hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
861ca7526ea93d36a22396578cc5613119783193
codeql/rust/ql/test/query-tests/security/CWE-295/main.rs

158 lines
4.8 KiB
Rust
Raw Blame History

fn test_native_tls() {
// unsafe
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_certs(true) // $ Alert[rust/disabled-certificate-check]
.build()
.unwrap();
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_hostnames(true) // $ Alert[rust/disabled-certificate-check]
.build()
.unwrap();
let _client = native_tls::TlsConnector::builder()
.min_protocol_version(Some(native_tls::Protocol::Tlsv12))
.use_sni(true)
.danger_accept_invalid_certs(true) // $ Alert[rust/disabled-certificate-check]
.danger_accept_invalid_hostnames(true) // $ Alert[rust/disabled-certificate-check]
.build()
.unwrap();
// safe
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_certs(false) // good
.danger_accept_invalid_hostnames(false) // good
.build()
.unwrap();
// default (safe)
let _client = native_tls::TlsConnector::builder()
.build()
.unwrap();
}
fn test_reqwest() {
// unsafe
let _client = reqwest::Client::builder()
.danger_accept_invalid_certs(true) // $ Alert[rust/disabled-certificate-check]
.build()
.unwrap();
let _client = reqwest::blocking::ClientBuilder::new()
.danger_accept_invalid_hostnames(true) // $ Alert[rust/disabled-certificate-check]
.build()
.unwrap();
let _client = reqwest::ClientBuilder::new()
.danger_accept_invalid_certs(true) // $ Alert[rust/disabled-certificate-check]
.danger_accept_invalid_hostnames(true) // $ Alert[rust/disabled-certificate-check]
.build()
.unwrap();
let _client = reqwest::blocking::Client::builder()
.tcp_keepalive(std::time::Duration::from_secs(30))
.https_only(true)
.danger_accept_invalid_certs(true) // $ Alert[rust/disabled-certificate-check]
.danger_accept_invalid_hostnames(true) // $ Alert[rust/disabled-certificate-check]
.build()
.unwrap();
// safe
let _client = reqwest::blocking::Client::builder()
.danger_accept_invalid_certs(false) // good
.danger_accept_invalid_hostnames(false) // good
.build()
.unwrap();
// default (safe)
let _client = reqwest::blocking::Client::builder()
.build()
.unwrap();
}
fn test_data_flow(sometimes_global: bool) {
let always = true; // $ Source=always
let mut sometimes = true; // $ Source=sometimes
let never = false;
if rand::random_range(0 .. 2) == 0 {
sometimes = false;
}
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_certs(always) // $ Alert[rust/disabled-certificate-check]=always
.build()
.unwrap();
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_certs(sometimes) // $ Alert[rust/disabled-certificate-check]=sometimes
.build()
.unwrap();
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_certs(sometimes_global) // $ Alert[rust/disabled-certificate-check]=arg
.build()
.unwrap();
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_certs(never) // good
.build()
.unwrap();
}
fn test_threat_model_source() {
// hostname setting from `fs` functions returning `bool` directly
// (these are highly unnatural but serve to create simple tests)
let b1: bool = std::fs::exists("main.rs").unwrap(); // $ Source=exists
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_hostnames(b1) // $ Alert[rust/disabled-certificate-check]=exists
.build()
.unwrap();
let b2 = std::path::Path::new("main.rs").metadata().unwrap().is_file(); // $ Source=is_file
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_hostnames(b2) // $ Alert[rust/disabled-certificate-check]=is_file
.build()
.unwrap();
let b3 = std::fs::metadata("main.rs").unwrap().is_dir(); // $ Source=is_dir
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_hostnames(b3) // $ Alert[rust/disabled-certificate-check]=is_dir
.build()
.unwrap();
// hostname setting from `stdin`, parsed to `bool`
// (these are a little closer to something real)
let mut input_line = String::new();
let input = std::io::stdin();
input.read_line(&mut input_line).unwrap();
let b4: bool = input_line.parse::<bool>().unwrap_or(false);
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_hostnames(b4) // $ MISSING: Alert[rust/disabled-certificate-check]=stdin
.build()
.unwrap();
let b5 = std::str::FromStr::from_str(&input_line).unwrap_or(false);
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_hostnames(b5) // $ MISSING: Alert[rust/disabled-certificate-check]=stdin
.build()
.unwrap();
let b6 = if (input_line == "true") { true } else { false }; // $ Source=true
let _client = native_tls::TlsConnector::builder()
.danger_accept_invalid_hostnames(b6) // $ Alert[rust/disabled-certificate-check]=true
.build()
.unwrap();
}
fn main() {
test_native_tls();
test_reqwest();
test_data_flow(true); // $ Source=arg
test_data_flow(false);
test_threat_model_source();
}
Reference in New Issue View Git Blame Copy Permalink