From db3d1773002c97131b7406120c09abc2bdc319c0 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Tue, 23 Sep 2025 11:55:33 +0100 Subject: [PATCH] Rust: Port the code examples to Rust / CodeQL for Rust. --- .../basic-query-for-rust-code.rst | 61 ++++++++++--------- 1 file changed, 31 insertions(+), 30 deletions(-) diff --git a/docs/codeql/codeql-language-guides/basic-query-for-rust-code.rst b/docs/codeql/codeql-language-guides/basic-query-for-rust-code.rst index bf3b759685f..18fb0b1e6c6 100644 --- a/docs/codeql/codeql-language-guides/basic-query-for-rust-code.rst +++ b/docs/codeql/codeql-language-guides/basic-query-for-rust-code.rst @@ -31,16 +31,16 @@ Running a quick query import rust - from IfStmt ifStmt - where ifStmt.getThen().(BraceStmt).getNumberOfElements() = 0 - select ifStmt, "This 'if' statement is redundant." + from IfExpr ifExpr + where ifExpr.getThen().(BlockExpr).getStmtList().getNumberOfStmtOrExpr() = 0 + select ifExpr, "This 'if' statement is redundant." .. include:: ../reusables/vs-code-basic-instructions/run-quick-query-2.rst .. image:: ../images/codeql-for-visual-studio-code/basic-rust-query-results-1.png :align: center -If any matching code is found, click a link in the ``ifStmt`` column to open the file and highlight the matching ``if`` statement. +If any matching code is found, click a link in the ``ifExpr`` column to open the file and highlight the matching ``if`` expression. .. image:: ../images/codeql-for-visual-studio-code/basic-rust-query-results-2.png :align: center @@ -52,24 +52,25 @@ About the query structure After the initial ``import`` statement, this simple query comprises three parts that serve similar purposes to the FROM, WHERE, and SELECT parts of an SQL query. -+------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ -| Query part | Purpose | Details | -+==================================================================+===================================================================================================================+=================================================================================================+ -| ``import rust`` | Imports the standard CodeQL AST libraries for Rust. | Every query begins with one or more ``import`` statements. | -+------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ -| ``from IfStmt ifStmt`` | Defines the variables for the query. | We use: an ``IfStmt`` variable for ``if`` statements. | -| | Declarations are of the form: | | -| | `` `` | | -+------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ -| ``where ifStmt.getThen().(BraceStmt).getNumberOfElements() = 0`` | Defines a condition on the variables. | ``ifStmt.getThen()``: gets the ``then`` branch of the ``if`` expression. | -| | | ``.(BraceStmt)``: requires that the ``then`` branch is a brace statement (``{ }``). | -| | | ``.getNumberOfElements() = 0``: requires that the brace statement contains no child statements. | -+------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ -| ``select ifStmt, "This 'if' statement is redundant."`` | Defines what to report for each match. | Reports the resulting ``if`` statement with a string that explains the problem. | -| | | | -| | ``select`` statements for queries that are used to find instances of poor coding practice are always in the form: | | -| | ``select , ""`` | | -+------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ ++----------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------+ +| Query part | Purpose | Details | ++==================================================================================+===================================================================================================================+======================================================================================================+ +| ``import rust`` | Imports the standard CodeQL AST libraries for Rust. | Every query begins with one or more ``import`` statements. | ++----------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------+ +| ``from IfExpr ifExpr`` | Defines the variables for the query. | We use: an ``IfExpr`` variable for ``if`` expressions. | +| | Declarations are of the form: | | +| | `` `` | | ++----------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------+ +| ``where ifExpr.getThen().(BlockExpr).getStmtList().getNumberOfStmtOrExpr() = 0`` | Defines a condition on the variables. | ``ifExpr.getThen()``: gets the ``then`` branch of the ``if`` expression. | +| | | ``.(BlockExpr)``: requires that the ``then`` branch is a block expression (``{ }``). | +| | | ``.getStmtList()``: gets the list of things in the block. | +| | | ``.getNumberOfStmtOrExpr() = 0``: requires that there are no statements or expressions in the block. | ++----------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------+ +| ``select ifExpr, "This 'if' expression is redundant."`` | Defines what to report for each match. | Reports the resulting ``if`` expression with a string that explains the problem. | +| | | | +| | ``select`` statements for queries that are used to find instances of poor coding practice are always in the form: | | +| | ``select , ""`` | | ++----------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------+ Extend the query ---------------- @@ -79,7 +80,7 @@ Query writing is an inherently iterative process. You write a simple query and t Remove false positive results ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Browsing the results of our basic query shows that it could be improved. Among the results you are likely to find examples of ``if`` statements with an ``else`` branch, where an empty ``then`` branch does serve a purpose. For example: +Browsing the results of our basic query shows that it could be improved. Among the results you are likely to find examples of ``if`` expressions with an ``else`` branch, where an empty ``then`` branch does serve a purpose. For example: .. code-block:: rust @@ -89,23 +90,23 @@ Browsing the results of our basic query shows that it could be improved. Among t handleError("unrecognized option") } -In this case, identifying the ``if`` statement with the empty ``then`` branch as redundant is a false positive. One solution to this is to modify the query to select ``if`` statements where both the ``then`` and ``else`` branches are missing. +In this case, identifying the ``if`` expression with the empty ``then`` branch as redundant is a false positive. One solution to this is to modify the query to select ``if`` expressions where both the ``then`` and ``else`` branches are missing. -To exclude ``if`` statements that have an ``else`` branch: +To exclude ``if`` expressions that have an ``else`` branch: #. Add the following to the where clause: .. code-block:: ql - and not exists(ifStmt.getElse()) + and not exists(ifExpr.getElse()) The ``where`` clause is now: .. code-block:: ql where - ifStmt.getThen().(BraceStmt).getNumberOfElements() = 0 and - not exists(ifStmt.getElse()) + ifExpr.getThen().(BlockExpr).getStmtList().getNumberOfStmtOrExpr() = 0 and + not exists(ifExpr.getElse()) #. Re-run the query. @@ -123,8 +124,8 @@ Further reading .. |language-code| replace:: ``rust`` -.. |example-url| replace:: https://github.com/alamofire/alamofire +.. |example-url| replace:: https://github.com/rust-lang/rustlings .. |image-quick-query| image:: ../images/codeql-for-visual-studio-code/quick-query-tab-rust.png -.. |result-col-1| replace:: The first column corresponds to the expression ``ifStmt`` and is linked to the location in the source code of the project where ``ifStmt`` occurs. +.. |result-col-1| replace:: The first column corresponds to the expression ``ifExpr`` and is linked to the location in the source code of the project where ``ifExpr`` occurs.