hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rust: Add additional barriers to queries

Browse Source
This commit is contained in:
Simon Friis Vindum
2025-11-26 14:47:54 +01:00
parent 081ab499c2
commit 815af34c66
3 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
rust/ql/lib/codeql/rust/security/CleartextLoggingExtensions.qll
View File

@@ -8,6 +8,7 @@ private import codeql.rust.dataflow.DataFlow
private import codeql.rust.dataflow.FlowSink
private import codeql.rust.security.SensitiveData
private import codeql.rust.Concepts
private import codeql.rust.security.Barriers as Barriers
/**
* Provides default sources, sinks and barriers for detecting cleartext logging
@@ -42,4 +43,9 @@ module CleartextLogging {
private class ModelsAsDataSink extends Sink {
ModelsAsDataSink() { sinkNode(this, "log-injection") }
}
private class BooleanTypeBarrier extends Barrier instanceof Barriers::BooleanTypeBarrier { }
private class FieldlessEnumTypeBarrier extends Barrier instanceof Barriers::FieldlessEnumTypeBarrier
{ }
}

3
rust/ql/lib/codeql/rust/security/LogInjectionExtensions.qll
View File

@@ -51,4 +51,7 @@ module LogInjection {
private class NumericTypeBarrier extends Barrier instanceof Barriers::NumericTypeBarrier { }
private class BooleanTypeBarrier extends Barrier instanceof Barriers::BooleanTypeBarrier { }
private class FieldlessEnumTypeBarrier extends Barrier instanceof Barriers::FieldlessEnumTypeBarrier
{ }
}

3
rust/ql/lib/codeql/rust/security/SqlInjectionExtensions.qll
View File

@@ -66,4 +66,7 @@ module SqlInjection {
private class NumericTypeBarrier extends Barrier instanceof Barriers::NumericTypeBarrier { }
private class BooleanTypeBarrier extends Barrier instanceof Barriers::BooleanTypeBarrier { }
private class FieldlessEnumTypeBarrier extends Barrier instanceof Barriers::FieldlessEnumTypeBarrier
{ }
}