Rust: Add very basic query prototype.

2026-05-05 21:55:19 +02:00 · 2025-09-11 11:17:05 +01:00
parent 513ae2ab54
commit 7e75c1d242
4 changed files with 59 additions and 1 deletions
--- a/rust/ql/test/query-tests/security/CWE-614/InsecureCookie.expected
+++ b/rust/ql/test/query-tests/security/CWE-614/InsecureCookie.expected
@@ -0,0 +1,6 @@
+#select
+| main.rs:16:19:16:50 | ...::build(...) | main.rs:16:19:16:50 | ...::build(...) | main.rs:16:19:16:50 | ...::build(...) | Cookie attribute 'Secure' is not set to true. |
+edges
+nodes
+| main.rs:16:19:16:50 | ...::build(...) | semmle.label | ...::build(...) |
+subpaths
--- a/rust/ql/test/query-tests/security/CWE-614/InsecureCookie.qlref
+++ b/rust/ql/test/query-tests/security/CWE-614/InsecureCookie.qlref
@@ -0,0 +1,4 @@
+query: queries/security/CWE-614/InsecureCookie.ql
+postprocess:
+ - utils/test/PrettyPrintModels.ql
+ - utils/test/InlineExpectationsTestQuery.ql
--- a/rust/ql/test/query-tests/security/CWE-614/main.rs
+++ b/rust/ql/test/query-tests/security/CWE-614/main.rs
@@ -13,7 +13,7 @@ fn test_cookie(sometimes: bool) {
    println!("cookie2 = '{}'", cookie2.to_string());

    // secure left as default (which is `None`, equivalent here to `false`)
-    let cookie3 = Cookie::build(("name", "value")).build(); // $ MISSING: Alert[rust/insecure-cookie]
+    let cookie3 = Cookie::build(("name", "value")).build(); // $ Alert[rust/insecure-cookie]
    println!("cookie3 = '{}'", cookie3.to_string());

    // secure setting varies (may be false)