hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rust: remove now unneeded get(Arg|Param)List in the dataflow guide

Browse Source
This commit is contained in:
Paolo Tranquilli
2025-06-12 17:35:00 +02:00
parent e1e34df948
commit c56a32580d
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docs/codeql/codeql-language-guides/analyzing-data-flow-in-rust.rst
View File

@@ -112,7 +112,7 @@ This query finds the argument passed in each call to ``File::create``:
from CallExpr call
where call.getStaticTarget().(Function).getCanonicalPath() = "<std::fs::File>::create"
select call.getArgList().getArg(0)
select call.getArg(0)
Unfortunately this will only give the expression in the argument, not the values which could be passed to it.
So we use local data flow to find all expressions that flow into the argument:
@@ -125,7 +125,7 @@ So we use local data flow to find all expressions that flow into the argument:
from CallExpr call, DataFlow::ExprNode source, DataFlow::ExprNode sink
where
call.getStaticTarget().(Function).getCanonicalPath() = "<std::fs::File>::create" and
sink.asExpr().getExpr() = call.getArgList().getArg(0) and
sink.asExpr().getExpr() = call.getArg(0) and
DataFlow::localFlow(source, sink)
select source, sink
@@ -139,7 +139,7 @@ We can vary the source, for example, making the source the parameter of a functi
from CallExpr call, DataFlow::ParameterNode source, DataFlow::ExprNode sink
where
call.getStaticTarget().(Function).getCanonicalPath() = "<std::fs::File>::create" and
sink.asExpr().getExpr() = call.getArgList().getArg(0) and
sink.asExpr().getExpr() = call.getArg(0) and
DataFlow::localFlow(source, sink)
select source, sink
@@ -234,9 +234,9 @@ The following global taint-tracking query finds places where a string literal is
predicate isSink(DataFlow::Node node) {
// any argument going to a parameter called `password`
exists(Function f, CallExpr call, int index |
call.getArgList().getArg(index) = node.asExpr().getExpr() and
call.getArg(index) = node.asExpr().getExpr() and
call.getStaticTarget() = f and
f.getParamList().getParam(index).getPat().(IdentPat).getName().getText() = "password"
f.getParam(index).getPat().(IdentPat).getName().getText() = "password"
)
}
}