hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Rust: Splits off sources/net.

Browse Source
This commit is contained in:
Geoffrey White
2025-10-21 16:36:32 +01:00
parent 7ddd441e5f
commit 5ba331e986
8 changed files with 2496 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2146
rust/ql/test/library-tests/dataflow/sources/net/Cargo.lock generated Normal file
View File

File diff suppressed because it is too large Load Diff

278
rust/ql/test/library-tests/dataflow/sources/net/InlineFlow.expected Normal file
View File

@@ -0,0 +1,278 @@
models
| 1 | Source: <hyper::client::conn::http1::SendRequest>::send_request; ReturnValue.Future.Field[core::result::Result::Ok(0)]; remote |
| 2 | Source: <std::net::tcp::TcpStream>::connect; ReturnValue.Field[core::result::Result::Ok(0)]; remote |
| 3 | Source: <std::net::tcp::TcpStream>::connect_timeout; ReturnValue.Field[core::result::Result::Ok(0)]; remote |
| 4 | Source: <tokio::net::tcp::stream::TcpStream>::connect; ReturnValue.Future.Field[core::result::Result::Ok(0)]; remote |
| 5 | Source: reqwest::blocking::get; ReturnValue.Field[core::result::Result::Ok(0)]; remote |
| 6 | Source: reqwest::get; ReturnValue.Future.Field[core::result::Result::Ok(0)]; remote |
| 7 | Summary: <_ as std::io::BufRead>::read_line; Argument[self]; Argument[0].Reference; taint |
| 8 | Summary: <_ as std::io::Read>::read; Argument[self]; Argument[0].Reference; taint |
| 9 | Summary: <_ as std::io::Read>::take; Argument[self]; ReturnValue; taint |
| 10 | Summary: <_ as tokio::io::util::async_read_ext::AsyncReadExt>::read; Argument[self]; Argument[0].Reference; taint |
| 11 | Summary: <core::option::Option>::unwrap; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
| 12 | Summary: <core::result::Result>::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
| 13 | Summary: <reqwest::async_impl::response::Response>::bytes; Argument[self]; ReturnValue.Future.Field[core::result::Result::Ok(0)]; taint |
| 14 | Summary: <reqwest::async_impl::response::Response>::chunk; Argument[self]; ReturnValue.Future.Field[core::result::Result::Ok(0)].Field[core::option::Option::Some(0)]; taint |
| 15 | Summary: <reqwest::async_impl::response::Response>::text; Argument[self]; ReturnValue.Future.Field[core::result::Result::Ok(0)]; taint |
| 16 | Summary: <reqwest::blocking::response::Response>::bytes; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint |
| 17 | Summary: <reqwest::blocking::response::Response>::text; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint |
| 18 | Summary: <reqwest::blocking::response::Response>::text_with_charset; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint |
| 19 | Summary: <std::io::buffered::bufreader::BufReader>::new; Argument[0]; ReturnValue; taint |
| 20 | Summary: <std::net::tcp::TcpStream as std::io::Read>::read; Argument[self]; Argument[0].Reference; taint |
| 21 | Summary: <tokio::net::tcp::stream::TcpStream>::peek; Argument[self]; Argument[0].Reference; taint |
| 22 | Summary: <tokio::net::tcp::stream::TcpStream>::try_read; Argument[self]; Argument[0].Reference; taint |
| 23 | Summary: <tokio::net::tcp::stream::TcpStream>::try_read_buf; Argument[self]; Argument[0].Reference; taint |
edges
| test.rs:11:9:11:22 | remote_string1 | test.rs:12:10:12:23 | remote_string1 | provenance | |
| test.rs:11:26:11:47 | ...::get | test.rs:11:26:11:62 | ...::get(...) [Ok] | provenance | Src:MaD:5 |
| test.rs:11:26:11:62 | ...::get(...) [Ok] | test.rs:11:26:11:63 | TryExpr | provenance | |
| test.rs:11:26:11:63 | TryExpr | test.rs:11:26:11:70 | ... .text() [Ok] | provenance | MaD:17 |
| test.rs:11:26:11:70 | ... .text() [Ok] | test.rs:11:26:11:71 | TryExpr | provenance | |
| test.rs:11:26:11:71 | TryExpr | test.rs:11:9:11:22 | remote_string1 | provenance | |
| test.rs:14:9:14:22 | remote_string2 | test.rs:15:10:15:23 | remote_string2 | provenance | |
| test.rs:14:26:14:47 | ...::get | test.rs:14:26:14:62 | ...::get(...) [Ok] | provenance | Src:MaD:5 |
| test.rs:14:26:14:62 | ...::get(...) [Ok] | test.rs:14:26:14:71 | ... .unwrap() | provenance | MaD:12 |
| test.rs:14:26:14:71 | ... .unwrap() | test.rs:14:26:14:78 | ... .text() [Ok] | provenance | MaD:17 |
| test.rs:14:26:14:78 | ... .text() [Ok] | test.rs:14:26:14:87 | ... .unwrap() | provenance | MaD:12 |
| test.rs:14:26:14:87 | ... .unwrap() | test.rs:14:9:14:22 | remote_string2 | provenance | |
| test.rs:17:9:17:22 | remote_string3 | test.rs:18:10:18:23 | remote_string3 | provenance | |
| test.rs:17:26:17:47 | ...::get | test.rs:17:26:17:62 | ...::get(...) [Ok] | provenance | Src:MaD:5 |
| test.rs:17:26:17:62 | ...::get(...) [Ok] | test.rs:17:26:17:71 | ... .unwrap() | provenance | MaD:12 |
| test.rs:17:26:17:71 | ... .unwrap() | test.rs:17:26:17:98 | ... .text_with_charset(...) [Ok] | provenance | MaD:18 |
| test.rs:17:26:17:98 | ... .text_with_charset(...) [Ok] | test.rs:17:26:17:107 | ... .unwrap() | provenance | MaD:12 |
| test.rs:17:26:17:107 | ... .unwrap() | test.rs:17:9:17:22 | remote_string3 | provenance | |
| test.rs:20:9:20:22 | remote_string4 | test.rs:21:10:21:23 | remote_string4 | provenance | |
| test.rs:20:26:20:47 | ...::get | test.rs:20:26:20:62 | ...::get(...) [Ok] | provenance | Src:MaD:5 |
| test.rs:20:26:20:62 | ...::get(...) [Ok] | test.rs:20:26:20:71 | ... .unwrap() | provenance | MaD:12 |
| test.rs:20:26:20:71 | ... .unwrap() | test.rs:20:26:20:79 | ... .bytes() [Ok] | provenance | MaD:16 |
| test.rs:20:26:20:79 | ... .bytes() [Ok] | test.rs:20:26:20:88 | ... .unwrap() | provenance | MaD:12 |
| test.rs:20:26:20:88 | ... .unwrap() | test.rs:20:9:20:22 | remote_string4 | provenance | |
| test.rs:23:9:23:22 | remote_string5 | test.rs:24:10:24:23 | remote_string5 | provenance | |
| test.rs:23:26:23:37 | ...::get | test.rs:23:26:23:52 | ...::get(...) [future, Ok] | provenance | Src:MaD:6 |
| test.rs:23:26:23:52 | ...::get(...) [future, Ok] | test.rs:23:26:23:58 | await ... [Ok] | provenance | |
| test.rs:23:26:23:58 | await ... [Ok] | test.rs:23:26:23:59 | TryExpr | provenance | |
| test.rs:23:26:23:59 | TryExpr | test.rs:23:26:23:66 | ... .text() [future, Ok] | provenance | MaD:15 |
| test.rs:23:26:23:66 | ... .text() [future, Ok] | test.rs:23:26:23:72 | await ... [Ok] | provenance | |
| test.rs:23:26:23:72 | await ... [Ok] | test.rs:23:26:23:73 | TryExpr | provenance | |
| test.rs:23:26:23:73 | TryExpr | test.rs:23:9:23:22 | remote_string5 | provenance | |
| test.rs:26:9:26:22 | remote_string6 | test.rs:27:10:27:23 | remote_string6 | provenance | |
| test.rs:26:26:26:37 | ...::get | test.rs:26:26:26:52 | ...::get(...) [future, Ok] | provenance | Src:MaD:6 |
| test.rs:26:26:26:52 | ...::get(...) [future, Ok] | test.rs:26:26:26:58 | await ... [Ok] | provenance | |
| test.rs:26:26:26:58 | await ... [Ok] | test.rs:26:26:26:59 | TryExpr | provenance | |
| test.rs:26:26:26:59 | TryExpr | test.rs:26:26:26:67 | ... .bytes() [future, Ok] | provenance | MaD:13 |
| test.rs:26:26:26:67 | ... .bytes() [future, Ok] | test.rs:26:26:26:73 | await ... [Ok] | provenance | |
| test.rs:26:26:26:73 | await ... [Ok] | test.rs:26:26:26:74 | TryExpr | provenance | |
| test.rs:26:26:26:74 | TryExpr | test.rs:26:9:26:22 | remote_string6 | provenance | |
| test.rs:29:9:29:20 | mut request1 | test.rs:30:10:30:25 | request1.chunk() [future, Ok, Some] | provenance | MaD:14 |
| test.rs:29:9:29:20 | mut request1 | test.rs:31:29:31:44 | request1.chunk() [future, Ok, Some] | provenance | MaD:14 |
| test.rs:29:24:29:35 | ...::get | test.rs:29:24:29:50 | ...::get(...) [future, Ok] | provenance | Src:MaD:6 |
| test.rs:29:24:29:50 | ...::get(...) [future, Ok] | test.rs:29:24:29:56 | await ... [Ok] | provenance | |
| test.rs:29:24:29:56 | await ... [Ok] | test.rs:29:24:29:57 | TryExpr | provenance | |
| test.rs:29:24:29:57 | TryExpr | test.rs:29:9:29:20 | mut request1 | provenance | |
| test.rs:30:10:30:25 | request1.chunk() [future, Ok, Some] | test.rs:30:10:30:31 | await ... [Ok, Some] | provenance | |
| test.rs:30:10:30:31 | await ... [Ok, Some] | test.rs:30:10:30:32 | TryExpr [Some] | provenance | |
| test.rs:30:10:30:32 | TryExpr [Some] | test.rs:30:10:30:41 | ... .unwrap() | provenance | MaD:11 |
| test.rs:31:15:31:25 | Some(...) [Some] | test.rs:31:20:31:24 | chunk | provenance | |
| test.rs:31:20:31:24 | chunk | test.rs:32:14:32:18 | chunk | provenance | |
| test.rs:31:29:31:44 | request1.chunk() [future, Ok, Some] | test.rs:31:29:31:50 | await ... [Ok, Some] | provenance | |
| test.rs:31:29:31:50 | await ... [Ok, Some] | test.rs:31:29:31:51 | TryExpr [Some] | provenance | |
| test.rs:31:29:31:51 | TryExpr [Some] | test.rs:31:15:31:25 | Some(...) [Some] | provenance | |
| test.rs:60:13:60:20 | response | test.rs:61:15:61:22 | response | provenance | |
| test.rs:60:13:60:20 | response | test.rs:62:14:62:21 | response | provenance | |
| test.rs:60:24:60:51 | sender.send_request(...) [future, Ok] | test.rs:60:24:60:57 | await ... [Ok] | provenance | |
| test.rs:60:24:60:57 | await ... [Ok] | test.rs:60:24:60:58 | TryExpr | provenance | |
| test.rs:60:24:60:58 | TryExpr | test.rs:60:13:60:20 | response | provenance | |
| test.rs:60:31:60:42 | send_request | test.rs:60:24:60:51 | sender.send_request(...) [future, Ok] | provenance | Src:MaD:1 |
| test.rs:61:15:61:22 | response | test.rs:61:14:61:22 | &response | provenance | |
| test.rs:67:9:67:20 | mut response | test.rs:68:11:68:18 | response | provenance | |
| test.rs:67:24:67:51 | sender.send_request(...) [future, Ok] | test.rs:67:24:67:57 | await ... [Ok] | provenance | |
| test.rs:67:24:67:57 | await ... [Ok] | test.rs:67:24:67:58 | TryExpr | provenance | |
| test.rs:67:24:67:58 | TryExpr | test.rs:67:9:67:20 | mut response | provenance | |
| test.rs:67:31:67:42 | send_request | test.rs:67:24:67:51 | sender.send_request(...) [future, Ok] | provenance | Src:MaD:1 |
| test.rs:68:11:68:18 | response | test.rs:68:10:68:18 | &response | provenance | |
| test.rs:155:13:155:22 | mut stream | test.rs:162:29:162:39 | [post] &mut buffer [&ref] | provenance | MaD:8 |
| test.rs:155:13:155:22 | mut stream | test.rs:162:29:162:39 | [post] &mut buffer [&ref] | provenance | MaD:20 |
| test.rs:155:26:155:53 | ...::connect | test.rs:155:26:155:62 | ...::connect(...) [Ok] | provenance | Src:MaD:2 |
| test.rs:155:26:155:62 | ...::connect(...) [Ok] | test.rs:155:26:155:63 | TryExpr | provenance | |
| test.rs:155:26:155:63 | TryExpr | test.rs:155:13:155:22 | mut stream | provenance | |
| test.rs:162:29:162:39 | [post] &mut buffer [&ref] | test.rs:162:34:162:39 | [post] buffer | provenance | |
| test.rs:162:34:162:39 | [post] buffer | test.rs:165:15:165:20 | buffer | provenance | |
| test.rs:162:34:162:39 | [post] buffer | test.rs:166:14:166:22 | buffer[0] | provenance | |
| test.rs:165:15:165:20 | buffer | test.rs:165:14:165:20 | &buffer | provenance | |
| test.rs:174:13:174:22 | mut stream | test.rs:182:58:182:63 | stream | provenance | |
| test.rs:174:26:174:61 | ...::connect_timeout | test.rs:174:26:174:105 | ...::connect_timeout(...) [Ok] | provenance | Src:MaD:3 |
| test.rs:174:26:174:105 | ...::connect_timeout(...) [Ok] | test.rs:174:26:174:106 | TryExpr | provenance | |
| test.rs:174:26:174:106 | TryExpr | test.rs:174:13:174:22 | mut stream | provenance | |
| test.rs:182:21:182:30 | mut reader | test.rs:185:44:185:52 | [post] &mut line [&ref] | provenance | MaD:7 |
| test.rs:182:34:182:64 | ...::new(...) | test.rs:182:34:182:74 | ... .take(...) | provenance | MaD:9 |
| test.rs:182:34:182:74 | ... .take(...) | test.rs:182:21:182:30 | mut reader | provenance | |
| test.rs:182:58:182:63 | stream | test.rs:182:34:182:64 | ...::new(...) | provenance | MaD:19 |
| test.rs:185:44:185:52 | [post] &mut line [&ref] | test.rs:185:49:185:52 | [post] line | provenance | |
| test.rs:185:49:185:52 | [post] line | test.rs:192:35:192:38 | line | provenance | |
| test.rs:192:35:192:38 | line | test.rs:192:34:192:38 | &line | provenance | |
| test.rs:224:9:224:24 | mut tokio_stream | test.rs:232:35:232:46 | [post] &mut buffer1 [&ref] | provenance | MaD:21 |
| test.rs:224:9:224:24 | mut tokio_stream | test.rs:236:36:236:47 | [post] &mut buffer2 [&ref] | provenance | MaD:10 |
| test.rs:224:9:224:24 | mut tokio_stream | test.rs:252:41:252:51 | [post] &mut buffer [&ref] | provenance | MaD:22 |
| test.rs:224:9:224:24 | mut tokio_stream | test.rs:275:45:275:55 | [post] &mut buffer [&ref] | provenance | MaD:23 |
| test.rs:224:28:224:57 | ...::connect | test.rs:224:28:224:66 | ...::connect(...) [future, Ok] | provenance | Src:MaD:4 |
| test.rs:224:28:224:66 | ...::connect(...) [future, Ok] | test.rs:224:28:224:72 | await ... [Ok] | provenance | |
| test.rs:224:28:224:72 | await ... [Ok] | test.rs:224:28:224:73 | TryExpr | provenance | |
| test.rs:224:28:224:73 | TryExpr | test.rs:224:9:224:24 | mut tokio_stream | provenance | |
| test.rs:232:35:232:46 | [post] &mut buffer1 [&ref] | test.rs:232:40:232:46 | [post] buffer1 | provenance | |
| test.rs:232:40:232:46 | [post] buffer1 | test.rs:239:15:239:21 | buffer1 | provenance | |
| test.rs:232:40:232:46 | [post] buffer1 | test.rs:240:14:240:23 | buffer1[0] | provenance | |
| test.rs:236:36:236:47 | [post] &mut buffer2 [&ref] | test.rs:236:41:236:47 | [post] buffer2 | provenance | |
| test.rs:236:41:236:47 | [post] buffer2 | test.rs:243:15:243:21 | buffer2 | provenance | |
| test.rs:236:41:236:47 | [post] buffer2 | test.rs:244:14:244:23 | buffer2[0] | provenance | |
| test.rs:239:15:239:21 | buffer1 | test.rs:239:14:239:21 | &buffer1 | provenance | |
| test.rs:243:15:243:21 | buffer2 | test.rs:243:14:243:21 | &buffer2 | provenance | |
| test.rs:252:41:252:51 | [post] &mut buffer [&ref] | test.rs:252:46:252:51 | [post] buffer | provenance | |
| test.rs:252:46:252:51 | [post] buffer | test.rs:259:27:259:32 | buffer | provenance | |
| test.rs:259:27:259:32 | buffer | test.rs:259:26:259:32 | &buffer | provenance | |
| test.rs:275:45:275:55 | [post] &mut buffer [&ref] | test.rs:275:50:275:55 | [post] buffer | provenance | |
| test.rs:275:50:275:55 | [post] buffer | test.rs:282:27:282:32 | buffer | provenance | |
| test.rs:282:27:282:32 | buffer | test.rs:282:26:282:32 | &buffer | provenance | |
nodes
| test.rs:11:9:11:22 | remote_string1 | semmle.label | remote_string1 |
| test.rs:11:26:11:47 | ...::get | semmle.label | ...::get |
| test.rs:11:26:11:62 | ...::get(...) [Ok] | semmle.label | ...::get(...) [Ok] |
| test.rs:11:26:11:63 | TryExpr | semmle.label | TryExpr |
| test.rs:11:26:11:70 | ... .text() [Ok] | semmle.label | ... .text() [Ok] |
| test.rs:11:26:11:71 | TryExpr | semmle.label | TryExpr |
| test.rs:12:10:12:23 | remote_string1 | semmle.label | remote_string1 |
| test.rs:14:9:14:22 | remote_string2 | semmle.label | remote_string2 |
| test.rs:14:26:14:47 | ...::get | semmle.label | ...::get |
| test.rs:14:26:14:62 | ...::get(...) [Ok] | semmle.label | ...::get(...) [Ok] |
| test.rs:14:26:14:71 | ... .unwrap() | semmle.label | ... .unwrap() |
| test.rs:14:26:14:78 | ... .text() [Ok] | semmle.label | ... .text() [Ok] |
| test.rs:14:26:14:87 | ... .unwrap() | semmle.label | ... .unwrap() |
| test.rs:15:10:15:23 | remote_string2 | semmle.label | remote_string2 |
| test.rs:17:9:17:22 | remote_string3 | semmle.label | remote_string3 |
| test.rs:17:26:17:47 | ...::get | semmle.label | ...::get |
| test.rs:17:26:17:62 | ...::get(...) [Ok] | semmle.label | ...::get(...) [Ok] |
| test.rs:17:26:17:71 | ... .unwrap() | semmle.label | ... .unwrap() |
| test.rs:17:26:17:98 | ... .text_with_charset(...) [Ok] | semmle.label | ... .text_with_charset(...) [Ok] |
| test.rs:17:26:17:107 | ... .unwrap() | semmle.label | ... .unwrap() |
| test.rs:18:10:18:23 | remote_string3 | semmle.label | remote_string3 |
| test.rs:20:9:20:22 | remote_string4 | semmle.label | remote_string4 |
| test.rs:20:26:20:47 | ...::get | semmle.label | ...::get |
| test.rs:20:26:20:62 | ...::get(...) [Ok] | semmle.label | ...::get(...) [Ok] |
| test.rs:20:26:20:71 | ... .unwrap() | semmle.label | ... .unwrap() |
| test.rs:20:26:20:79 | ... .bytes() [Ok] | semmle.label | ... .bytes() [Ok] |
| test.rs:20:26:20:88 | ... .unwrap() | semmle.label | ... .unwrap() |
| test.rs:21:10:21:23 | remote_string4 | semmle.label | remote_string4 |
| test.rs:23:9:23:22 | remote_string5 | semmle.label | remote_string5 |
| test.rs:23:26:23:37 | ...::get | semmle.label | ...::get |
| test.rs:23:26:23:52 | ...::get(...) [future, Ok] | semmle.label | ...::get(...) [future, Ok] |
| test.rs:23:26:23:58 | await ... [Ok] | semmle.label | await ... [Ok] |
| test.rs:23:26:23:59 | TryExpr | semmle.label | TryExpr |
| test.rs:23:26:23:66 | ... .text() [future, Ok] | semmle.label | ... .text() [future, Ok] |
| test.rs:23:26:23:72 | await ... [Ok] | semmle.label | await ... [Ok] |
| test.rs:23:26:23:73 | TryExpr | semmle.label | TryExpr |
| test.rs:24:10:24:23 | remote_string5 | semmle.label | remote_string5 |
| test.rs:26:9:26:22 | remote_string6 | semmle.label | remote_string6 |
| test.rs:26:26:26:37 | ...::get | semmle.label | ...::get |
| test.rs:26:26:26:52 | ...::get(...) [future, Ok] | semmle.label | ...::get(...) [future, Ok] |
| test.rs:26:26:26:58 | await ... [Ok] | semmle.label | await ... [Ok] |
| test.rs:26:26:26:59 | TryExpr | semmle.label | TryExpr |
| test.rs:26:26:26:67 | ... .bytes() [future, Ok] | semmle.label | ... .bytes() [future, Ok] |
| test.rs:26:26:26:73 | await ... [Ok] | semmle.label | await ... [Ok] |
| test.rs:26:26:26:74 | TryExpr | semmle.label | TryExpr |
| test.rs:27:10:27:23 | remote_string6 | semmle.label | remote_string6 |
| test.rs:29:9:29:20 | mut request1 | semmle.label | mut request1 |
| test.rs:29:24:29:35 | ...::get | semmle.label | ...::get |
| test.rs:29:24:29:50 | ...::get(...) [future, Ok] | semmle.label | ...::get(...) [future, Ok] |
| test.rs:29:24:29:56 | await ... [Ok] | semmle.label | await ... [Ok] |
| test.rs:29:24:29:57 | TryExpr | semmle.label | TryExpr |
| test.rs:30:10:30:25 | request1.chunk() [future, Ok, Some] | semmle.label | request1.chunk() [future, Ok, Some] |
| test.rs:30:10:30:31 | await ... [Ok, Some] | semmle.label | await ... [Ok, Some] |
| test.rs:30:10:30:32 | TryExpr [Some] | semmle.label | TryExpr [Some] |
| test.rs:30:10:30:41 | ... .unwrap() | semmle.label | ... .unwrap() |
| test.rs:31:15:31:25 | Some(...) [Some] | semmle.label | Some(...) [Some] |
| test.rs:31:20:31:24 | chunk | semmle.label | chunk |
| test.rs:31:29:31:44 | request1.chunk() [future, Ok, Some] | semmle.label | request1.chunk() [future, Ok, Some] |
| test.rs:31:29:31:50 | await ... [Ok, Some] | semmle.label | await ... [Ok, Some] |
| test.rs:31:29:31:51 | TryExpr [Some] | semmle.label | TryExpr [Some] |
| test.rs:32:14:32:18 | chunk | semmle.label | chunk |
| test.rs:60:13:60:20 | response | semmle.label | response |
| test.rs:60:24:60:51 | sender.send_request(...) [future, Ok] | semmle.label | sender.send_request(...) [future, Ok] |
| test.rs:60:24:60:57 | await ... [Ok] | semmle.label | await ... [Ok] |
| test.rs:60:24:60:58 | TryExpr | semmle.label | TryExpr |
| test.rs:60:31:60:42 | send_request | semmle.label | send_request |
| test.rs:61:14:61:22 | &response | semmle.label | &response |
| test.rs:61:15:61:22 | response | semmle.label | response |
| test.rs:62:14:62:21 | response | semmle.label | response |
| test.rs:67:9:67:20 | mut response | semmle.label | mut response |
| test.rs:67:24:67:51 | sender.send_request(...) [future, Ok] | semmle.label | sender.send_request(...) [future, Ok] |
| test.rs:67:24:67:57 | await ... [Ok] | semmle.label | await ... [Ok] |
| test.rs:67:24:67:58 | TryExpr | semmle.label | TryExpr |
| test.rs:67:31:67:42 | send_request | semmle.label | send_request |
| test.rs:68:10:68:18 | &response | semmle.label | &response |
| test.rs:68:11:68:18 | response | semmle.label | response |
| test.rs:155:13:155:22 | mut stream | semmle.label | mut stream |
| test.rs:155:26:155:53 | ...::connect | semmle.label | ...::connect |
| test.rs:155:26:155:62 | ...::connect(...) [Ok] | semmle.label | ...::connect(...) [Ok] |
| test.rs:155:26:155:63 | TryExpr | semmle.label | TryExpr |
| test.rs:162:29:162:39 | [post] &mut buffer [&ref] | semmle.label | [post] &mut buffer [&ref] |
| test.rs:162:34:162:39 | [post] buffer | semmle.label | [post] buffer |
| test.rs:165:14:165:20 | &buffer | semmle.label | &buffer |
| test.rs:165:15:165:20 | buffer | semmle.label | buffer |
| test.rs:166:14:166:22 | buffer[0] | semmle.label | buffer[0] |
| test.rs:174:13:174:22 | mut stream | semmle.label | mut stream |
| test.rs:174:26:174:61 | ...::connect_timeout | semmle.label | ...::connect_timeout |
| test.rs:174:26:174:105 | ...::connect_timeout(...) [Ok] | semmle.label | ...::connect_timeout(...) [Ok] |
| test.rs:174:26:174:106 | TryExpr | semmle.label | TryExpr |
| test.rs:182:21:182:30 | mut reader | semmle.label | mut reader |
| test.rs:182:34:182:64 | ...::new(...) | semmle.label | ...::new(...) |
| test.rs:182:34:182:74 | ... .take(...) | semmle.label | ... .take(...) |
| test.rs:182:58:182:63 | stream | semmle.label | stream |
| test.rs:185:44:185:52 | [post] &mut line [&ref] | semmle.label | [post] &mut line [&ref] |
| test.rs:185:49:185:52 | [post] line | semmle.label | [post] line |
| test.rs:192:34:192:38 | &line | semmle.label | &line |
| test.rs:192:35:192:38 | line | semmle.label | line |
| test.rs:224:9:224:24 | mut tokio_stream | semmle.label | mut tokio_stream |
| test.rs:224:28:224:57 | ...::connect | semmle.label | ...::connect |
| test.rs:224:28:224:66 | ...::connect(...) [future, Ok] | semmle.label | ...::connect(...) [future, Ok] |
| test.rs:224:28:224:72 | await ... [Ok] | semmle.label | await ... [Ok] |
| test.rs:224:28:224:73 | TryExpr | semmle.label | TryExpr |
| test.rs:232:35:232:46 | [post] &mut buffer1 [&ref] | semmle.label | [post] &mut buffer1 [&ref] |
| test.rs:232:40:232:46 | [post] buffer1 | semmle.label | [post] buffer1 |
| test.rs:236:36:236:47 | [post] &mut buffer2 [&ref] | semmle.label | [post] &mut buffer2 [&ref] |
| test.rs:236:41:236:47 | [post] buffer2 | semmle.label | [post] buffer2 |
| test.rs:239:14:239:21 | &buffer1 | semmle.label | &buffer1 |
| test.rs:239:15:239:21 | buffer1 | semmle.label | buffer1 |
| test.rs:240:14:240:23 | buffer1[0] | semmle.label | buffer1[0] |
| test.rs:243:14:243:21 | &buffer2 | semmle.label | &buffer2 |
| test.rs:243:15:243:21 | buffer2 | semmle.label | buffer2 |
| test.rs:244:14:244:23 | buffer2[0] | semmle.label | buffer2[0] |
| test.rs:252:41:252:51 | [post] &mut buffer [&ref] | semmle.label | [post] &mut buffer [&ref] |
| test.rs:252:46:252:51 | [post] buffer | semmle.label | [post] buffer |
| test.rs:259:26:259:32 | &buffer | semmle.label | &buffer |
| test.rs:259:27:259:32 | buffer | semmle.label | buffer |
| test.rs:275:45:275:55 | [post] &mut buffer [&ref] | semmle.label | [post] &mut buffer [&ref] |
| test.rs:275:50:275:55 | [post] buffer | semmle.label | [post] buffer |
| test.rs:282:26:282:32 | &buffer | semmle.label | &buffer |
| test.rs:282:27:282:32 | buffer | semmle.label | buffer |
subpaths
testFailures
#select
| test.rs:12:10:12:23 | remote_string1 | test.rs:11:26:11:47 | ...::get | test.rs:12:10:12:23 | remote_string1 | $@ | test.rs:11:26:11:47 | ...::get | ...::get |
| test.rs:15:10:15:23 | remote_string2 | test.rs:14:26:14:47 | ...::get | test.rs:15:10:15:23 | remote_string2 | $@ | test.rs:14:26:14:47 | ...::get | ...::get |
| test.rs:18:10:18:23 | remote_string3 | test.rs:17:26:17:47 | ...::get | test.rs:18:10:18:23 | remote_string3 | $@ | test.rs:17:26:17:47 | ...::get | ...::get |
| test.rs:21:10:21:23 | remote_string4 | test.rs:20:26:20:47 | ...::get | test.rs:21:10:21:23 | remote_string4 | $@ | test.rs:20:26:20:47 | ...::get | ...::get |
| test.rs:24:10:24:23 | remote_string5 | test.rs:23:26:23:37 | ...::get | test.rs:24:10:24:23 | remote_string5 | $@ | test.rs:23:26:23:37 | ...::get | ...::get |
| test.rs:27:10:27:23 | remote_string6 | test.rs:26:26:26:37 | ...::get | test.rs:27:10:27:23 | remote_string6 | $@ | test.rs:26:26:26:37 | ...::get | ...::get |
| test.rs:30:10:30:41 | ... .unwrap() | test.rs:29:24:29:35 | ...::get | test.rs:30:10:30:41 | ... .unwrap() | $@ | test.rs:29:24:29:35 | ...::get | ...::get |
| test.rs:32:14:32:18 | chunk | test.rs:29:24:29:35 | ...::get | test.rs:32:14:32:18 | chunk | $@ | test.rs:29:24:29:35 | ...::get | ...::get |
| test.rs:61:14:61:22 | &response | test.rs:60:31:60:42 | send_request | test.rs:61:14:61:22 | &response | $@ | test.rs:60:31:60:42 | send_request | send_request |
| test.rs:62:14:62:21 | response | test.rs:60:31:60:42 | send_request | test.rs:62:14:62:21 | response | $@ | test.rs:60:31:60:42 | send_request | send_request |
| test.rs:68:10:68:18 | &response | test.rs:67:31:67:42 | send_request | test.rs:68:10:68:18 | &response | $@ | test.rs:67:31:67:42 | send_request | send_request |
| test.rs:165:14:165:20 | &buffer | test.rs:155:26:155:53 | ...::connect | test.rs:165:14:165:20 | &buffer | $@ | test.rs:155:26:155:53 | ...::connect | ...::connect |
| test.rs:166:14:166:22 | buffer[0] | test.rs:155:26:155:53 | ...::connect | test.rs:166:14:166:22 | buffer[0] | $@ | test.rs:155:26:155:53 | ...::connect | ...::connect |
| test.rs:192:34:192:38 | &line | test.rs:174:26:174:61 | ...::connect_timeout | test.rs:192:34:192:38 | &line | $@ | test.rs:174:26:174:61 | ...::connect_timeout | ...::connect_timeout |
| test.rs:239:14:239:21 | &buffer1 | test.rs:224:28:224:57 | ...::connect | test.rs:239:14:239:21 | &buffer1 | $@ | test.rs:224:28:224:57 | ...::connect | ...::connect |
| test.rs:240:14:240:23 | buffer1[0] | test.rs:224:28:224:57 | ...::connect | test.rs:240:14:240:23 | buffer1[0] | $@ | test.rs:224:28:224:57 | ...::connect | ...::connect |
| test.rs:243:14:243:21 | &buffer2 | test.rs:224:28:224:57 | ...::connect | test.rs:243:14:243:21 | &buffer2 | $@ | test.rs:224:28:224:57 | ...::connect | ...::connect |
| test.rs:244:14:244:23 | buffer2[0] | test.rs:224:28:224:57 | ...::connect | test.rs:244:14:244:23 | buffer2[0] | $@ | test.rs:224:28:224:57 | ...::connect | ...::connect |
| test.rs:259:26:259:32 | &buffer | test.rs:224:28:224:57 | ...::connect | test.rs:259:26:259:32 | &buffer | $@ | test.rs:224:28:224:57 | ...::connect | ...::connect |
| test.rs:282:26:282:32 | &buffer | test.rs:224:28:224:57 | ...::connect | test.rs:282:26:282:32 | &buffer | $@ | test.rs:224:28:224:57 | ...::connect | ...::connect |

36
rust/ql/test/library-tests/dataflow/sources/net/InlineFlow.ql Normal file
View File

@@ -0,0 +1,36 @@
/**
* @kind path-problem
*/
import rust
import codeql.rust.dataflow.DataFlow
import codeql.rust.Concepts
import utils.test.InlineFlowTest
/**
* Configuration for flow from any threat model source to an argument of the function `sink`.
*/
module MyFlowConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelSource }
predicate isSink(DataFlow::Node sink) {
any(CallExpr call |
call.getFunction().(PathExpr).getPath().getSegment().getIdentifier().getText() = "sink"
).getArgList().getAnArg() = sink.asExpr().getExpr()
}
predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c) {
// flow out from any content at the sink.
isSink(node) and
exists(c)
}
}
module MyFlowTest = TaintFlowTest<MyFlowConfig>;
import MyFlowTest
import PathGraph
from PathNode source, PathNode sink
where flowPath(source, sink)
select sink, source, sink, "$@", source, source.toString()

17
rust/ql/test/library-tests/dataflow/sources/net/TaintSources.expected Normal file
View File

@@ -0,0 +1,17 @@
| test.rs:11:26:11:47 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:14:26:14:47 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:17:26:17:47 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:20:26:20:47 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:23:26:23:37 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:26:26:26:37 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:29:24:29:35 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:45:18:45:47 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:60:31:60:42 | send_request | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:67:31:67:42 | send_request | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:155:26:155:53 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:174:26:174:61 | ...::connect_timeout | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:224:28:224:57 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:306:22:306:49 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:332:22:332:50 | ...::new | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:359:16:359:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
| test.rs:359:16:359:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |

2
rust/ql/test/library-tests/dataflow/sources/net/TaintSources.qlref Normal file
View File

@@ -0,0 +1,2 @@
query: queries/summary/TaintSources.ql
postprocess: utils/test/InlineExpectationsTestQuery.ql

12
rust/ql/test/library-tests/dataflow/sources/net/options.yml Normal file
View File

@@ -0,0 +1,12 @@
qltest_cargo_check: true
qltest_dependencies:
- reqwest = { version = "0.12.9", features = ["blocking"] }
- hyper = { version = "1.5.2", features = ["full"] }
- hyper-util = { version = "0.1.10", features = ["full"] }
- http-body-util = { version = "0.1.2" }
- http = { version = "1.2.0" }
- tokio = { version = "1.43.0", features = ["full"] }
- futures = { version = "0.3" }
- rustls = { version = "0.23.27" }
- futures-rustls = { version = "0.26.0" }
- async-std = { version = "1.13.1" }

14
rust/ql/test/library-tests/dataflow/sources/test.rs → rust/ql/test/library-tests/dataflow/sources/net/test.rs
View File

@@ -1,9 +1,12 @@
#![allow(deprecated)]
fn sink<T>(_: T) { }
// --- tests ---
use std::io::{Read, Write, BufRead};
use tokio::io::{AsyncReadExt, AsyncWriteExt};
use http_body_util::BodyExt;
use std::net::ToSocketAddrs;
async fn test_reqwest() -> Result<(), reqwest::Error> {
let remote_string1 = reqwest::blocking::get("example.com")?.text()?; // $ Alert[rust/summary/taint-sources]
sink(remote_string1); // $ hasTaintFlow="example.com"
@@ -32,9 +35,6 @@ async fn test_reqwest() -> Result<(), reqwest::Error> {
Ok(())
}
use std::io::Write;
use http_body_util::BodyExt;
async fn test_hyper_http(case: i64) -> Result<(), Box<dyn std::error::Error>> {
// using http + hyper libs to fetch a web page
let address = "example.com:80";
@@ -146,8 +146,6 @@ async fn test_hyper_http(case: i64) -> Result<(), Box<dyn std::error::Error>> {
Ok(())
}
use std::net::ToSocketAddrs;
async fn test_std_tcpstream(case: i64) -> std::io::Result<()> {
// using std::net to fetch a web page
let address = "example.com:80";
@@ -217,8 +215,6 @@ async fn test_std_tcpstream(case: i64) -> std::io::Result<()> {
Ok(())
}
use tokio::io::AsyncWriteExt;
async fn test_tokio_tcpstream(case: i64) -> std::io::Result<()> {
// using tokio::io to fetch a web page
let address = "example.com:80";

6
rust/ql/test/library-tests/dataflow/sources/options.yml
View File

@@ -1,9 +1,5 @@
qltest_cargo_check: true
qltest_dependencies:
- reqwest = { version = "0.12.9", features = ["blocking"] }
- hyper = { version = "1.5.2", features = ["full"] }
- hyper-util = { version = "0.1.10", features = ["full"] }
- http-body-util = { version = "0.1.2" }
- http = { version = "1.2.0" }
- tokio = { version = "1.43.0", features = ["full"] }
- futures = { version = "0.3" }
@@ -12,7 +8,5 @@ qltest_dependencies:
- actix-web = { version = "4.10.2" }
- axum = { version = "0.8.4" }
- serde_json = { version = "1.0.140" }
- rustls = { version = "0.23.27" }
- futures-rustls = { version = "0.26.0" }
- async-std = { version = "1.13.1" }
- warp = { version = "0.4.2", features = ["server"] }