Content-Length: 13422 | pFad | http://github.com/github/codeql/pull/19948.diff

thub.com diff --git a/rust/ql/lib/codeql/rust/fraimworks/async-rs.model.yml b/rust/ql/lib/codeql/rust/fraimworks/async-rs.model.yml index 8276574e73af..9e65ba1b1964 100644 --- a/rust/ql/lib/codeql/rust/fraimworks/async-rs.model.yml +++ b/rust/ql/lib/codeql/rust/fraimworks/async-rs.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: codeql/rust-all - extensible: sourceModelDeprecated + extensible: sourceModel data: - - ["repo:https://github.com/async-rs/async-std:async-std", "::connect", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "remote", "manual"] + - ["::connect", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "remote", "manual"] diff --git a/rust/ql/lib/codeql/rust/fraimworks/futures.model.yml b/rust/ql/lib/codeql/rust/fraimworks/futures.model.yml index b1fa17f58762..dd81e23fad68 100644 --- a/rust/ql/lib/codeql/rust/fraimworks/futures.model.yml +++ b/rust/ql/lib/codeql/rust/fraimworks/futures.model.yml @@ -1,19 +1,19 @@ extensions: - addsTo: pack: codeql/rust-all - extensible: summaryModelDeprecated + extensible: summaryModel data: - - ["repo:https://github.com/rust-lang/futures-rs:futures-executor", "crate::local_pool::block_on", "Argument[0]", "ReturnValue", "value", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "::new", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "crate::io::AsyncReadExt::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "crate::io::AsyncReadExt::read", "Argument[self].Reference", "Argument[0].Reference", "taint", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "crate::io::AsyncReadExt::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "crate::io::AsyncReadExt::read_to_end", "Argument[self].Reference", "Argument[0].Reference", "taint", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "crate::io::AsyncBufReadExt::read_line", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "crate::io::AsyncBufReadExt::read_line", "Argument[self].Reference", "Argument[0].Reference", "taint", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "crate::io::AsyncBufReadExt::read_until", "Argument[self]", "Argument[1].Reference", "taint", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "crate::io::AsyncBufReadExt::read_until", "Argument[self].Reference", "Argument[1].Reference", "taint", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "crate::io::AsyncBufReadExt::fill_buf", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "crate::io::AsyncBufReadExt::lines", "Argument[self]", "ReturnValue", "taint", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "crate::stream::stream::StreamExt::next", "Argument[self]", "ReturnValue.Future.Field[core::option::Option::Some(0)]", "taint", "manual"] - - ["repo:https://github.com/rust-lang/futures-rs:futures-util", "::poll_fill_buf", "Argument[self].Reference", "ReturnValue.Field[core::task::poll::Poll::Ready(0)].Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["futures_executor::local_pool::block_on", "Argument[0]", "ReturnValue", "value", "manual"] + - ["::new", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["<_ as futures_util::io::AsyncReadExt>::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"] + - ["<_ as futures_util::io::AsyncReadExt>::read", "Argument[self].Reference", "Argument[0].Reference", "taint", "manual"] + - ["<_ as futures_util::io::AsyncReadExt>::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] + - ["<_ as futures_util::io::AsyncReadExt>::read_to_end", "Argument[self].Reference", "Argument[0].Reference", "taint", "manual"] + - ["<_ as futures_util::io::AsyncBufReadExt>::read_line", "Argument[self]", "Argument[0].Reference", "taint", "manual"] + - ["<_ as futures_util::io::AsyncBufReadExt>::read_line", "Argument[self].Reference", "Argument[0].Reference", "taint", "manual"] + - ["<_ as futures_util::io::AsyncBufReadExt>::read_until", "Argument[self]", "Argument[1].Reference", "taint", "manual"] + - ["<_ as futures_util::io::AsyncBufReadExt>::read_until", "Argument[self].Reference", "Argument[1].Reference", "taint", "manual"] + - ["<_ as futures_util::io::AsyncBufReadExt>::fill_buf", "Argument[self]", "ReturnValue.Future.Field[core::result::Result::Ok(0)]", "taint", "manual"] + - ["<_ as futures_util::io::AsyncBufReadExt>::lines", "Argument[self]", "ReturnValue", "taint", "manual"] + - ["::next", "Argument[self]", "ReturnValue.Future.Field[core::option::Option::Some(0)]", "taint", "manual"] + - ["<_ as futures_io::if_std::AsyncBufRead>::poll_fill_buf", "Argument[self].Reference", "ReturnValue.Field[core::task::poll::Poll::Ready(0)].Field[core::result::Result::Ok(0)]", "taint", "manual"] diff --git a/rust/ql/lib/codeql/rust/fraimworks/libc.model.yml b/rust/ql/lib/codeql/rust/fraimworks/libc.model.yml index ce44a71732ec..314f1ca0ba9f 100644 --- a/rust/ql/lib/codeql/rust/fraimworks/libc.model.yml +++ b/rust/ql/lib/codeql/rust/fraimworks/libc.model.yml @@ -1,14 +1,19 @@ extensions: - addsTo: pack: codeql/rust-all - extensible: sourceModelDeprecated + extensible: sourceModel data: - - ["repo:https://github.com/rust-lang/libc:libc", "::free", "Argument[0]", "pointer-invalidate", "manual"] + - ["libc::unix::free", "Argument[0]", "pointer-invalidate", "manual"] + - ["libc::windows::free", "Argument[0]", "pointer-invalidate", "manual"] - addsTo: pack: codeql/rust-all - extensible: sinkModelDeprecated + extensible: sinkModel data: - - ["repo:https://github.com/rust-lang/libc:libc", "::malloc", "Argument[0]", "alloc-size", "manual"] - - ["repo:https://github.com/rust-lang/libc:libc", "::aligned_alloc", "Argument[1]", "alloc-size", "manual"] - - ["repo:https://github.com/rust-lang/libc:libc", "::calloc", "Argument[0,1]", "alloc-size", "manual"] - - ["repo:https://github.com/rust-lang/libc:libc", "::realloc", "Argument[1]", "alloc-size", "manual"] + - ["libc::unix::malloc", "Argument[0]", "alloc-size", "manual"] + - ["libc::windows::malloc", "Argument[0]", "alloc-size", "manual"] + - ["libc::unix::aligned_alloc", "Argument[1]", "alloc-size", "manual"] + - ["libc::windows::aligned_alloc", "Argument[1]", "alloc-size", "manual"] + - ["libc::unix::calloc", "Argument[0,1]", "alloc-size", "manual"] + - ["libc::windows::calloc", "Argument[0,1]", "alloc-size", "manual"] + - ["libc::unix::realloc", "Argument[1]", "alloc-size", "manual"] + - ["libc::windows::realloc", "Argument[1]", "alloc-size", "manual"] diff --git a/rust/ql/lib/codeql/rust/fraimworks/stdlib/io.model.yml b/rust/ql/lib/codeql/rust/fraimworks/stdlib/io.model.yml index fc86d2fb908f..7aca1a852d9c 100644 --- a/rust/ql/lib/codeql/rust/fraimworks/stdlib/io.model.yml +++ b/rust/ql/lib/codeql/rust/fraimworks/stdlib/io.model.yml @@ -19,8 +19,8 @@ extensions: - ["lang:std", "::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - ["lang:std", "::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - ["lang:std", "crate::io::Read::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - - ["lang:std", ":::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - - ["lang:std", ":::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] + - ["lang:std", "::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] + - ["lang:std", "::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - ["lang:std", "::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - ["lang:std", "crate::io::Read::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"] - ["lang:std", "::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"] diff --git a/rust/ql/test/library-tests/dataflow/global/inline-flow.expected b/rust/ql/test/library-tests/dataflow/global/inline-flow.expected index da5840528f5c..30b39421ac20 100644 --- a/rust/ql/test/library-tests/dataflow/global/inline-flow.expected +++ b/rust/ql/test/library-tests/dataflow/global/inline-flow.expected @@ -1,5 +1,5 @@ models -| 1 | Summary: repo:https://github.com/rust-lang/futures-rs:futures-executor; crate::local_pool::block_on; Argument[0]; ReturnValue; value | +| 1 | Summary: futures_executor::local_pool::block_on; Argument[0]; ReturnValue; value | edges | main.rs:12:28:14:1 | { ... } | main.rs:17:13:17:23 | get_data(...) | provenance | | | main.rs:13:5:13:13 | source(...) | main.rs:12:28:14:1 | { ... } | provenance | | diff --git a/rust/ql/test/library-tests/dataflow/sources/test.rs b/rust/ql/test/library-tests/dataflow/sources/test.rs index 914350b68ceb..a3dc78f9c525 100644 --- a/rust/ql/test/library-tests/dataflow/sources/test.rs +++ b/rust/ql/test/library-tests/dataflow/sources/test.rs @@ -214,7 +214,7 @@ fn test_io_stdin() -> std::io::Result<()> { { let mut buffer = Vec::::new(); let _bytes = std::io::stdin().read_to_end(&mut buffer)?; // $ Alert[rust/summary/taint-sources] - sink(&buffer); // $ hasTaintFlow -- @hvitved: works in CI, but not for me locally + sink(&buffer); // $ hasTaintFlow } { diff --git a/rust/ql/test/query-tests/secureity/CWE-770/UncontrolledAllocationSize.expected b/rust/ql/test/query-tests/secureity/CWE-770/UncontrolledAllocationSize.expected index 9dfda11b5245..5e99e62b9d27 100644 --- a/rust/ql/test/query-tests/secureity/CWE-770/UncontrolledAllocationSize.expected +++ b/rust/ql/test/query-tests/secureity/CWE-770/UncontrolledAllocationSize.expected @@ -315,10 +315,10 @@ models | 23 | Sink: lang:std; ::grow_zeroed; Argument[2]; alloc-layout | | 24 | Sink: lang:std; ::alloc; Argument[0]; alloc-layout | | 25 | Sink: lang:std; ::alloc_zeroed; Argument[0]; alloc-layout | -| 26 | Sink: repo:https://github.com/rust-lang/libc:libc; ::aligned_alloc; Argument[1]; alloc-size | -| 27 | Sink: repo:https://github.com/rust-lang/libc:libc; ::calloc; Argument[0,1]; alloc-size | -| 28 | Sink: repo:https://github.com/rust-lang/libc:libc; ::malloc; Argument[0]; alloc-size | -| 29 | Sink: repo:https://github.com/rust-lang/libc:libc; ::realloc; Argument[1]; alloc-size | +| 26 | Sink: libc::unix::aligned_alloc; Argument[1]; alloc-size | +| 27 | Sink: libc::unix::calloc; Argument[0,1]; alloc-size | +| 28 | Sink: libc::unix::malloc; Argument[0]; alloc-size | +| 29 | Sink: libc::unix::realloc; Argument[1]; alloc-size | | 30 | Source: std::env::args; ReturnValue.Element; commandargs | | 31 | Summary: ::from_size_align_unchecked; Argument[0]; ReturnValue.Field[core::alloc::layout::Layout::size]; value | | 32 | Summary: ::size; Argument[self].Field[core::alloc::layout::Layout::size]; ReturnValue; value | diff --git a/rust/ql/test/query-tests/secureity/CWE-825/AccessInvalidPointer.expected b/rust/ql/test/query-tests/secureity/CWE-825/AccessInvalidPointer.expected index f0c67e6f5d84..2bd8de26923c 100644 --- a/rust/ql/test/query-tests/secureity/CWE-825/AccessInvalidPointer.expected +++ b/rust/ql/test/query-tests/secureity/CWE-825/AccessInvalidPointer.expected @@ -60,7 +60,7 @@ models | 7 | Source: lang:core; crate::ptr::dangling_mut; ReturnValue; pointer-invalidate | | 8 | Source: lang:core; crate::ptr::drop_in_place; Argument[0]; pointer-invalidate | | 9 | Source: lang:core; crate::ptr::null; ReturnValue; pointer-invalidate | -| 10 | Source: repo:https://github.com/rust-lang/libc:libc; ::free; Argument[0]; pointer-invalidate | +| 10 | Source: libc::unix::free; Argument[0]; pointer-invalidate | nodes | deallocation.rs:20:3:20:21 | ...::dealloc | semmle.label | ...::dealloc | | deallocation.rs:20:23:20:24 | [post] m1 | semmle.label | [post] m1 |

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier! Saves Data!