mirror of
https://github.com/github/codeql.git
synced 2026-05-05 05:35:13 +02:00
Rust: Update expected test output
This commit is contained in:
Tom Hvitved
@@ -1,8 +1,14 @@
|
||||
#select
|
||||
| main.rs:15:5:15:9 | ...::log | main.rs:8:29:8:37 | ...::args | main.rs:15:5:15:9 | ...::log | Log entry depends on a $@. | main.rs:8:29:8:37 | ...::args | user-provided value |
|
||||
| main.rs:16:5:16:9 | ...::log | main.rs:10:22:10:34 | ...::var | main.rs:16:5:16:9 | ...::log | Log entry depends on a $@. | main.rs:10:22:10:34 | ...::var | user-provided value |
|
||||
| main.rs:17:5:17:10 | ...::log | main.rs:11:23:11:44 | ...::get | main.rs:17:5:17:10 | ...::log | Log entry depends on a $@. | main.rs:11:23:11:44 | ...::get | user-provided value |
|
||||
| main.rs:18:5:18:10 | ...::log | main.rs:8:29:8:37 | ...::args | main.rs:18:5:18:10 | ...::log | Log entry depends on a $@. | main.rs:8:29:8:37 | ...::args | user-provided value |
|
||||
| main.rs:19:5:19:10 | ...::log | main.rs:10:22:10:34 | ...::var | main.rs:19:5:19:10 | ...::log | Log entry depends on a $@. | main.rs:10:22:10:34 | ...::var | user-provided value |
|
||||
| main.rs:23:5:23:9 | ...::log | main.rs:8:29:8:37 | ...::args | main.rs:23:5:23:9 | ...::log | Log entry depends on a $@. | main.rs:8:29:8:37 | ...::args | user-provided value |
|
||||
| main.rs:27:5:27:9 | ...::log | main.rs:8:29:8:37 | ...::args | main.rs:27:5:27:9 | ...::log | Log entry depends on a $@. | main.rs:8:29:8:37 | ...::args | user-provided value |
|
||||
| main.rs:30:5:30:9 | ...::log | main.rs:8:29:8:37 | ...::args | main.rs:30:5:30:9 | ...::log | Log entry depends on a $@. | main.rs:8:29:8:37 | ...::args | user-provided value |
|
||||
| main.rs:30:5:30:9 | ...::log | main.rs:11:23:11:44 | ...::get | main.rs:30:5:30:9 | ...::log | Log entry depends on a $@. | main.rs:11:23:11:44 | ...::get | user-provided value |
|
||||
| main.rs:66:5:66:9 | ...::log | main.rs:8:29:8:37 | ...::args | main.rs:66:5:66:9 | ...::log | Log entry depends on a $@. | main.rs:8:29:8:37 | ...::args | user-provided value |
|
||||
| main.rs:112:9:112:13 | ...::log | main.rs:109:25:109:38 | ...::args | main.rs:112:9:112:13 | ...::log | Log entry depends on a $@. | main.rs:109:25:109:38 | ...::args | user-provided value |
|
||||
| main.rs:113:9:113:13 | ...::log | main.rs:109:25:109:38 | ...::args | main.rs:113:9:113:13 | ...::log | Log entry depends on a $@. | main.rs:109:25:109:38 | ...::args | user-provided value |
|
||||
| main.rs:114:9:114:14 | ...::log | main.rs:109:25:109:38 | ...::args | main.rs:114:9:114:14 | ...::log | Log entry depends on a $@. | main.rs:109:25:109:38 | ...::args | user-provided value |
|
||||
@@ -12,22 +18,59 @@
|
||||
| main.rs:126:9:126:16 | ...::_print | main.rs:123:25:123:37 | ...::var | main.rs:126:9:126:16 | ...::_print | Log entry depends on a $@. | main.rs:123:25:123:37 | ...::var | user-provided value |
|
||||
| main.rs:127:9:127:17 | ...::_eprint | main.rs:123:25:123:37 | ...::var | main.rs:127:9:127:17 | ...::_eprint | Log entry depends on a $@. | main.rs:123:25:123:37 | ...::var | user-provided value |
|
||||
edges
|
||||
| main.rs:8:9:8:12 | args [element] | main.rs:9:20:9:23 | args [element] | provenance | |
|
||||
| main.rs:8:29:8:37 | ...::args | main.rs:8:29:8:39 | ...::args(...) [element] | provenance | Src:MaD:5 |
|
||||
| main.rs:8:29:8:39 | ...::args(...) [element] | main.rs:8:29:8:49 | ... .collect() [element] | provenance | MaD:9 |
|
||||
| main.rs:8:29:8:49 | ... .collect() [element] | main.rs:8:9:8:12 | args [element] | provenance | |
|
||||
| main.rs:9:9:9:16 | username | main.rs:15:11:15:36 | MacroExpr | provenance | |
|
||||
| main.rs:9:9:9:16 | username | main.rs:18:12:18:37 | MacroExpr | provenance | |
|
||||
| main.rs:9:9:9:16 | username | main.rs:22:33:22:63 | MacroExpr | provenance | |
|
||||
| main.rs:9:9:9:16 | username | main.rs:26:55:26:62 | username | provenance | |
|
||||
| main.rs:9:9:9:16 | username | main.rs:30:11:30:66 | MacroExpr | provenance | |
|
||||
| main.rs:9:9:9:16 | username | main.rs:52:29:52:36 | username | provenance | |
|
||||
| main.rs:9:20:9:23 | args [element] | main.rs:9:20:9:30 | args.get(...) [Some, &ref] | provenance | MaD:12 |
|
||||
| main.rs:9:20:9:30 | args.get(...) [Some, &ref] | main.rs:9:20:9:64 | ... .unwrap_or(...) [&ref] | provenance | MaD:13 |
|
||||
| main.rs:9:20:9:64 | ... .unwrap_or(...) [&ref] | main.rs:9:20:9:72 | ... .clone() | provenance | MaD:8 |
|
||||
| main.rs:9:20:9:72 | ... .clone() | main.rs:9:9:9:16 | username | provenance | |
|
||||
| main.rs:10:9:10:18 | user_input | main.rs:16:11:16:44 | MacroExpr | provenance | |
|
||||
| main.rs:10:9:10:18 | user_input | main.rs:19:12:19:39 | MacroExpr | provenance | |
|
||||
| main.rs:10:22:10:34 | ...::var | main.rs:10:22:10:48 | ...::var(...) [Ok] | provenance | Src:MaD:6 |
|
||||
| main.rs:10:22:10:48 | ...::var(...) [Ok] | main.rs:10:22:10:81 | ... .unwrap_or(...) | provenance | MaD:10 |
|
||||
| main.rs:10:22:10:48 | ...::var(...) [Ok] | main.rs:10:22:10:81 | ... .unwrap_or(...) | provenance | MaD:16 |
|
||||
| main.rs:10:22:10:81 | ... .unwrap_or(...) | main.rs:10:9:10:18 | user_input | provenance | |
|
||||
| main.rs:11:9:11:19 | remote_data | main.rs:17:12:17:46 | MacroExpr | provenance | |
|
||||
| main.rs:11:9:11:19 | remote_data | main.rs:30:11:30:66 | MacroExpr | provenance | |
|
||||
| main.rs:11:23:11:44 | ...::get | main.rs:11:23:11:71 | ...::get(...) [Ok] | provenance | Src:MaD:4 |
|
||||
| main.rs:11:23:11:71 | ...::get(...) [Ok] | main.rs:11:23:12:17 | ... .unwrap() | provenance | MaD:9 |
|
||||
| main.rs:11:23:12:17 | ... .unwrap() | main.rs:11:23:12:24 | ... .text() [Ok] | provenance | MaD:12 |
|
||||
| main.rs:11:23:12:24 | ... .text() [Ok] | main.rs:11:23:12:61 | ... .unwrap_or(...) | provenance | MaD:10 |
|
||||
| main.rs:11:23:11:71 | ...::get(...) [Ok] | main.rs:11:23:12:17 | ... .unwrap() | provenance | MaD:15 |
|
||||
| main.rs:11:23:12:17 | ... .unwrap() | main.rs:11:23:12:24 | ... .text() [Ok] | provenance | MaD:18 |
|
||||
| main.rs:11:23:12:24 | ... .text() [Ok] | main.rs:11:23:12:61 | ... .unwrap_or(...) | provenance | MaD:16 |
|
||||
| main.rs:11:23:12:61 | ... .unwrap_or(...) | main.rs:11:9:11:19 | remote_data | provenance | |
|
||||
| main.rs:15:11:15:36 | MacroExpr | main.rs:15:5:15:9 | ...::log | provenance | MaD:1 Sink:MaD:1 |
|
||||
| main.rs:16:11:16:44 | MacroExpr | main.rs:16:5:16:9 | ...::log | provenance | MaD:1 Sink:MaD:1 |
|
||||
| main.rs:17:12:17:46 | MacroExpr | main.rs:17:5:17:10 | ...::log | provenance | MaD:1 Sink:MaD:1 |
|
||||
| main.rs:18:12:18:37 | MacroExpr | main.rs:18:5:18:10 | ...::log | provenance | MaD:1 Sink:MaD:1 |
|
||||
| main.rs:19:12:19:39 | MacroExpr | main.rs:19:5:19:10 | ...::log | provenance | MaD:1 Sink:MaD:1 |
|
||||
| main.rs:22:9:22:21 | formatted_msg | main.rs:23:11:23:29 | MacroExpr | provenance | |
|
||||
| main.rs:22:33:22:63 | ...::format(...) | main.rs:22:33:22:63 | { ... } | provenance | |
|
||||
| main.rs:22:33:22:63 | ...::must_use(...) | main.rs:22:9:22:21 | formatted_msg | provenance | |
|
||||
| main.rs:22:33:22:63 | MacroExpr | main.rs:22:33:22:63 | ...::format(...) | provenance | MaD:19 |
|
||||
| main.rs:22:33:22:63 | { ... } | main.rs:22:33:22:63 | ...::must_use(...) | provenance | MaD:20 |
|
||||
| main.rs:23:11:23:29 | MacroExpr | main.rs:23:5:23:9 | ...::log | provenance | MaD:1 Sink:MaD:1 |
|
||||
| main.rs:26:9:26:18 | concat_msg | main.rs:27:11:27:26 | MacroExpr | provenance | |
|
||||
| main.rs:26:22:26:62 | ... + ... | main.rs:26:9:26:18 | concat_msg | provenance | |
|
||||
| main.rs:26:54:26:62 | &username [&ref] | main.rs:26:22:26:62 | ... + ... | provenance | MaD:11 |
|
||||
| main.rs:26:55:26:62 | username | main.rs:26:54:26:62 | &username [&ref] | provenance | |
|
||||
| main.rs:27:11:27:26 | MacroExpr | main.rs:27:5:27:9 | ...::log | provenance | MaD:1 Sink:MaD:1 |
|
||||
| main.rs:30:11:30:66 | MacroExpr | main.rs:30:5:30:9 | ...::log | provenance | MaD:1 Sink:MaD:1 |
|
||||
| main.rs:52:28:52:36 | &username [&ref] | main.rs:56:27:56:40 | ...: ... [&ref] | provenance | |
|
||||
| main.rs:52:29:52:36 | username | main.rs:52:28:52:36 | &username [&ref] | provenance | |
|
||||
| main.rs:56:27:56:40 | ...: ... [&ref] | main.rs:65:38:65:45 | username [&ref] | provenance | |
|
||||
| main.rs:65:9:65:17 | user_info [UserInfo] | main.rs:66:28:66:36 | user_info [UserInfo] | provenance | |
|
||||
| main.rs:65:21:65:59 | UserInfo {...} [UserInfo] | main.rs:65:9:65:17 | user_info [UserInfo] | provenance | |
|
||||
| main.rs:65:38:65:45 | username [&ref] | main.rs:65:38:65:57 | username.to_string() | provenance | MaD:7 |
|
||||
| main.rs:65:38:65:57 | username.to_string() | main.rs:65:21:65:59 | UserInfo {...} [UserInfo] | provenance | |
|
||||
| main.rs:66:11:66:41 | MacroExpr | main.rs:66:5:66:9 | ...::log | provenance | MaD:1 Sink:MaD:1 |
|
||||
| main.rs:66:28:66:36 | user_info [UserInfo] | main.rs:66:28:66:41 | user_info.name | provenance | |
|
||||
| main.rs:66:28:66:41 | user_info.name | main.rs:66:11:66:41 | MacroExpr | provenance | |
|
||||
| main.rs:109:13:109:21 | user_data | main.rs:112:15:112:35 | MacroExpr | provenance | |
|
||||
| main.rs:109:13:109:21 | user_data | main.rs:113:15:113:38 | MacroExpr | provenance | |
|
||||
| main.rs:109:13:109:21 | user_data | main.rs:114:16:114:37 | MacroExpr | provenance | |
|
||||
@@ -35,8 +78,8 @@ edges
|
||||
| main.rs:109:13:109:21 | user_data | main.rs:116:16:116:37 | MacroExpr | provenance | |
|
||||
| main.rs:109:13:109:21 | user_data | main.rs:119:15:119:75 | MacroExpr | provenance | |
|
||||
| main.rs:109:25:109:38 | ...::args | main.rs:109:25:109:40 | ...::args(...) [element] | provenance | Src:MaD:5 |
|
||||
| main.rs:109:25:109:40 | ...::args(...) [element] | main.rs:109:25:109:47 | ... .nth(...) [Some] | provenance | MaD:7 |
|
||||
| main.rs:109:25:109:47 | ... .nth(...) [Some] | main.rs:109:25:109:67 | ... .unwrap_or_default() | provenance | MaD:8 |
|
||||
| main.rs:109:25:109:40 | ...::args(...) [element] | main.rs:109:25:109:47 | ... .nth(...) [Some] | provenance | MaD:10 |
|
||||
| main.rs:109:25:109:47 | ... .nth(...) [Some] | main.rs:109:25:109:67 | ... .unwrap_or_default() | provenance | MaD:14 |
|
||||
| main.rs:109:25:109:67 | ... .unwrap_or_default() | main.rs:109:13:109:21 | user_data | provenance | |
|
||||
| main.rs:112:15:112:35 | MacroExpr | main.rs:112:9:112:13 | ...::log | provenance | MaD:1 Sink:MaD:1 |
|
||||
| main.rs:113:15:113:38 | MacroExpr | main.rs:113:9:113:13 | ...::log | provenance | MaD:1 Sink:MaD:1 |
|
||||
@@ -47,7 +90,7 @@ edges
|
||||
| main.rs:123:13:123:21 | user_data | main.rs:126:18:126:38 | MacroExpr | provenance | |
|
||||
| main.rs:123:13:123:21 | user_data | main.rs:127:19:127:49 | MacroExpr | provenance | |
|
||||
| main.rs:123:25:123:37 | ...::var | main.rs:123:25:123:45 | ...::var(...) [Ok] | provenance | Src:MaD:6 |
|
||||
| main.rs:123:25:123:45 | ...::var(...) [Ok] | main.rs:123:25:123:65 | ... .unwrap_or_default() | provenance | MaD:11 |
|
||||
| main.rs:123:25:123:45 | ...::var(...) [Ok] | main.rs:123:25:123:65 | ... .unwrap_or_default() | provenance | MaD:17 |
|
||||
| main.rs:123:25:123:65 | ... .unwrap_or_default() | main.rs:123:13:123:21 | user_data | provenance | |
|
||||
| main.rs:126:18:126:38 | MacroExpr | main.rs:126:9:126:16 | ...::_print | provenance | MaD:3 Sink:MaD:3 |
|
||||
| main.rs:127:19:127:49 | MacroExpr | main.rs:127:9:127:17 | ...::_eprint | provenance | MaD:2 Sink:MaD:2 |
|
||||
@@ -58,13 +101,30 @@ models
|
||||
| 4 | Source: reqwest::blocking::get; ReturnValue.Field[core::result::Result::Ok(0)]; remote |
|
||||
| 5 | Source: std::env::args; ReturnValue.Element; commandargs |
|
||||
| 6 | Source: std::env::var; ReturnValue.Field[core::result::Result::Ok(0)]; environment |
|
||||
| 7 | Summary: <_ as core::iter::traits::iterator::Iterator>::nth; Argument[self].Reference.Element; ReturnValue.Field[core::option::Option::Some(0)]; value |
|
||||
| 8 | Summary: <core::option::Option>::unwrap_or_default; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
|
||||
| 9 | Summary: <core::result::Result>::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
|
||||
| 10 | Summary: <core::result::Result>::unwrap_or; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
|
||||
| 11 | Summary: <core::result::Result>::unwrap_or_default; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
|
||||
| 12 | Summary: <reqwest::blocking::response::Response>::text; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint |
|
||||
| 7 | Summary: <_ as alloc::string::ToString>::to_string; Argument[self].Reference; ReturnValue; taint |
|
||||
| 8 | Summary: <_ as core::clone::Clone>::clone; Argument[self].Reference; ReturnValue; value |
|
||||
| 9 | Summary: <_ as core::iter::traits::iterator::Iterator>::collect; Argument[self].Element; ReturnValue.Element; value |
|
||||
| 10 | Summary: <_ as core::iter::traits::iterator::Iterator>::nth; Argument[self].Reference.Element; ReturnValue.Field[core::option::Option::Some(0)]; value |
|
||||
| 11 | Summary: <alloc::string::String as core::ops::arith::Add>::add; Argument[0].Reference; ReturnValue; taint |
|
||||
| 12 | Summary: <alloc::vec::Vec as core::ops::deref::Deref>::deref; Argument[self].Reference.Element; ReturnValue.Reference.Element; value |
|
||||
| 13 | Summary: <core::option::Option>::unwrap_or; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
|
||||
| 14 | Summary: <core::option::Option>::unwrap_or_default; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value |
|
||||
| 15 | Summary: <core::result::Result>::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
|
||||
| 16 | Summary: <core::result::Result>::unwrap_or; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
|
||||
| 17 | Summary: <core::result::Result>::unwrap_or_default; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
|
||||
| 18 | Summary: <reqwest::blocking::response::Response>::text; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint |
|
||||
| 19 | Summary: alloc::fmt::format; Argument[0]; ReturnValue; taint |
|
||||
| 20 | Summary: core::hint::must_use; Argument[0]; ReturnValue; value |
|
||||
nodes
|
||||
| main.rs:8:9:8:12 | args [element] | semmle.label | args [element] |
|
||||
| main.rs:8:29:8:37 | ...::args | semmle.label | ...::args |
|
||||
| main.rs:8:29:8:39 | ...::args(...) [element] | semmle.label | ...::args(...) [element] |
|
||||
| main.rs:8:29:8:49 | ... .collect() [element] | semmle.label | ... .collect() [element] |
|
||||
| main.rs:9:9:9:16 | username | semmle.label | username |
|
||||
| main.rs:9:20:9:23 | args [element] | semmle.label | args [element] |
|
||||
| main.rs:9:20:9:30 | args.get(...) [Some, &ref] | semmle.label | args.get(...) [Some, &ref] |
|
||||
| main.rs:9:20:9:64 | ... .unwrap_or(...) [&ref] | semmle.label | ... .unwrap_or(...) [&ref] |
|
||||
| main.rs:9:20:9:72 | ... .clone() | semmle.label | ... .clone() |
|
||||
| main.rs:10:9:10:18 | user_input | semmle.label | user_input |
|
||||
| main.rs:10:22:10:34 | ...::var | semmle.label | ...::var |
|
||||
| main.rs:10:22:10:48 | ...::var(...) [Ok] | semmle.label | ...::var(...) [Ok] |
|
||||
@@ -75,14 +135,42 @@ nodes
|
||||
| main.rs:11:23:12:17 | ... .unwrap() | semmle.label | ... .unwrap() |
|
||||
| main.rs:11:23:12:24 | ... .text() [Ok] | semmle.label | ... .text() [Ok] |
|
||||
| main.rs:11:23:12:61 | ... .unwrap_or(...) | semmle.label | ... .unwrap_or(...) |
|
||||
| main.rs:15:5:15:9 | ...::log | semmle.label | ...::log |
|
||||
| main.rs:15:11:15:36 | MacroExpr | semmle.label | MacroExpr |
|
||||
| main.rs:16:5:16:9 | ...::log | semmle.label | ...::log |
|
||||
| main.rs:16:11:16:44 | MacroExpr | semmle.label | MacroExpr |
|
||||
| main.rs:17:5:17:10 | ...::log | semmle.label | ...::log |
|
||||
| main.rs:17:12:17:46 | MacroExpr | semmle.label | MacroExpr |
|
||||
| main.rs:18:5:18:10 | ...::log | semmle.label | ...::log |
|
||||
| main.rs:18:12:18:37 | MacroExpr | semmle.label | MacroExpr |
|
||||
| main.rs:19:5:19:10 | ...::log | semmle.label | ...::log |
|
||||
| main.rs:19:12:19:39 | MacroExpr | semmle.label | MacroExpr |
|
||||
| main.rs:22:9:22:21 | formatted_msg | semmle.label | formatted_msg |
|
||||
| main.rs:22:33:22:63 | ...::format(...) | semmle.label | ...::format(...) |
|
||||
| main.rs:22:33:22:63 | ...::must_use(...) | semmle.label | ...::must_use(...) |
|
||||
| main.rs:22:33:22:63 | MacroExpr | semmle.label | MacroExpr |
|
||||
| main.rs:22:33:22:63 | { ... } | semmle.label | { ... } |
|
||||
| main.rs:23:5:23:9 | ...::log | semmle.label | ...::log |
|
||||
| main.rs:23:11:23:29 | MacroExpr | semmle.label | MacroExpr |
|
||||
| main.rs:26:9:26:18 | concat_msg | semmle.label | concat_msg |
|
||||
| main.rs:26:22:26:62 | ... + ... | semmle.label | ... + ... |
|
||||
| main.rs:26:54:26:62 | &username [&ref] | semmle.label | &username [&ref] |
|
||||
| main.rs:26:55:26:62 | username | semmle.label | username |
|
||||
| main.rs:27:5:27:9 | ...::log | semmle.label | ...::log |
|
||||
| main.rs:27:11:27:26 | MacroExpr | semmle.label | MacroExpr |
|
||||
| main.rs:30:5:30:9 | ...::log | semmle.label | ...::log |
|
||||
| main.rs:30:11:30:66 | MacroExpr | semmle.label | MacroExpr |
|
||||
| main.rs:52:28:52:36 | &username [&ref] | semmle.label | &username [&ref] |
|
||||
| main.rs:52:29:52:36 | username | semmle.label | username |
|
||||
| main.rs:56:27:56:40 | ...: ... [&ref] | semmle.label | ...: ... [&ref] |
|
||||
| main.rs:65:9:65:17 | user_info [UserInfo] | semmle.label | user_info [UserInfo] |
|
||||
| main.rs:65:21:65:59 | UserInfo {...} [UserInfo] | semmle.label | UserInfo {...} [UserInfo] |
|
||||
| main.rs:65:38:65:45 | username [&ref] | semmle.label | username [&ref] |
|
||||
| main.rs:65:38:65:57 | username.to_string() | semmle.label | username.to_string() |
|
||||
| main.rs:66:5:66:9 | ...::log | semmle.label | ...::log |
|
||||
| main.rs:66:11:66:41 | MacroExpr | semmle.label | MacroExpr |
|
||||
| main.rs:66:28:66:36 | user_info [UserInfo] | semmle.label | user_info [UserInfo] |
|
||||
| main.rs:66:28:66:41 | user_info.name | semmle.label | user_info.name |
|
||||
| main.rs:109:13:109:21 | user_data | semmle.label | user_data |
|
||||
| main.rs:109:25:109:38 | ...::args | semmle.label | ...::args |
|
||||
| main.rs:109:25:109:40 | ...::args(...) [element] | semmle.label | ...::args(...) [element] |
|
||||
|
||||
@@ -5,29 +5,29 @@ fn main() {
|
||||
env_logger::init();
|
||||
|
||||
// Sources of user input
|
||||
let args: Vec<String> = env::args().collect();
|
||||
let username = args.get(1).unwrap_or(&String::from("Guest")).clone(); // $ MISSING: Source=commandargs
|
||||
let args: Vec<String> = env::args().collect(); // $ Source=commandargs
|
||||
let username = args.get(1).unwrap_or(&String::from("Guest")).clone();
|
||||
let user_input = std::env::var("USER_INPUT").unwrap_or("default".to_string()); // $ Source=environment
|
||||
let remote_data = reqwest::blocking::get("http://example.com/user") // $ Source=remote
|
||||
.unwrap().text().unwrap_or("remote_user".to_string());
|
||||
|
||||
// BAD: Direct logging of user input
|
||||
info!("User login: {}", username); // $ MISSING: Alert[rust/log-injection]
|
||||
info!("User login: {}", username); // $ Alert[rust/log-injection]=commandargs
|
||||
warn!("Warning for user: {}", user_input); // $ Alert[rust/log-injection]=environment
|
||||
error!("Error processing: {}", remote_data); // $ Alert[rust/log-injection]=remote
|
||||
debug!("Debug info: {}", username); // $ MISSING: Alert[rust/log-injection]
|
||||
debug!("Debug info: {}", username); // $ Alert[rust/log-injection]=commandargs
|
||||
trace!("Trace data: {}", user_input); // $ Alert[rust/log-injection]=environment
|
||||
|
||||
// BAD: Formatted strings with user input
|
||||
let formatted_msg = format!("Processing user: {}", username);
|
||||
info!("{}", formatted_msg); // $ MISSING: Alert[rust/log-injection]
|
||||
info!("{}", formatted_msg); // $ Alert[rust/log-injection]=commandargs
|
||||
|
||||
// BAD: String concatenation with user input
|
||||
let concat_msg = "User activity: ".to_string() + &username;
|
||||
info!("{}", concat_msg); // $ MISSING: Alert[rust/log-injection]
|
||||
info!("{}", concat_msg); // $ Alert[rust/log-injection]=commandargs
|
||||
|
||||
// BAD: Complex formatting
|
||||
info!("User {} accessed resource at {}", username, remote_data); // $ Alert[rust/log-injection]=remote
|
||||
info!("User {} accessed resource at {}", username, remote_data); // $ Alert[rust/log-injection]=remote Alert[rust/log-injection]=commandargs
|
||||
|
||||
// GOOD: Sanitized input
|
||||
let sanitized_username = username.replace('\n', "").replace('\r', "");
|
||||
@@ -63,7 +63,7 @@ fn test_complex_scenarios(username: &str, user_input: &str) {
|
||||
|
||||
// BAD: Through struct fields
|
||||
let user_info = UserInfo { name: username.to_string() };
|
||||
info!("User info: {}", user_info.name); // $ MISSING: Alert[rust/log-injection]
|
||||
info!("User info: {}", user_info.name); // $ Alert[rust/log-injection]=commandargs
|
||||
|
||||
// GOOD: After sanitization
|
||||
let clean_input = sanitize_input(user_input);
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
| main.rs:109:4:109:34 | danger_accept_invalid_hostnames | main.rs:107:17:107:31 | ...::exists | main.rs:109:4:109:34 | danger_accept_invalid_hostnames | Disabling TLS certificate validation can expose the application to man-in-the-middle attacks. |
|
||||
| main.rs:115:4:115:34 | danger_accept_invalid_hostnames | main.rs:113:43:113:50 | metadata | main.rs:115:4:115:34 | danger_accept_invalid_hostnames | Disabling TLS certificate validation can expose the application to man-in-the-middle attacks. |
|
||||
| main.rs:121:4:121:34 | danger_accept_invalid_hostnames | main.rs:119:11:119:27 | ...::metadata | main.rs:121:4:121:34 | danger_accept_invalid_hostnames | Disabling TLS certificate validation can expose the application to man-in-the-middle attacks. |
|
||||
| main.rs:134:4:134:34 | danger_accept_invalid_hostnames | main.rs:129:14:129:27 | ...::stdin | main.rs:134:4:134:34 | danger_accept_invalid_hostnames | Disabling TLS certificate validation can expose the application to man-in-the-middle attacks. |
|
||||
| main.rs:146:4:146:34 | danger_accept_invalid_hostnames | main.rs:144:39:144:42 | true | main.rs:146:4:146:34 | danger_accept_invalid_hostnames | Disabling TLS certificate validation can expose the application to man-in-the-middle attacks. |
|
||||
edges
|
||||
| main.rs:4:32:4:35 | true | main.rs:4:4:4:30 | danger_accept_invalid_certs | provenance | MaD:1 Sink:MaD:1 |
|
||||
@@ -37,21 +38,33 @@ edges
|
||||
| main.rs:93:32:93:47 | sometimes_global | main.rs:93:4:93:30 | danger_accept_invalid_certs | provenance | MaD:1 Sink:MaD:1 |
|
||||
| main.rs:107:6:107:7 | b1 | main.rs:109:36:109:37 | b1 | provenance | |
|
||||
| main.rs:107:17:107:31 | ...::exists | main.rs:107:17:107:42 | ...::exists(...) [Ok] | provenance | Src:MaD:8 |
|
||||
| main.rs:107:17:107:42 | ...::exists(...) [Ok] | main.rs:107:17:107:51 | ... .unwrap() | provenance | MaD:10 |
|
||||
| main.rs:107:17:107:42 | ...::exists(...) [Ok] | main.rs:107:17:107:51 | ... .unwrap() | provenance | MaD:13 |
|
||||
| main.rs:107:17:107:51 | ... .unwrap() | main.rs:107:6:107:7 | b1 | provenance | |
|
||||
| main.rs:109:36:109:37 | b1 | main.rs:109:4:109:34 | danger_accept_invalid_hostnames | provenance | MaD:2 Sink:MaD:2 |
|
||||
| main.rs:113:6:113:7 | b2 | main.rs:115:36:115:37 | b2 | provenance | |
|
||||
| main.rs:113:11:113:52 | ... .metadata() [Ok] | main.rs:113:11:113:61 | ... .unwrap() | provenance | MaD:10 |
|
||||
| main.rs:113:11:113:61 | ... .unwrap() | main.rs:113:11:113:71 | ... .is_file() | provenance | MaD:12 |
|
||||
| main.rs:113:11:113:52 | ... .metadata() [Ok] | main.rs:113:11:113:61 | ... .unwrap() | provenance | MaD:13 |
|
||||
| main.rs:113:11:113:61 | ... .unwrap() | main.rs:113:11:113:71 | ... .is_file() | provenance | MaD:16 |
|
||||
| main.rs:113:11:113:71 | ... .is_file() | main.rs:113:6:113:7 | b2 | provenance | |
|
||||
| main.rs:113:43:113:50 | metadata | main.rs:113:11:113:52 | ... .metadata() [Ok] | provenance | Src:MaD:7 |
|
||||
| main.rs:115:36:115:37 | b2 | main.rs:115:4:115:34 | danger_accept_invalid_hostnames | provenance | MaD:2 Sink:MaD:2 |
|
||||
| main.rs:119:6:119:7 | b3 | main.rs:121:36:121:37 | b3 | provenance | |
|
||||
| main.rs:119:11:119:27 | ...::metadata | main.rs:119:11:119:38 | ...::metadata(...) [Ok] | provenance | Src:MaD:9 |
|
||||
| main.rs:119:11:119:38 | ...::metadata(...) [Ok] | main.rs:119:11:119:47 | ... .unwrap() | provenance | MaD:10 |
|
||||
| main.rs:119:11:119:47 | ... .unwrap() | main.rs:119:11:119:56 | ... .is_dir() | provenance | MaD:11 |
|
||||
| main.rs:119:11:119:38 | ...::metadata(...) [Ok] | main.rs:119:11:119:47 | ... .unwrap() | provenance | MaD:13 |
|
||||
| main.rs:119:11:119:47 | ... .unwrap() | main.rs:119:11:119:56 | ... .is_dir() | provenance | MaD:15 |
|
||||
| main.rs:119:11:119:56 | ... .is_dir() | main.rs:119:6:119:7 | b3 | provenance | |
|
||||
| main.rs:121:36:121:37 | b3 | main.rs:121:4:121:34 | danger_accept_invalid_hostnames | provenance | MaD:2 Sink:MaD:2 |
|
||||
| main.rs:129:6:129:10 | input | main.rs:130:2:130:6 | input | provenance | |
|
||||
| main.rs:129:14:129:27 | ...::stdin | main.rs:129:14:129:29 | ...::stdin(...) | provenance | Src:MaD:10 MaD:10 |
|
||||
| main.rs:129:14:129:29 | ...::stdin(...) | main.rs:129:6:129:10 | input | provenance | |
|
||||
| main.rs:130:2:130:6 | input | main.rs:130:18:130:32 | [post] &mut input_line [&ref] | provenance | MaD:17 |
|
||||
| main.rs:130:18:130:32 | [post] &mut input_line [&ref] | main.rs:130:23:130:32 | [post] input_line | provenance | |
|
||||
| main.rs:130:23:130:32 | [post] input_line | main.rs:132:17:132:26 | input_line | provenance | |
|
||||
| main.rs:132:6:132:7 | b4 | main.rs:134:36:134:37 | b4 | provenance | |
|
||||
| main.rs:132:17:132:26 | input_line | main.rs:132:17:132:42 | input_line.parse() [Ok] | provenance | MaD:11 |
|
||||
| main.rs:132:17:132:26 | input_line | main.rs:132:17:132:42 | input_line.parse() [Ok] | provenance | MaD:12 |
|
||||
| main.rs:132:17:132:42 | input_line.parse() [Ok] | main.rs:132:17:132:59 | ... .unwrap_or(...) | provenance | MaD:14 |
|
||||
| main.rs:132:17:132:59 | ... .unwrap_or(...) | main.rs:132:6:132:7 | b4 | provenance | |
|
||||
| main.rs:134:36:134:37 | b4 | main.rs:134:4:134:34 | danger_accept_invalid_hostnames | provenance | MaD:2 Sink:MaD:2 |
|
||||
| main.rs:144:6:144:7 | b6 | main.rs:146:36:146:37 | b6 | provenance | |
|
||||
| main.rs:144:39:144:42 | true | main.rs:144:6:144:7 | b6 | provenance | |
|
||||
| main.rs:146:36:146:37 | b6 | main.rs:146:4:146:34 | danger_accept_invalid_hostnames | provenance | MaD:2 Sink:MaD:2 |
|
||||
@@ -66,9 +79,14 @@ models
|
||||
| 7 | Source: <std::path::Path>::metadata; ReturnValue.Field[core::result::Result::Ok(0)]; file |
|
||||
| 8 | Source: std::fs::exists; ReturnValue.Field[core::result::Result::Ok(0)]; file |
|
||||
| 9 | Source: std::fs::metadata; ReturnValue.Field[core::result::Result::Ok(0)]; file |
|
||||
| 10 | Summary: <core::result::Result>::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
|
||||
| 11 | Summary: <std::fs::Metadata>::is_dir; Argument[self].Reference; ReturnValue; taint |
|
||||
| 12 | Summary: <std::fs::Metadata>::is_file; Argument[self].Reference; ReturnValue; taint |
|
||||
| 10 | Source: std::io::stdio::stdin; ReturnValue; stdin |
|
||||
| 11 | Summary: <_ as core::ops::deref::Deref>::deref; Argument[self].Reference; ReturnValue.Reference; taint |
|
||||
| 12 | Summary: <alloc::string::String as core::ops::deref::Deref>::deref; Argument[self]; ReturnValue; value |
|
||||
| 13 | Summary: <core::result::Result>::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
|
||||
| 14 | Summary: <core::result::Result>::unwrap_or; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value |
|
||||
| 15 | Summary: <std::fs::Metadata>::is_dir; Argument[self].Reference; ReturnValue; taint |
|
||||
| 16 | Summary: <std::fs::Metadata>::is_file; Argument[self].Reference; ReturnValue; taint |
|
||||
| 17 | Summary: <std::io::stdio::Stdin>::read_line; Argument[self].Reference; Argument[0].Reference; taint |
|
||||
nodes
|
||||
| main.rs:4:4:4:30 | danger_accept_invalid_certs | semmle.label | danger_accept_invalid_certs |
|
||||
| main.rs:4:32:4:35 | true | semmle.label | true |
|
||||
@@ -121,6 +139,18 @@ nodes
|
||||
| main.rs:119:11:119:56 | ... .is_dir() | semmle.label | ... .is_dir() |
|
||||
| main.rs:121:4:121:34 | danger_accept_invalid_hostnames | semmle.label | danger_accept_invalid_hostnames |
|
||||
| main.rs:121:36:121:37 | b3 | semmle.label | b3 |
|
||||
| main.rs:129:6:129:10 | input | semmle.label | input |
|
||||
| main.rs:129:14:129:27 | ...::stdin | semmle.label | ...::stdin |
|
||||
| main.rs:129:14:129:29 | ...::stdin(...) | semmle.label | ...::stdin(...) |
|
||||
| main.rs:130:2:130:6 | input | semmle.label | input |
|
||||
| main.rs:130:18:130:32 | [post] &mut input_line [&ref] | semmle.label | [post] &mut input_line [&ref] |
|
||||
| main.rs:130:23:130:32 | [post] input_line | semmle.label | [post] input_line |
|
||||
| main.rs:132:6:132:7 | b4 | semmle.label | b4 |
|
||||
| main.rs:132:17:132:26 | input_line | semmle.label | input_line |
|
||||
| main.rs:132:17:132:42 | input_line.parse() [Ok] | semmle.label | input_line.parse() [Ok] |
|
||||
| main.rs:132:17:132:59 | ... .unwrap_or(...) | semmle.label | ... .unwrap_or(...) |
|
||||
| main.rs:134:4:134:34 | danger_accept_invalid_hostnames | semmle.label | danger_accept_invalid_hostnames |
|
||||
| main.rs:134:36:134:37 | b4 | semmle.label | b4 |
|
||||
| main.rs:144:6:144:7 | b6 | semmle.label | b6 |
|
||||
| main.rs:144:39:144:42 | true | semmle.label | true |
|
||||
| main.rs:146:4:146:34 | danger_accept_invalid_hostnames | semmle.label | danger_accept_invalid_hostnames |
|
||||
|
||||
@@ -126,12 +126,12 @@ fn test_threat_model_source() {
|
||||
// (these are a little closer to something real)
|
||||
|
||||
let mut input_line = String::new();
|
||||
let input = std::io::stdin();
|
||||
let input = std::io::stdin(); // $ Source=stdin
|
||||
input.read_line(&mut input_line).unwrap();
|
||||
|
||||
let b4: bool = input_line.parse::<bool>().unwrap_or(false);
|
||||
let _client = native_tls::TlsConnector::builder()
|
||||
.danger_accept_invalid_hostnames(b4) // $ MISSING: Alert[rust/disabled-certificate-check]=stdin
|
||||
.danger_accept_invalid_hostnames(b4) // $ Alert[rust/disabled-certificate-check]=stdin
|
||||
.build()
|
||||
.unwrap();
|
||||
|
||||
|
||||
Reference in New Issue
Block a user