Rust: Add taint tests for arrays

2026-04-28 02:05:14 +02:00 · 2024-12-05 11:39:05 +01:00
parent 27de43fed8
commit 44239cbf2e
1 changed files with 33 additions and 0 deletions
--- a/rust/ql/test/library-tests/dataflow/taint/main.rs
+++ b/rust/ql/test/library-tests/dataflow/taint/main.rs
@@ -40,6 +40,37 @@ mod string {
    }
 }

+mod array_source {
+    fn source(i: i64) -> [i64; 3] {
+        [i; 3]
+    }
+
+    fn sink(i: i64) {
+        println!("{}", i);
+    }
+
+    pub fn array_tainted() {
+        let arr = source(76);
+        sink(arr[1]); // $ MISSING: hasTaintFlow=76
+    }
+}
+
+mod array_sink {
+    fn source(i: i64) -> i64 {
+        i
+    }
+
+    fn sink(s: [i64; 3]) {
+        println!("{}", s[1]);
+    }
+
+    pub fn array_with_taint() {
+        let mut arr2 = [1, 2, 3];
+        arr2[1] = source(36);
+        sink(arr2); // $ MISSING: hasTaintFlow=36
+    }
+}
+
 use string::*;

 fn main() {
@@ -47,4 +78,6 @@ fn main() {
    negation();
    cast();
    string_slice();
+    array_source::array_tainted();
+    array_sink::array_with_taint();
 }