From 8129107ebfc77bae1f85197194d2992da468fa7a Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 23 Jun 2026 20:23:29 +0100 Subject: [PATCH] Rust: Fixes after changes to the flow summary API. --- .../ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll | 2 +- .../lib/codeql/rust/dataflow/internal/FlowSummaryImpl.qll | 8 ++++++++ .../codeql/rust/dataflow/internal/TaintTrackingImpl.qll | 2 +- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll index a7e2e2e4c6b..c18ac5e026b 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll @@ -180,7 +180,7 @@ Expr getPostUpdateReverseStep(Expr e, boolean preservesValue) { module LocalFlow { predicate flowSummaryLocalStep(Node nodeFrom, Node nodeTo, string model) { exists(FlowSummaryImpl::Public::SummarizedCallable c | - FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom.(FlowSummaryNode).getSummaryNode(), + FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom, nodeTo.(FlowSummaryNode).getSummaryNode(), true, model) and c = nodeFrom.(FlowSummaryNode).getSummarizedCallable() ) diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/FlowSummaryImpl.qll b/rust/ql/lib/codeql/rust/dataflow/internal/FlowSummaryImpl.qll index 85032814651..d9104da11ad 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/FlowSummaryImpl.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/FlowSummaryImpl.qll @@ -11,6 +11,7 @@ private import codeql.rust.dataflow.FlowSummary private import codeql.rust.dataflow.Ssa private import codeql.rust.dataflow.internal.ModelsAsData private import Content +private import Node predicate encodeContentTupleField(TupleFieldContent c, string arg) { exists(Addressable a, int pos, string prefix | @@ -28,9 +29,12 @@ predicate encodeContentStructField(StructFieldContent c, string arg) { module Input implements InputSig { private import codeql.rust.frameworks.stdlib.Stdlib + private import codeql.util.Void class SummarizedCallableBase = Function; + class FlowSummaryCallBase = Void; + predicate callableFromSource(SummarizedCallableBase c) { c.fromSource() } abstract private class SourceSinkBase extends AstNode { @@ -144,6 +148,10 @@ module Input implements InputSig { private import Make as Impl module StepsInput implements Impl::Private::StepsInputSig { + Impl::Private::SummaryNode getSummaryNode(RustDataFlow::Node n) { + result = n.(FlowSummaryNode).getSummaryNode() + } + DataFlowCall getACall(Public::SummarizedCallable sc) { result.asCall().getStaticTarget() = sc } /** Gets the argument of `source` described by `sc`, if any. */ diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/TaintTrackingImpl.qll b/rust/ql/lib/codeql/rust/dataflow/internal/TaintTrackingImpl.qll index f75c0166762..7e5af70911d 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/TaintTrackingImpl.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/TaintTrackingImpl.qll @@ -83,7 +83,7 @@ module RustTaintTrackingGen implements pred.(Node::PostUpdateNode).getPreUpdateNode().asExpr(), _, succ, _) ) or - FlowSummaryImpl::Private::Steps::summaryLocalStep(pred.(Node::FlowSummaryNode).getSummaryNode(), + FlowSummaryImpl::Private::Steps::summaryLocalStep(pred, succ.(Node::FlowSummaryNode).getSummaryNode(), false, model) }