Rust: Reinstate the original function names model but call it a heuristic now.

rust/ql/lib/codeql/rust/frameworks/attohttpc.model.yml

@@ -1,13 +0,0 @@
-extensions:
-  - addsTo:
-      pack: codeql/rust-all
-      extensible: sinkModel
-    data:
-      - ["<attohttpc::request::session::Session>::danger_accept_invalid_certs", "Argument[0]", "disable-certificate", "manual"]
-      - ["<attohttpc::request::session::Session>::danger_accept_invalid_hostnames", "Argument[0]", "disable-certificate", "manual"]
-      - ["<attohttpc::request::builder::RequestBuilder>::danger_accept_invalid_certs", "Argument[0]", "disable-certificate", "manual"]
-      - ["<attohttpc::request::builder::RequestBuilder>::danger_accept_invalid_hostnames", "Argument[0]", "disable-certificate", "manual"]
-      - ["<attohttpc::tls::native_tls_impl::TlsHandshaker>::danger_accept_invalid_certs", "Argument[0]", "disable-certificate", "manual"]
-      - ["<attohttpc::tls::native_tls_impl::TlsHandshaker>::danger_accept_invalid_hostnames", "Argument[0]", "disable-certificate", "manual"]
-      - ["<attohttpc::tls::rustls_impl::TlsHandshaker>::danger_accept_invalid_certs", "Argument[0]", "disable-certificate", "manual"]
-      - ["<attohttpc::tls::rustls_impl::TlsHandshaker>::danger_accept_invalid_hostnames", "Argument[0]", "disable-certificate", "manual"]

rust/ql/lib/codeql/rust/security/DisabledCertificateCheckExtensions.qll

@@ -26,4 +26,17 @@ module DisabledCertificateCheckExtensions {
   private class ModelsAsDataSink extends Sink {
     ModelsAsDataSink() { sinkNode(this, "disable-certificate") }
   }
+
+  /**
+   * A heuristic sink for disabled certificate check vulnerabilities based on function names.
+   */
+  private class HeuristicSink extends Sink {
+    HeuristicSink() {
+      exists(CallExprBase fc |
+        fc.getStaticTarget().(Function).getName().getText() =
+          ["danger_accept_invalid_certs", "danger_accept_invalid_hostnames"] and
+        fc.getArg(0) = this.asExpr()
+      )
+    }
+  }
 }