Skip to content

Commit a7bb952

Browse files
hvitvedhvitved
committedJan 9, 2025
Rust: Implement known{Source,Sink}Model
·
codeql-cli/v2.21.2codeql-cli/latest
1 parent 868caf9 commit a7bb952

File tree

5 files changed

+115
-53
lines changed

5 files changed

+115
-53
lines changed
 

‎rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll

+12-8
Original file line numberDiff line numberDiff line change
@@ -202,13 +202,13 @@ module Node {
202202
}
203203

204204
/** Holds is this node is a source node of kind `kind`. */
205-
predicate isSource(string kind) {
206-
this.getSummaryNode().(FlowSummaryImpl::Private::SourceOutputNode).isEntry(kind)
205+
predicate isSource(string kind, string model) {
206+
this.getSummaryNode().(FlowSummaryImpl::Private::SourceOutputNode).isEntry(kind, model)
207207
}
208208

209209
/** Holds is this node is a sink node of kind `kind`. */
210-
predicate isSink(string kind) {
211-
this.getSummaryNode().(FlowSummaryImpl::Private::SinkInputNode).isExit(kind)
210+
predicate isSink(string kind, string model) {
211+
this.getSummaryNode().(FlowSummaryImpl::Private::SinkInputNode).isExit(kind, model)
212212
}
213213

214214
override CfgScope getCfgScope() {
@@ -1305,9 +1305,13 @@ module RustDataFlow implements InputSig<Location> {
13051305
/** Extra data flow steps needed for lambda flow analysis. */
13061306
predicate additionalLambdaFlowStep(Node nodeFrom, Node nodeTo, boolean preservesValue) { none() }
13071307

1308-
predicate knownSourceModel(Node source, string model) { none() }
1308+
predicate knownSourceModel(Node source, string model) {
1309+
source.(Node::FlowSummaryNode).isSource(_, model)
1310+
}
13091311

1310-
predicate knownSinkModel(Node sink, string model) { none() }
1312+
predicate knownSinkModel(Node sink, string model) {
1313+
sink.(Node::FlowSummaryNode).isSink(_, model)
1314+
}
13111315

13121316
class DataFlowSecondLevelScope = Void;
13131317
}
@@ -1575,11 +1579,11 @@ private module Cached {
15751579

15761580
/** Holds if `n` is a flow source of kind `kind`. */
15771581
cached
1578-
predicate sourceNode(Node n, string kind) { n.(Node::FlowSummaryNode).isSource(kind) }
1582+
predicate sourceNode(Node n, string kind) { n.(Node::FlowSummaryNode).isSource(kind, _) }
15791583

15801584
/** Holds if `n` is a flow sink of kind `kind`. */
15811585
cached
1582-
predicate sinkNode(Node n, string kind) { n.(Node::FlowSummaryNode).isSink(kind) }
1586+
predicate sinkNode(Node n, string kind) { n.(Node::FlowSummaryNode).isSink(kind, _) }
15831587
}
15841588

15851589
import Cached

‎rust/ql/test/library-tests/dataflow/models/main.rs

+20
Original file line numberDiff line numberDiff line change
@@ -222,6 +222,24 @@ fn test_enum_method_sink() {
222222
e.sink(); // $ hasValueFlow=15
223223
}
224224

225+
// has a source model
226+
fn simple_source(i: i64) -> i64 {
227+
0
228+
}
229+
230+
fn test_simple_source() {
231+
let s = simple_source(16);
232+
sink(s) // $ hasValueFlow=16
233+
}
234+
235+
// has a sink model
236+
fn simple_sink(i: i64) {}
237+
238+
fn test_simple_sink() {
239+
let s = source(17);
240+
simple_sink(s); // $ hasValueFlow=17
241+
}
242+
225243
fn main() {
226244
test_identify();
227245
test_get_var_pos();
@@ -238,5 +256,7 @@ fn main() {
238256
test_enum_method_source();
239257
test_enum_sink();
240258
test_enum_method_sink();
259+
test_simple_source();
260+
test_simple_sink();
241261
let dummy = Some(0); // ensure that the the `lang:core` crate is extracted
242262
}

‎rust/ql/test/library-tests/dataflow/models/models.expected

+73-39
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,20 @@
11
models
22
| 1 | Sink: repo::test; <crate::MyFieldEnum>::sink; test-sink; Argument[self].Variant[crate::MyFieldEnum::D::field_d] |
33
| 2 | Sink: repo::test; crate::enum_sink; test-sink; Argument[0].Variant[crate::MyFieldEnum::C::field_c] |
4-
| 3 | Source: repo::test; <crate::MyFieldEnum>::source; test-source; ReturnValue.Variant[crate::MyFieldEnum::C::field_c] |
5-
| 4 | Source: repo::test; crate::enum_source; test-source; ReturnValue.Variant[crate::MyFieldEnum::D::field_d] |
6-
| 5 | Summary: repo::test; crate::coerce; Argument[0]; ReturnValue; taint |
7-
| 6 | Summary: repo::test; crate::get_array_element; Argument[0].ArrayElement; ReturnValue; value |
8-
| 7 | Summary: repo::test; crate::get_struct_field; Argument[0].Struct[crate::MyStruct::field1]; ReturnValue; value |
9-
| 8 | Summary: repo::test; crate::get_tuple_element; Argument[0].Tuple[0]; ReturnValue; value |
10-
| 9 | Summary: repo::test; crate::get_var_field; Argument[0].Variant[crate::MyFieldEnum::C::field_c]; ReturnValue; value |
11-
| 10 | Summary: repo::test; crate::get_var_pos; Argument[0].Variant[crate::MyPosEnum::A(0)]; ReturnValue; value |
12-
| 11 | Summary: repo::test; crate::set_array_element; Argument[0]; ReturnValue.ArrayElement; value |
13-
| 12 | Summary: repo::test; crate::set_tuple_element; Argument[0]; ReturnValue.Tuple[1]; value |
14-
| 13 | Summary: repo::test; crate::set_var_field; Argument[0]; ReturnValue.Variant[crate::MyFieldEnum::D::field_d]; value |
15-
| 14 | Summary: repo::test; crate::set_var_pos; Argument[0]; ReturnValue.Variant[crate::MyPosEnum::B(0)]; value |
4+
| 3 | Sink: repo::test; crate::simple_sink; test-sink; Argument[0] |
5+
| 4 | Source: repo::test; <crate::MyFieldEnum>::source; test-source; ReturnValue.Variant[crate::MyFieldEnum::C::field_c] |
6+
| 5 | Source: repo::test; crate::enum_source; test-source; ReturnValue.Variant[crate::MyFieldEnum::D::field_d] |
7+
| 6 | Source: repo::test; crate::simple_source; test-source; ReturnValue |
8+
| 7 | Summary: repo::test; crate::coerce; Argument[0]; ReturnValue; taint |
9+
| 8 | Summary: repo::test; crate::get_array_element; Argument[0].ArrayElement; ReturnValue; value |
10+
| 9 | Summary: repo::test; crate::get_struct_field; Argument[0].Struct[crate::MyStruct::field1]; ReturnValue; value |
11+
| 10 | Summary: repo::test; crate::get_tuple_element; Argument[0].Tuple[0]; ReturnValue; value |
12+
| 11 | Summary: repo::test; crate::get_var_field; Argument[0].Variant[crate::MyFieldEnum::C::field_c]; ReturnValue; value |
13+
| 12 | Summary: repo::test; crate::get_var_pos; Argument[0].Variant[crate::MyPosEnum::A(0)]; ReturnValue; value |
14+
| 13 | Summary: repo::test; crate::set_array_element; Argument[0]; ReturnValue.ArrayElement; value |
15+
| 14 | Summary: repo::test; crate::set_tuple_element; Argument[0]; ReturnValue.Tuple[1]; value |
16+
| 15 | Summary: repo::test; crate::set_var_field; Argument[0]; ReturnValue.Variant[crate::MyFieldEnum::D::field_d]; value |
17+
| 16 | Summary: repo::test; crate::set_var_pos; Argument[0]; ReturnValue.Variant[crate::MyPosEnum::B(0)]; value |
1618
edges
1719
| main.rs:15:9:15:9 | s | main.rs:16:19:16:19 | s | provenance | |
1820
| main.rs:15:9:15:9 | s | main.rs:16:19:16:19 | s | provenance | |
@@ -22,7 +24,7 @@ edges
2224
| main.rs:16:19:16:19 | s | main.rs:16:10:16:20 | identity(...) | provenance | QL |
2325
| main.rs:25:9:25:9 | s | main.rs:26:17:26:17 | s | provenance | |
2426
| main.rs:25:13:25:22 | source(...) | main.rs:25:9:25:9 | s | provenance | |
25-
| main.rs:26:17:26:17 | s | main.rs:26:10:26:18 | coerce(...) | provenance | MaD:5 |
27+
| main.rs:26:17:26:17 | s | main.rs:26:10:26:18 | coerce(...) | provenance | MaD:7 |
2628
| main.rs:40:9:40:9 | s | main.rs:41:27:41:27 | s | provenance | |
2729
| main.rs:40:9:40:9 | s | main.rs:41:27:41:27 | s | provenance | |
2830
| main.rs:40:13:40:21 | source(...) | main.rs:40:9:40:9 | s | provenance | |
@@ -33,8 +35,8 @@ edges
3335
| main.rs:41:14:41:28 | ...::A(...) [A] | main.rs:41:9:41:10 | e1 [A] | provenance | |
3436
| main.rs:41:27:41:27 | s | main.rs:41:14:41:28 | ...::A(...) [A] | provenance | |
3537
| main.rs:41:27:41:27 | s | main.rs:41:14:41:28 | ...::A(...) [A] | provenance | |
36-
| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:10 |
37-
| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:10 |
38+
| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:12 |
39+
| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:12 |
3840
| main.rs:53:9:53:9 | s | main.rs:54:26:54:26 | s | provenance | |
3941
| main.rs:53:9:53:9 | s | main.rs:54:26:54:26 | s | provenance | |
4042
| main.rs:53:13:53:21 | source(...) | main.rs:53:9:53:9 | s | provenance | |
@@ -43,8 +45,8 @@ edges
4345
| main.rs:54:9:54:10 | e1 [B] | main.rs:55:11:55:12 | e1 [B] | provenance | |
4446
| main.rs:54:14:54:27 | set_var_pos(...) [B] | main.rs:54:9:54:10 | e1 [B] | provenance | |
4547
| main.rs:54:14:54:27 | set_var_pos(...) [B] | main.rs:54:9:54:10 | e1 [B] | provenance | |
46-
| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:14 |
47-
| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:14 |
48+
| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:16 |
49+
| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:16 |
4850
| main.rs:55:11:55:12 | e1 [B] | main.rs:57:9:57:23 | ...::B(...) [B] | provenance | |
4951
| main.rs:55:11:55:12 | e1 [B] | main.rs:57:9:57:23 | ...::B(...) [B] | provenance | |
5052
| main.rs:57:9:57:23 | ...::B(...) [B] | main.rs:57:22:57:22 | i | provenance | |
@@ -61,8 +63,8 @@ edges
6163
| main.rs:73:14:73:42 | ...::C {...} [C] | main.rs:73:9:73:10 | e1 [C] | provenance | |
6264
| main.rs:73:40:73:40 | s | main.rs:73:14:73:42 | ...::C {...} [C] | provenance | |
6365
| main.rs:73:40:73:40 | s | main.rs:73:14:73:42 | ...::C {...} [C] | provenance | |
64-
| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:9 |
65-
| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:9 |
66+
| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:11 |
67+
| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:11 |
6668
| main.rs:85:9:85:9 | s | main.rs:86:28:86:28 | s | provenance | |
6769
| main.rs:85:9:85:9 | s | main.rs:86:28:86:28 | s | provenance | |
6870
| main.rs:85:13:85:21 | source(...) | main.rs:85:9:85:9 | s | provenance | |
@@ -71,8 +73,8 @@ edges
7173
| main.rs:86:9:86:10 | e1 [D] | main.rs:87:11:87:12 | e1 [D] | provenance | |
7274
| main.rs:86:14:86:29 | set_var_field(...) [D] | main.rs:86:9:86:10 | e1 [D] | provenance | |
7375
| main.rs:86:14:86:29 | set_var_field(...) [D] | main.rs:86:9:86:10 | e1 [D] | provenance | |
74-
| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:13 |
75-
| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:13 |
76+
| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:15 |
77+
| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:15 |
7678
| main.rs:87:11:87:12 | e1 [D] | main.rs:89:9:89:37 | ...::D {...} [D] | provenance | |
7779
| main.rs:87:11:87:12 | e1 [D] | main.rs:89:9:89:37 | ...::D {...} [D] | provenance | |
7880
| main.rs:89:9:89:37 | ...::D {...} [D] | main.rs:89:35:89:35 | i | provenance | |
@@ -89,14 +91,14 @@ edges
8991
| main.rs:105:21:108:5 | MyStruct {...} [MyStruct.field1] | main.rs:105:9:105:17 | my_struct [MyStruct.field1] | provenance | |
9092
| main.rs:106:17:106:17 | s | main.rs:105:21:108:5 | MyStruct {...} [MyStruct.field1] | provenance | |
9193
| main.rs:106:17:106:17 | s | main.rs:105:21:108:5 | MyStruct {...} [MyStruct.field1] | provenance | |
92-
| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:7 |
93-
| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:7 |
94+
| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:9 |
95+
| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:9 |
9496
| main.rs:138:9:138:9 | s | main.rs:139:29:139:29 | s | provenance | |
9597
| main.rs:138:9:138:9 | s | main.rs:139:29:139:29 | s | provenance | |
9698
| main.rs:138:13:138:21 | source(...) | main.rs:138:9:138:9 | s | provenance | |
9799
| main.rs:138:13:138:21 | source(...) | main.rs:138:9:138:9 | s | provenance | |
98-
| main.rs:139:28:139:30 | [...] [array[]] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:6 |
99-
| main.rs:139:28:139:30 | [...] [array[]] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:6 |
100+
| main.rs:139:28:139:30 | [...] [array[]] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:8 |
101+
| main.rs:139:28:139:30 | [...] [array[]] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:8 |
100102
| main.rs:139:29:139:29 | s | main.rs:139:28:139:30 | [...] [array[]] | provenance | |
101103
| main.rs:139:29:139:29 | s | main.rs:139:28:139:30 | [...] [array[]] | provenance | |
102104
| main.rs:148:9:148:9 | s | main.rs:149:33:149:33 | s | provenance | |
@@ -107,8 +109,8 @@ edges
107109
| main.rs:149:9:149:11 | arr [array[]] | main.rs:150:10:150:12 | arr [array[]] | provenance | |
108110
| main.rs:149:15:149:34 | set_array_element(...) [array[]] | main.rs:149:9:149:11 | arr [array[]] | provenance | |
109111
| main.rs:149:15:149:34 | set_array_element(...) [array[]] | main.rs:149:9:149:11 | arr [array[]] | provenance | |
110-
| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [array[]] | provenance | MaD:11 |
111-
| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [array[]] | provenance | MaD:11 |
112+
| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [array[]] | provenance | MaD:13 |
113+
| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [array[]] | provenance | MaD:13 |
112114
| main.rs:150:10:150:12 | arr [array[]] | main.rs:150:10:150:15 | arr[0] | provenance | |
113115
| main.rs:150:10:150:12 | arr [array[]] | main.rs:150:10:150:15 | arr[0] | provenance | |
114116
| main.rs:159:9:159:9 | s | main.rs:160:14:160:14 | s | provenance | |
@@ -121,8 +123,8 @@ edges
121123
| main.rs:160:13:160:18 | TupleExpr [tuple.0] | main.rs:160:9:160:9 | t [tuple.0] | provenance | |
122124
| main.rs:160:14:160:14 | s | main.rs:160:13:160:18 | TupleExpr [tuple.0] | provenance | |
123125
| main.rs:160:14:160:14 | s | main.rs:160:13:160:18 | TupleExpr [tuple.0] | provenance | |
124-
| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:8 |
125-
| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:8 |
126+
| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:10 |
127+
| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:10 |
126128
| main.rs:172:9:172:9 | s | main.rs:173:31:173:31 | s | provenance | |
127129
| main.rs:172:9:172:9 | s | main.rs:173:31:173:31 | s | provenance | |
128130
| main.rs:172:13:172:22 | source(...) | main.rs:172:9:172:9 | s | provenance | |
@@ -131,14 +133,14 @@ edges
131133
| main.rs:173:9:173:9 | t [tuple.1] | main.rs:175:10:175:10 | t [tuple.1] | provenance | |
132134
| main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | main.rs:173:9:173:9 | t [tuple.1] | provenance | |
133135
| main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | main.rs:173:9:173:9 | t [tuple.1] | provenance | |
134-
| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:12 |
135-
| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:12 |
136+
| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:14 |
137+
| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:14 |
136138
| main.rs:175:10:175:10 | t [tuple.1] | main.rs:175:10:175:12 | t.1 | provenance | |
137139
| main.rs:175:10:175:10 | t [tuple.1] | main.rs:175:10:175:12 | t.1 | provenance | |
138140
| main.rs:194:9:194:9 | s [D] | main.rs:195:11:195:11 | s [D] | provenance | |
139141
| main.rs:194:9:194:9 | s [D] | main.rs:195:11:195:11 | s [D] | provenance | |
140-
| main.rs:194:13:194:23 | enum_source | main.rs:194:13:194:27 | enum_source(...) [D] | provenance | MaD:4 |
141-
| main.rs:194:13:194:23 | enum_source | main.rs:194:13:194:27 | enum_source(...) [D] | provenance | MaD:4 |
142+
| main.rs:194:13:194:23 | enum_source | main.rs:194:13:194:27 | enum_source(...) [D] | provenance | Src:MaD:5 |
143+
| main.rs:194:13:194:23 | enum_source | main.rs:194:13:194:27 | enum_source(...) [D] | provenance | Src:MaD:5 |
142144
| main.rs:194:13:194:27 | enum_source(...) [D] | main.rs:194:9:194:9 | s [D] | provenance | |
143145
| main.rs:194:13:194:27 | enum_source(...) [D] | main.rs:194:9:194:9 | s [D] | provenance | |
144146
| main.rs:195:11:195:11 | s [D] | main.rs:197:9:197:37 | ...::D {...} [D] | provenance | |
@@ -151,8 +153,8 @@ edges
151153
| main.rs:203:9:203:9 | s [C] | main.rs:204:11:204:11 | s [C] | provenance | |
152154
| main.rs:203:13:203:24 | e.source(...) [C] | main.rs:203:9:203:9 | s [C] | provenance | |
153155
| main.rs:203:13:203:24 | e.source(...) [C] | main.rs:203:9:203:9 | s [C] | provenance | |
154-
| main.rs:203:15:203:20 | source | main.rs:203:13:203:24 | e.source(...) [C] | provenance | MaD:3 |
155-
| main.rs:203:15:203:20 | source | main.rs:203:13:203:24 | e.source(...) [C] | provenance | MaD:3 |
156+
| main.rs:203:15:203:20 | source | main.rs:203:13:203:24 | e.source(...) [C] | provenance | Src:MaD:4 |
157+
| main.rs:203:15:203:20 | source | main.rs:203:13:203:24 | e.source(...) [C] | provenance | Src:MaD:4 |
156158
| main.rs:204:11:204:11 | s [C] | main.rs:205:9:205:37 | ...::C {...} [C] | provenance | |
157159
| main.rs:204:11:204:11 | s [C] | main.rs:205:9:205:37 | ...::C {...} [C] | provenance | |
158160
| main.rs:205:9:205:37 | ...::C {...} [C] | main.rs:205:35:205:35 | i | provenance | |
@@ -163,8 +165,8 @@ edges
163165
| main.rs:214:9:214:9 | s | main.rs:215:41:215:41 | s | provenance | |
164166
| main.rs:214:13:214:22 | source(...) | main.rs:214:9:214:9 | s | provenance | |
165167
| main.rs:214:13:214:22 | source(...) | main.rs:214:9:214:9 | s | provenance | |
166-
| main.rs:215:15:215:43 | ...::C {...} [C] | main.rs:215:5:215:13 | enum_sink | provenance | MaD:2 |
167-
| main.rs:215:15:215:43 | ...::C {...} [C] | main.rs:215:5:215:13 | enum_sink | provenance | MaD:2 |
168+
| main.rs:215:15:215:43 | ...::C {...} [C] | main.rs:215:5:215:13 | enum_sink | provenance | MaD:2 Sink:MaD:2 |
169+
| main.rs:215:15:215:43 | ...::C {...} [C] | main.rs:215:5:215:13 | enum_sink | provenance | MaD:2 Sink:MaD:2 |
168170
| main.rs:215:41:215:41 | s | main.rs:215:15:215:43 | ...::C {...} [C] | provenance | |
169171
| main.rs:215:41:215:41 | s | main.rs:215:15:215:43 | ...::C {...} [C] | provenance | |
170172
| main.rs:220:9:220:9 | s | main.rs:221:39:221:39 | s | provenance | |
@@ -177,8 +179,20 @@ edges
177179
| main.rs:221:13:221:41 | ...::D {...} [D] | main.rs:221:9:221:9 | e [D] | provenance | |
178180
| main.rs:221:39:221:39 | s | main.rs:221:13:221:41 | ...::D {...} [D] | provenance | |
179181
| main.rs:221:39:221:39 | s | main.rs:221:13:221:41 | ...::D {...} [D] | provenance | |
180-
| main.rs:222:5:222:5 | e [D] | main.rs:222:7:222:10 | sink | provenance | MaD:1 |
181-
| main.rs:222:5:222:5 | e [D] | main.rs:222:7:222:10 | sink | provenance | MaD:1 |
182+
| main.rs:222:5:222:5 | e [D] | main.rs:222:7:222:10 | sink | provenance | MaD:1 Sink:MaD:1 |
183+
| main.rs:222:5:222:5 | e [D] | main.rs:222:7:222:10 | sink | provenance | MaD:1 Sink:MaD:1 |
184+
| main.rs:231:9:231:9 | s | main.rs:232:10:232:10 | s | provenance | |
185+
| main.rs:231:9:231:9 | s | main.rs:232:10:232:10 | s | provenance | |
186+
| main.rs:231:13:231:25 | simple_source | main.rs:231:13:231:29 | simple_source(...) | provenance | Src:MaD:6 MaD:6 |
187+
| main.rs:231:13:231:25 | simple_source | main.rs:231:13:231:29 | simple_source(...) | provenance | Src:MaD:6 MaD:6 |
188+
| main.rs:231:13:231:29 | simple_source(...) | main.rs:231:9:231:9 | s | provenance | |
189+
| main.rs:231:13:231:29 | simple_source(...) | main.rs:231:9:231:9 | s | provenance | |
190+
| main.rs:239:9:239:9 | s | main.rs:240:17:240:17 | s | provenance | |
191+
| main.rs:239:9:239:9 | s | main.rs:240:17:240:17 | s | provenance | |
192+
| main.rs:239:13:239:22 | source(...) | main.rs:239:9:239:9 | s | provenance | |
193+
| main.rs:239:13:239:22 | source(...) | main.rs:239:9:239:9 | s | provenance | |
194+
| main.rs:240:17:240:17 | s | main.rs:240:5:240:15 | simple_sink | provenance | MaD:3 Sink:MaD:3 |
195+
| main.rs:240:17:240:17 | s | main.rs:240:5:240:15 | simple_sink | provenance | MaD:3 Sink:MaD:3 |
182196
nodes
183197
| main.rs:15:9:15:9 | s | semmle.label | s |
184198
| main.rs:15:9:15:9 | s | semmle.label | s |
@@ -374,6 +388,22 @@ nodes
374388
| main.rs:222:5:222:5 | e [D] | semmle.label | e [D] |
375389
| main.rs:222:7:222:10 | sink | semmle.label | sink |
376390
| main.rs:222:7:222:10 | sink | semmle.label | sink |
391+
| main.rs:231:9:231:9 | s | semmle.label | s |
392+
| main.rs:231:9:231:9 | s | semmle.label | s |
393+
| main.rs:231:13:231:25 | simple_source | semmle.label | simple_source |
394+
| main.rs:231:13:231:25 | simple_source | semmle.label | simple_source |
395+
| main.rs:231:13:231:29 | simple_source(...) | semmle.label | simple_source(...) |
396+
| main.rs:231:13:231:29 | simple_source(...) | semmle.label | simple_source(...) |
397+
| main.rs:232:10:232:10 | s | semmle.label | s |
398+
| main.rs:232:10:232:10 | s | semmle.label | s |
399+
| main.rs:239:9:239:9 | s | semmle.label | s |
400+
| main.rs:239:9:239:9 | s | semmle.label | s |
401+
| main.rs:239:13:239:22 | source(...) | semmle.label | source(...) |
402+
| main.rs:239:13:239:22 | source(...) | semmle.label | source(...) |
403+
| main.rs:240:5:240:15 | simple_sink | semmle.label | simple_sink |
404+
| main.rs:240:5:240:15 | simple_sink | semmle.label | simple_sink |
405+
| main.rs:240:17:240:17 | s | semmle.label | s |
406+
| main.rs:240:17:240:17 | s | semmle.label | s |
377407
subpaths
378408
testFailures
379409
invalidSpecComponent
@@ -407,3 +437,7 @@ invalidSpecComponent
407437
| main.rs:215:5:215:13 | enum_sink | main.rs:214:13:214:22 | source(...) | main.rs:215:5:215:13 | enum_sink | $@ | main.rs:214:13:214:22 | source(...) | source(...) |
408438
| main.rs:222:7:222:10 | sink | main.rs:220:13:220:22 | source(...) | main.rs:222:7:222:10 | sink | $@ | main.rs:220:13:220:22 | source(...) | source(...) |
409439
| main.rs:222:7:222:10 | sink | main.rs:220:13:220:22 | source(...) | main.rs:222:7:222:10 | sink | $@ | main.rs:220:13:220:22 | source(...) | source(...) |
440+
| main.rs:232:10:232:10 | s | main.rs:231:13:231:25 | simple_source | main.rs:232:10:232:10 | s | $@ | main.rs:231:13:231:25 | simple_source | simple_source |
441+
| main.rs:232:10:232:10 | s | main.rs:231:13:231:25 | simple_source | main.rs:232:10:232:10 | s | $@ | main.rs:231:13:231:25 | simple_source | simple_source |
442+
| main.rs:240:5:240:15 | simple_sink | main.rs:239:13:239:22 | source(...) | main.rs:240:5:240:15 | simple_sink | $@ | main.rs:239:13:239:22 | source(...) | source(...) |
443+
| main.rs:240:5:240:15 | simple_sink | main.rs:239:13:239:22 | source(...) | main.rs:240:5:240:15 | simple_sink | $@ | main.rs:239:13:239:22 | source(...) | source(...) |

‎rust/ql/test/library-tests/dataflow/models/models.ext.yml

+2
Original file line numberDiff line numberDiff line change
@@ -3,12 +3,14 @@ extensions:
33
pack: codeql/rust-all
44
extensible: sourceModel
55
data:
6+
- ["repo::test", "crate::simple_source", "ReturnValue", "test-source", "manual"]
67
- ["repo::test", "crate::enum_source", "ReturnValue.Variant[crate::MyFieldEnum::D::field_d]", "test-source", "manual"]
78
- ["repo::test", "<crate::MyFieldEnum>::source", "ReturnValue.Variant[crate::MyFieldEnum::C::field_c]", "test-source", "manual"]
89
- addsTo:
910
pack: codeql/rust-all
1011
extensible: sinkModel
1112
data:
13+
- ["repo::test", "crate::simple_sink", "Argument[0]", "test-sink", "manual"]
1214
- ["repo::test", "crate::enum_sink", "Argument[0].Variant[crate::MyFieldEnum::C::field_c]", "test-sink", "manual"]
1315
- ["repo::test", "<crate::MyFieldEnum>::sink", "Argument[self].Variant[crate::MyFieldEnum::D::field_d]", "test-sink", "manual"]
1416
- addsTo:

‎shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll

+8-6
Original file line numberDiff line numberDiff line change
@@ -1086,7 +1086,8 @@ module Make<
10861086
*
10871087
* This node should be used as the actual source node in data flow configurations.
10881088
*/
1089-
predicate isEntry(string kind) {
1089+
predicate isEntry(string kind, string model) {
1090+
model = model_ and
10901091
exists(SummaryComponentStack out |
10911092
sourceOutputStateEntry(source_, out, kind, model_) and
10921093
state_.isSourceOutputState(source_, out, kind, model_)
@@ -1105,10 +1106,10 @@ module Make<
11051106
state_.isSourceOutputState(source, TSingletonSummaryComponentStack(sc), _, model)
11061107
}
11071108

1108-
override predicate isHidden() { not this.isEntry(_) }
1109+
override predicate isHidden() { not this.isEntry(_, _) }
11091110

11101111
override string toString() {
1111-
if this.isEntry(_)
1112+
if this.isEntry(_, _)
11121113
then result = source_.toString()
11131114
else result = "[source] " + state_ + " at " + source_
11141115
}
@@ -1145,18 +1146,19 @@ module Make<
11451146
*
11461147
* This node should be used as the actual sink node in data flow configurations.
11471148
*/
1148-
predicate isExit(string kind) {
1149+
predicate isExit(string kind, string model) {
11491150
kind = kind_ and
1151+
model = model_ and
11501152
exists(SummaryComponentStack inp |
11511153
sinkInputStateExit(sink_, inp, kind, model_) and
11521154
state_.isSinkInputState(sink_, inp, kind, model_)
11531155
)
11541156
}
11551157

1156-
override predicate isHidden() { not this.isExit(_) }
1158+
override predicate isHidden() { not this.isExit(_, _) }
11571159

11581160
override string toString() {
1159-
if this.isExit(_)
1161+
if this.isExit(_, _)
11601162
then result = sink_.toString()
11611163
else result = "[sink] " + state_ + " at " + sink_
11621164
}

0 commit comments

Comments
 (0)
Please sign in to comment.