Rust: Add test with wrong generated model

2026-04-27 01:35:13 +02:00 · 2025-12-15 14:21:16 +01:00
parent 2824c98efb
commit d2cfd53933
3 changed files with 723 additions and 672 deletions
--- a/rust/ql/test/library-tests/dataflow/models/main.rs
+++ b/rust/ql/test/library-tests/dataflow/models/main.rs
@@ -31,6 +31,20 @@ enum MyPosEnum {
    B(i64),
 }

+// has a manual flow model with flow from second argument to the return value
+// and a wrong generated model with flow from first argument to the return value
+fn snd(a: i64, b: i64) -> i64 {
+    0
+}
+
+fn test_snd() {
+    let s1 = source(99);
+    sink(snd(0, s1)); // $ hasValueFlow=99
+
+    let s2 = source(88);
+    sink(snd(s2, 0)); // $ SPURIOUS: hasValueFlow=88
+}
+
 // has a flow model
 fn get_var_pos(e: MyPosEnum) -> i64 {
    0
--- a/rust/ql/test/library-tests/dataflow/models/models.expected
+++ b/rust/ql/test/library-tests/dataflow/models/models.expected
--- a/rust/ql/test/library-tests/dataflow/models/models.ext.yml
+++ b/rust/ql/test/library-tests/dataflow/models/models.ext.yml
@@ -20,6 +20,9 @@ extensions:
      extensible: summaryModel
    data:
      - ["main::coerce", "Argument[0]", "ReturnValue", "taint", "manual"]
+      - ["main::snd", "Argument[1]", "ReturnValue", "value", "manual"]
+      # Wrong generated model which should not take effect due to the manual model above
+      - ["main::snd", "Argument[0]", "ReturnValue", "value", "dfc-generated"]
      - ["main::get_var_pos", "Argument[0].Field[main::MyPosEnum::A(0)]", "ReturnValue", "value", "manual"]
      - ["main::set_var_pos", "Argument[0]", "ReturnValue.Field[main::MyPosEnum::B(0)]", "value", "manual"]
      - ["main::get_var_field", "Argument[0].Field[main::MyFieldEnum::C::field_c]", "ReturnValue", "value", "manual"]