Merge pull request #152 from microsoft/dilan/rust-exclude-broken-queries

Remove Broken Rust Queries

rust/ql/src/queries/diagnostics/DataFlowConsistencyCounts.ql

@@ -1,14 +0,0 @@
-/**
- * @name Data flow inconsistency counts
- * @description Counts the number of data flow inconsistencies of each type.  This query is intended for internal use.
- * @kind diagnostic
- * @id rust/diagnostics/data-flow-consistency-counts
- */
-
-import codeql.rust.dataflow.internal.DataFlowConsistency as Consistency
-
-// see also `rust/diagnostics/data-flow-consistency`, which lists the
-// individual inconsistency results.
-from string type, int num
-where num = Consistency::getInconsistencyCounts(type)
-select type, num

rust/ql/src/queries/security/CWE-089/SqlInjection.ql

@@ -1,35 +0,0 @@
-/**
- * @name Database query built from user-controlled sources
- * @description Building a database query from user-controlled sources is vulnerable to insertion of malicious code by attackers.
- * @kind path-problem
- * @problem.severity error
- * @security-severity 8.8
- * @precision high
- * @id rust/sql-injection
- * @tags security
- *       external/cwe/cwe-089
- */
-
-import rust
-import codeql.rust.dataflow.DataFlow
-import codeql.rust.dataflow.TaintTracking
-import codeql.rust.security.SqlInjectionExtensions
-import SqlInjectionFlow::PathGraph
-
-/**
- * A taint configuration for tainted data that reaches a SQL sink.
- */
-module SqlInjectionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node node) { node instanceof SqlInjection::Source }
-
-  predicate isSink(DataFlow::Node node) { node instanceof SqlInjection::Sink }
-
-  predicate isBarrier(DataFlow::Node barrier) { barrier instanceof SqlInjection::Barrier }
-}
-
-module SqlInjectionFlow = TaintTracking::Global<SqlInjectionConfig>;
-
-from SqlInjectionFlow::PathNode sourceNode, SqlInjectionFlow::PathNode sinkNode
-where SqlInjectionFlow::flowPath(sourceNode, sinkNode)
-select sinkNode.getNode(), sourceNode, sinkNode, "This query depends on a $@.",
-  sourceNode.getNode(), "user-provided value"

rust/ql/src/queries/summary/LinesOfCode.ql

@@ -1,14 +0,0 @@
-/**
- * @name Total lines of Rust code in the database
- * @description The total number of lines of Rust code across all files, including any libraries and auto-generated files that the extractor sees. This is a useful metric of the size of a database. For all files that were seen during the build, this query counts the lines of code, excluding whitespace or comments.
- * @kind metric
- * @id rust/summary/lines-of-code
- * @tags summary
- *       lines-of-code
- *       telemetry
- */
-
-import rust
-import Stats
-
-select getLinesOfCode()

rust/ql/src/queries/summary/LinesOfUserCode.ql

@@ -1,14 +0,0 @@
-/**
- * @name Total lines of user written Rust code in the database
- * @description The total number of lines of Rust code from the source code directory. This query counts the lines of code, excluding whitespace or comments.
- * @kind metric
- * @id rust/summary/lines-of-user-code
- * @tags summary
- *       lines-of-code
- *       debug
- */
-
-import rust
-import Stats
-
-select getLinesOfUserCode()

rust/ql/src/queries/summary/SummaryStats.ql

@@ -1,54 +0,0 @@
-/**
- * @name Summary Statistics
- * @description A table of summary statistics about a database.
- * @kind metric
- * @id rust/summary/summary-statistics
- * @tags summary
- */
-
-import rust
-import codeql.rust.Concepts
-import codeql.rust.Diagnostics
-import Stats
-
-from string key, int value
-where
-  key = "Elements extracted" and value = count(Element e | not e instanceof Unextracted)
-  or
-  key = "Elements unextracted" and value = count(Unextracted e)
-  or
-  key = "Extraction errors" and value = count(ExtractionError e)
-  or
-  key = "Extraction warnings" and value = count(ExtractionWarning w)
-  or
-  key = "Files extracted - total" and value = count(ExtractedFile f | exists(f.getRelativePath()))
-  or
-  key = "Files extracted - with errors" and
-  value =
-    count(ExtractedFile f |
-      exists(f.getRelativePath()) and not f instanceof SuccessfullyExtractedFile
-    )
-  or
-  key = "Files extracted - without errors" and
-  value = count(SuccessfullyExtractedFile f | exists(f.getRelativePath()))
-  or
-  key = "Lines of code extracted" and value = getLinesOfCode()
-  or
-  key = "Lines of user code extracted" and value = getLinesOfUserCode()
-  or
-  key = "Inconsistencies - AST" and value = getTotalAstInconsistencies()
-  or
-  key = "Inconsistencies - CFG" and value = getTotalCfgInconsistencies()
-  or
-  key = "Inconsistencies - data flow" and value = getTotalDataFlowInconsistencies()
-  or
-  key = "Macro calls - total" and value = count(MacroCall mc)
-  or
-  key = "Macro calls - resolved" and value = count(MacroCall mc | mc.hasExpanded())
-  or
-  key = "Macro calls - unresolved" and value = count(MacroCall mc | not mc.hasExpanded())
-  or
-  key = "Taint sources - total" and value = count(ThreatModelSource s)
-  or
-  key = "Taint sources - active" and value = count(ActiveThreatModelSource s)
-select key, value order by key

rust/ql/src/queries/summary/TaintSources.ql

@@ -1,18 +0,0 @@
-/**
- * @name Taint Sources
- * @description List all sources of untrusted input that have been idenfitied
- *              in the database.
- * @kind problem
- * @problem.severity info
- * @id rust/summary/taint-sources
- * @tags summary
- */
-
-import rust
-import codeql.rust.Concepts
-
-from ThreatModelSource s, string defaultString
-where
-  if s instanceof ActiveThreatModelSource then defaultString = " (DEFAULT)" else defaultString = ""
-select s,
-  "Flow source '" + s.getSourceType() + "' of type " + s.getThreatModel() + defaultString + "."