
||||
| src/main.rs:109:17:109:60 | await ... [Ok] | src/main.rs:109:17:109:69 | ... .unwrap() | provenance | MaD:11 |
|
||||
| src/main.rs:109:17:109:69 | ... .unwrap() | src/main.rs:109:9:109:13 | path3 | provenance | |
|
||||
| src/main.rs:109:41:109:45 | path1 | src/main.rs:109:41:109:53 | path1.clone() | provenance | MaD:7 |
|
||||
| src/main.rs:109:41:109:53 | path1.clone() | src/main.rs:109:17:109:54 | ...::canonicalize(...) [future, Ok] | provenance | MaD:14 |
|
||||
| src/main.rs:110:35:110:39 | path3 | src/main.rs:110:13:110:33 | ...::open | provenance | MaD:3 Sink:MaD:3 |
|
||||
| src/main.rs:109:41:109:45 | path1 | src/main.rs:109:41:109:53 | path1.clone() | provenance | MaD:8 |
|
||||
| src/main.rs:109:41:109:53 | path1.clone() | src/main.rs:109:17:109:54 | ...::canonicalize(...) [future, Ok] | provenance | MaD:16 |
|
||||
| src/main.rs:110:35:110:39 | path3 | src/main.rs:110:13:110:33 | ...::open | provenance | MaD:4 Sink:MaD:4 |
|
||||
| src/main.rs:112:9:112:13 | path4 | src/main.rs:113:39:113:43 | path4 | provenance | |
|
||||
| src/main.rs:112:17:112:58 | ...::canonicalize(...) [future, Ok] | src/main.rs:112:17:112:64 | await ... [Ok] | provenance | |
|
||||
| src/main.rs:112:17:112:64 | await ... [Ok] | src/main.rs:112:17:112:73 | ... .unwrap() | provenance | MaD:10 |
|
||||
| src/main.rs:112:17:112:64 | await ... [Ok] | src/main.rs:112:17:112:73 | ... .unwrap() | provenance | MaD:11 |
|
||||
| src/main.rs:112:17:112:73 | ... .unwrap() | src/main.rs:112:9:112:13 | path4 | provenance | |
|
||||
| src/main.rs:112:45:112:49 | path1 | src/main.rs:112:45:112:57 | path1.clone() | provenance | MaD:7 |
|
||||
| src/main.rs:112:45:112:57 | path1.clone() | src/main.rs:112:17:112:58 | ...::canonicalize(...) [future, Ok] | provenance | MaD:12 |
|
||||
| src/main.rs:112:45:112:49 | path1 | src/main.rs:112:45:112:57 | path1.clone() | provenance | MaD:8 |
|
||||
| src/main.rs:112:45:112:57 | path1.clone() | src/main.rs:112:17:112:58 | ...::canonicalize(...) [future, Ok] | provenance | MaD:14 |
|
||||
| src/main.rs:113:39:113:43 | path4 | src/main.rs:113:13:113:37 | ...::open | provenance | MaD:1 Sink:MaD:1 |
|
||||
| src/main.rs:122:27:122:31 | path1 | src/main.rs:122:27:122:39 | path1.clone() | provenance | MaD:7 |
|
||||
| src/main.rs:122:27:122:39 | path1.clone() | src/main.rs:122:13:122:25 | ...::copy | provenance | MaD:4 Sink:MaD:4 |
|
||||
| src/main.rs:123:37:123:41 | path1 | src/main.rs:123:37:123:49 | path1.clone() | provenance | MaD:7 |
|
||||
| src/main.rs:123:37:123:49 | path1.clone() | src/main.rs:123:13:123:25 | ...::copy | provenance | MaD:4 Sink:MaD:4 |
|
||||
| src/main.rs:115:9:115:13 | path5 [&ref] | src/main.rs:116:33:116:37 | path5 [&ref] | provenance | |
|
||||
| src/main.rs:115:17:115:44 | ...::new(...) [&ref] | src/main.rs:115:9:115:13 | path5 [&ref] | provenance | |
|
||||
| src/main.rs:115:38:115:43 | &path1 [&ref] | src/main.rs:115:17:115:44 | ...::new(...) [&ref] | provenance | MaD:12 |
|
||||
| src/main.rs:115:39:115:43 | path1 | src/main.rs:115:38:115:43 | &path1 [&ref] | provenance | |
|
||||
| src/main.rs:116:33:116:37 | path5 [&ref] | src/main.rs:116:13:116:31 | ...::open | provenance | MaD:2 Sink:MaD:2 |
|
||||
| src/main.rs:122:27:122:31 | path1 | src/main.rs:122:27:122:39 | path1.clone() | provenance | MaD:8 |
|
||||
| src/main.rs:122:27:122:39 | path1.clone() | src/main.rs:122:13:122:25 | ...::copy | provenance | MaD:5 Sink:MaD:5 |
|
||||
| src/main.rs:123:37:123:41 | path1 | src/main.rs:123:37:123:49 | path1.clone() | provenance | MaD:8 |
|
||||
| src/main.rs:123:37:123:49 | path1.clone() | src/main.rs:123:13:123:25 | ...::copy | provenance | MaD:5 Sink:MaD:5 |
|
||||
| src/main.rs:170:16:170:29 | ...: ... [&ref] | src/main.rs:172:26:172:33 | path_str [&ref] | provenance | |
|
||||
| src/main.rs:170:16:170:29 | ...: ... [&ref] | src/main.rs:174:36:174:43 | path_str [&ref] | provenance | |
|
||||
| src/main.rs:172:9:172:12 | path [&ref] | src/main.rs:173:8:173:11 | path [&ref] | provenance | |
|
||||
| src/main.rs:172:16:172:34 | ...::new(...) [&ref] | src/main.rs:172:9:172:12 | path [&ref] | provenance | |
|
||||
| src/main.rs:172:26:172:33 | path_str [&ref] | src/main.rs:172:16:172:34 | ...::new(...) [&ref] | provenance | MaD:12 |
|
||||
| src/main.rs:173:8:173:11 | path [&ref] | src/main.rs:173:13:173:18 | exists | provenance | MaD:3 Sink:MaD:3 |
|
||||
| src/main.rs:173:8:173:11 | path [&ref] | src/main.rs:177:36:177:39 | path [&ref] | provenance | |
|
||||
| src/main.rs:174:36:174:43 | path_str [&ref] | src/main.rs:174:25:174:34 | ...::open | provenance | MaD:2 Sink:MaD:2 |
|
||||
| src/main.rs:177:36:177:39 | path [&ref] | src/main.rs:177:25:177:34 | ...::open | provenance | MaD:2 Sink:MaD:2 |
|
||||
| src/main.rs:185:9:185:13 | path1 | src/main.rs:186:18:186:22 | path1 | provenance | |
|
||||
| src/main.rs:185:17:185:30 | ...::args | src/main.rs:185:17:185:32 | ...::args(...) [element] | provenance | Src:MaD:6 |
|
||||
| src/main.rs:185:17:185:32 | ...::args(...) [element] | src/main.rs:185:17:185:39 | ... .nth(...) [Some] | provenance | MaD:8 |
|
||||
| src/main.rs:185:17:185:39 | ... .nth(...) [Some] | src/main.rs:185:17:185:48 | ... .unwrap() | provenance | MaD:9 |
|
||||
| src/main.rs:185:17:185:30 | ...::args | src/main.rs:185:17:185:32 | ...::args(...) [element] | provenance | Src:MaD:7 |
|
||||
| src/main.rs:185:17:185:32 | ...::args(...) [element] | src/main.rs:185:17:185:39 | ... .nth(...) [Some] | provenance | MaD:9 |
|
||||
| src/main.rs:185:17:185:39 | ... .nth(...) [Some] | src/main.rs:185:17:185:48 | ... .unwrap() | provenance | MaD:10 |
|
||||
| src/main.rs:185:17:185:48 | ... .unwrap() | src/main.rs:185:9:185:13 | path1 | provenance | |
|
||||
| src/main.rs:186:17:186:22 | &path1 [&ref] | src/main.rs:170:16:170:29 | ...: ... [&ref] | provenance | |
|
||||
| src/main.rs:186:18:186:22 | path1 | src/main.rs:186:17:186:22 | &path1 [&ref] | provenance | |
|
||||
models
|
||||
| 1 | Sink: <async_std::fs::file::File>::open; Argument[0]; path-injection |
|
||||
| 2 | Sink: <std::fs::File>::open; Argument[0]; path-injection |
|
||||
| 3 | Sink: <tokio::fs::file::File>::open; Argument[0]; path-injection |
|
||||
| 4 | Sink: std::fs::copy; Argument[0,1]; path-injection |
|
||||
| 5 | Sink: std::fs::read_to_string; Argument[0]; path-injection |
|
||||
| 6 | Source: std::env::args; ReturnValue.Element; commandargs |
|
||||
| 7 | Summary: <_ as core::clone::Clone>::clone; Argument[self].Reference; ReturnValue; value |
|
||||
| 8 | Summary: <_ as core::iter::traits::iterator::Iterator>::nth; Argument[self].Element; ReturnValue.Field[core::option::Option::Some(0)]; value |
|
||||
| 9 | Summary: <core::option::Option>::unwrap; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
|
||||
| 10 | Summary: <core::result::Result>::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
|
||||
| 11 | Summary: <std::path::PathBuf as core::convert::From>::from; Argument[0]; ReturnValue; taint |
|
||||
| 12 | Summary: async_std::fs::canonicalize::canonicalize; Argument[0]; ReturnValue.Future.Field[core::result::Result::Ok(0)]; taint |
|
||||
| 13 | Summary: std::fs::canonicalize; Argument[0]; ReturnValue.Field[core::result::Result::Ok(0)]; taint |
|
||||
| 14 | Summary: tokio::fs::canonicalize::canonicalize; Argument[0]; ReturnValue.Future.Field[core::result::Result::Ok(0)]; taint |
|
||||
| 3 | Sink: <std::path::Path>::exists; Argument[self]; path-injection |
|
||||
| 4 | Sink: <tokio::fs::file::File>::open; Argument[0]; path-injection |
|
||||
| 5 | Sink: std::fs::copy; Argument[0,1]; path-injection |
|
||||
| 6 | Sink: std::fs::read_to_string; Argument[0]; path-injection |
|
||||
| 7 | Source: std::env::args; ReturnValue.Element; commandargs |
|
||||
| 8 | Summary: <_ as core::clone::Clone>::clone; Argument[self].Reference; ReturnValue; value |
|
||||
| 9 | Summary: <_ as core::iter::traits::iterator::Iterator>::nth; Argument[self].Element; ReturnValue.Field[core::option::Option::Some(0)]; value |
|
||||
| 10 | Summary: <core::option::Option>::unwrap; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
|
||||
| 11 | Summary: <core::result::Result>::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
|
||||
| 12 | Summary: <std::path::Path>::new; Argument[0].Reference; ReturnValue.Reference; taint |
|
||||
| 13 | Summary: <std::path::PathBuf as core::convert::From>::from; Argument[0]; ReturnValue; taint |
|
||||
| 14 | Summary: async_std::fs::canonicalize::canonicalize; Argument[0]; ReturnValue.Future.Field[core::result::Result::Ok(0)]; taint |
|
||||
| 15 | Summary: std::fs::canonicalize; Argument[0]; ReturnValue.Field[core::result::Result::Ok(0)]; taint |
|
||||
| 16 | Summary: tokio::fs::canonicalize::canonicalize; Argument[0]; ReturnValue.Future.Field[core::result::Result::Ok(0)]; taint |
|
||||
nodes
|
||||
| src/main.rs:7:11:7:19 | file_name | semmle.label | file_name |
|
||||
| src/main.rs:9:9:9:17 | file_path | semmle.label | file_path |
|
||||
@@ -81,6 +106,13 @@ nodes
|
||||
| src/main.rs:9:35:9:43 | file_name | semmle.label | file_name |
|
||||
| src/main.rs:11:5:11:22 | ...::read_to_string | semmle.label | ...::read_to_string |
|
||||
| src/main.rs:11:24:11:32 | file_path | semmle.label | file_path |
|
||||
| src/main.rs:63:11:63:19 | file_path | semmle.label | file_path |
|
||||
| src/main.rs:66:9:66:17 | file_path [&ref] | semmle.label | file_path [&ref] |
|
||||
| src/main.rs:66:21:66:41 | ...::new(...) [&ref] | semmle.label | ...::new(...) [&ref] |
|
||||
| src/main.rs:66:31:66:40 | &file_path [&ref] | semmle.label | &file_path [&ref] |
|
||||
| src/main.rs:66:32:66:40 | file_path | semmle.label | file_path |
|
||||
| src/main.rs:71:5:71:22 | ...::read_to_string | semmle.label | ...::read_to_string |
|
||||
| src/main.rs:71:24:71:32 | file_path [&ref] | semmle.label | file_path [&ref] |
|
||||
| src/main.rs:103:9:103:13 | path1 | semmle.label | path1 |
|
||||
| src/main.rs:103:17:103:30 | ...::args | semmle.label | ...::args |
|
||||
| src/main.rs:103:17:103:32 | ...::args(...) [element] | semmle.label | ...::args(...) [element] |
|
||||
@@ -112,6 +144,12 @@ nodes
|
||||
| src/main.rs:112:45:112:57 | path1.clone() | semmle.label | path1.clone() |
|
||||
| src/main.rs:113:13:113:37 | ...::open | semmle.label | ...::open |
|
||||
| src/main.rs:113:39:113:43 | path4 | semmle.label | path4 |
|
||||
| src/main.rs:115:9:115:13 | path5 [&ref] | semmle.label | path5 [&ref] |
|
||||
| src/main.rs:115:17:115:44 | ...::new(...) [&ref] | semmle.label | ...::new(...) [&ref] |
|
||||
| src/main.rs:115:38:115:43 | &path1 [&ref] | semmle.label | &path1 [&ref] |
|
||||
| src/main.rs:115:39:115:43 | path1 | semmle.label | path1 |
|
||||
| src/main.rs:116:13:116:31 | ...::open | semmle.label | ...::open |
|
||||
| src/main.rs:116:33:116:37 | path5 [&ref] | semmle.label | path5 [&ref] |
|
||||
| src/main.rs:122:13:122:25 | ...::copy | semmle.label | ...::copy |
|
||||
| src/main.rs:122:27:122:31 | path1 | semmle.label | path1 |
|
||||
| src/main.rs:122:27:122:39 | path1.clone() | semmle.label | path1.clone() |
|
||||
@@ -119,8 +157,15 @@ nodes
|
||||
| src/main.rs:123:37:123:41 | path1 | semmle.label | path1 |
|
||||
| src/main.rs:123:37:123:49 | path1.clone() | semmle.label | path1.clone() |
|
||||
| src/main.rs:170:16:170:29 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
|
||||
| src/main.rs:172:9:172:12 | path [&ref] | semmle.label | path [&ref] |
|
||||
| src/main.rs:172:16:172:34 | ...::new(...) [&ref] | semmle.label | ...::new(...) [&ref] |
|
||||
| src/main.rs:172:26:172:33 | path_str [&ref] | semmle.label | path_str [&ref] |
|
||||
| src/main.rs:173:8:173:11 | path [&ref] | semmle.label | path [&ref] |
|
||||
| src/main.rs:173:13:173:18 | exists | semmle.label | exists |
|
||||
| src/main.rs:174:25:174:34 | ...::open | semmle.label | ...::open |
|
||||
| src/main.rs:174:36:174:43 | path_str [&ref] | semmle.label | path_str [&ref] |
|
||||
| src/main.rs:177:25:177:34 | ...::open | semmle.label | ...::open |
|
||||
| src/main.rs:177:36:177:39 | path [&ref] | semmle.label | path [&ref] |
|
||||
| src/main.rs:185:9:185:13 | path1 | semmle.label | path1 |
|
||||
| src/main.rs:185:17:185:30 | ...::args | semmle.label | ...::args |
|
||||
| src/main.rs:185:17:185:32 | ...::args(...) [element] | semmle.label | ...::args(...) [element] |
|
||||
|
||||
@@ -60,7 +60,7 @@ fn tainted_path_handler_folder_good_simpler(Query(file_path): Query<String>) ->
|
||||
|
||||
//#[handler]
|
||||
fn tainted_path_handler_folder_almost_good1_simpler(
|
||||
Query(file_path): Query<String>, // $ MISSING: Source=remote3
|
||||
Query(file_path): Query<String>, // $ Source=remote3
|
||||
) -> Result<String> {
|
||||
let public_path = "/var/www/public_html";
|
||||
let file_path = Path::new(&file_path);
|
||||
@@ -68,7 +68,7 @@ fn tainted_path_handler_folder_almost_good1_simpler(
|
||||
if !file_path.starts_with(public_path) {
|
||||
return Err(Error::from_status(StatusCode::BAD_REQUEST));
|
||||
}
|
||||
fs::read_to_string(file_path).map_err(InternalServerError) // $ path-injection-checked path-injection-sink MISSING: Alert[rust/path-injection]=remote3
|
||||
fs::read_to_string(file_path).map_err(InternalServerError) // $ path-injection-checked path-injection-sink Alert[rust/path-injection]=remote3
|
||||
}
|
||||
|
||||
//#[handler]
|
||||
@@ -113,7 +113,7 @@ async fn more_simple_cases() {
|
||||
let _ = async_std::fs::File::open(path4); // $ path-injection-sink Alert[rust/path-injection]=arg1
|
||||
|
||||
let path5 = std::path::Path::new(&path1);
|
||||
let _ = std::fs::File::open(path5); // $ path-injection-sink MISSING: Alert[rust/path-injection]=arg1
|
||||
let _ = std::fs::File::open(path5); // $ path-injection-sink Alert[rust/path-injection]=arg1
|
||||
|
||||
let path6 = path5.canonicalize().unwrap();
|
||||
let _ = std::fs::File::open(path6); // $ path-injection-sink MISSING: Alert[rust/path-injection]=arg1
|
||||
@@ -170,11 +170,11 @@ use std::fs::File;
|
||||
fn my_function(path_str: &str) -> Result<(), std::io::Error> {
|
||||
// somewhat realistic example
|
||||
let path = Path::new(path_str);
|
||||
if path.exists() { // $ path-injection-sink
|
||||
if path.exists() { // $ path-injection-sink Alert[rust/path-injection]=arg2
|
||||
let mut file1 = File::open(path_str)?; // $ path-injection-sink Alert[rust/path-injection]=arg2
|
||||
// ...
|
||||
|
||||
let mut file2 = File::open(path)?; // $ path-injection-sink MISSING: Alert[rust/path-injection]=arg2
|
||||
let mut file2 = File::open(path)?; // $ path-injection-sink Alert[rust/path-injection]=arg2
|
||||
// ...
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user