From f2dc5857514337e68e65d8aa158953b498e1558b Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Thu, 26 Feb 2026 12:12:02 +0000
Subject: [PATCH] Rust: Convert split_off QL-defined barrier to a neutral model
 (which was always the intent).

---
 .../codeql/rust/frameworks/stdlib/alloc.model.yml   |  2 ++
 .../UncontrolledAllocationSizeExtensions.qll        | 13 -------------
 2 files changed, 2 insertions(+), 13 deletions(-)

diff --git a/rust/ql/lib/codeql/rust/frameworks/stdlib/alloc.model.yml b/rust/ql/lib/codeql/rust/frameworks/stdlib/alloc.model.yml
index 8859bd1c336..78d1cbdec29 100644
--- a/rust/ql/lib/codeql/rust/frameworks/stdlib/alloc.model.yml
+++ b/rust/ql/lib/codeql/rust/frameworks/stdlib/alloc.model.yml
@@ -64,3 +64,5 @@ extensions:
       - ["<alloc::collections::vec_deque::VecDeque as core::convert::From>::from", "sink", "manual"]
       - ["<alloc::sync::Arc as core::convert::From>::from", "sink", "manual"]
       - ["<alloc::rc::Rc as core::convert::From>::from", "sink", "manual"]
+      - ["<alloc::string::String>::split_off", "sink", "manual"]
+      - ["<alloc::vec::Vec>::split_off", "sink", "manual"]
diff --git a/rust/ql/lib/codeql/rust/security/UncontrolledAllocationSizeExtensions.qll b/rust/ql/lib/codeql/rust/security/UncontrolledAllocationSizeExtensions.qll
index 0390ca77932..c6251563ea6 100644
--- a/rust/ql/lib/codeql/rust/security/UncontrolledAllocationSizeExtensions.qll
+++ b/rust/ql/lib/codeql/rust/security/UncontrolledAllocationSizeExtensions.qll
@@ -63,17 +63,4 @@ module UncontrolledAllocationSize {
         branch = false
       )
   }
-
-  /**
-   * A barrier for uncontrolled allocation size flow into particular functions.
-   */
-  private class ModeledBarrier extends Barrier {
-    ModeledBarrier() {
-      exists(MethodCall c |
-        c.getStaticTarget().getCanonicalPath() =
-          ["<alloc::string::String>::split_off", "<alloc::vec::Vec>::split_off"] and
-        this.asExpr() = c.getAnArgument()
-      )
-    }
-  }
 }