hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Rust: Address PR feedback

Browse Source
This commit is contained in:
Simon Friis Vindum
2025-11-28 09:42:35 +01:00
parent 273eb19b88
commit fe37e3d9be
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
rust/ql/lib/codeql/rust/dataflow/internal/TaintTrackingImpl.qll
View File

@@ -57,13 +57,14 @@ module RustTaintTracking implements InputSig<Location, RustDataFlow> {
s instanceof Builtins::NumericType or s instanceof Builtins::NumericType or
s instanceof Builtins::Bool or s instanceof Builtins::Bool or
s instanceof Builtins::Char s instanceof Builtins::Char
) ) and
not t.(Type::EnumType).getEnum().isFieldless()
) and ) and
not excludedTaintStepContent(c) and not excludedTaintStepContent(c)
not TypeInference::inferType(succ.asExpr()).(Type::EnumType).getEnum().isFieldless()
) )
or or
// Let all read steps (including those from flow summaries and those that // In addition to the above, for element and reference content we let
// _all_ read steps (including those from flow summaries and those that
// result in small primitive types) give rise to taint steps. // result in small primitive types) give rise to taint steps.
exists(SingletonContentSet cs | RustDataFlow::readStep(pred, cs, succ) | exists(SingletonContentSet cs | RustDataFlow::readStep(pred, cs, succ) |
cs.getContent() instanceof ElementContent cs.getContent() instanceof ElementContent