Skip to content

Commit 24bcd04

Browse files
geoffw0geoffw0
committed
Rust: Add flow models for io.
1 parent 7a9ea52 commit 24bcd04

File tree

2 files changed

+49
-17
lines changed

2 files changed

+49
-17
lines changed

rust/ql/lib/codeql/rust/frameworks/stdlib/io.model.yml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,3 +4,35 @@ extensions:
44
extensible: sourceModel
55
data:
66
- ["lang:std", "crate::io::stdio::stdin", "ReturnValue", "stdin", "manual"]
7+
- addsTo:
8+
pack: codeql/rust-all
9+
extensible: summaryModel
10+
data:
11+
- ["lang:std", "<crate::io::buffered::bufreader::BufReader>::new", "Argument[0]", "ReturnValue", "taint", "manual"]
12+
- ["lang:std", "<crate::io::buffered::bufreader::BufReader as crate::io::BufRead>::fill_buf", "Argument[self]", "ReturnValue.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
13+
- ["lang:std", "<crate::io::buffered::bufreader::BufReader>::buffer", "Argument[self]", "ReturnValue", "taint", "manual"]
14+
- ["lang:std", "<crate::io::stdio::Stdin as crate::io::Read>::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
15+
- ["lang:std", "<crate::io::stdio::StdinLock as crate::io::Read>::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
16+
- ["lang:std", "<crate::fs::File as crate::io::Read>::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
17+
- ["lang:std", "crate::io::Read::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
18+
- ["lang:std", "<crate::io::stdio::Stdin as crate::io::Read>::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
19+
- ["lang:std", "<crate::io::stdio::StdinLock as crate::io::Read>::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
20+
- ["lang:std", "<crate::fs::File as crate::io::Read>::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
21+
- ["lang:std", "crate::io::Read::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
22+
- ["lang:std", ":<crate::io::stdio::Stdin as crate::io::Read>::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
23+
- ["lang:std", ":<crate::io::stdio::StdinLock as crate::io::Read>::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
24+
- ["lang:std", "<crate::fs::File as crate::io::Read>::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
25+
- ["lang:std", "crate::io::Read::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
26+
- ["lang:std", "<crate::io::stdio::Stdin as crate::io::Read>::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
27+
- ["lang:std", "<crate::io::stdio::StdinLock as crate::io::Read>::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
28+
- ["lang:std", "<crate::fs::File as crate::io::Read>::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
29+
- ["lang:std", "crate::io::Read::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
30+
- ["lang:std", "crate::io::BufRead::read_line", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
31+
- ["lang:std", "crate::io::BufRead::read_until", "Argument[self]", "Argument[1].Reference", "taint", "manual"]
32+
- ["lang:std", "crate::io::BufRead::split", "Argument[self]", "ReturnValue", "taint", "manual"]
33+
- ["lang:std", "crate::io::BufRead::lines", "Argument[self]", "ReturnValue", "taint", "manual"]
34+
- ["lang:std", "crate::io::Read::bytes", "Argument[self]", "ReturnValue", "taint", "manual"]
35+
- ["lang:std", "crate::io::Read::chain", "Argument[self]", "ReturnValue", "taint", "manual"]
36+
- ["lang:std", "crate::io::Read::chain", "Argument[0]", "ReturnValue", "taint", "manual"]
37+
- ["lang:std", "crate::io::Read::take", "Argument[self]", "ReturnValue", "taint", "manual"]
38+
- ["lang:std", "<crate::io::stdio::Stdin>::lock", "Argument[self]", "ReturnValue", "taint", "manual"]

rust/ql/test/library-tests/dataflow/sources/test.rs

Lines changed: 17 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -241,7 +241,7 @@ fn test_io_fs() -> std::io::Result<()> {
241241
{
242242
let mut buffer = [0u8; 100];
243243
let _bytes = std::io::stdin().read(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
244-
sink(&buffer); // $ MISSING: hasTaintFlow
244+
sink(&buffer); // $ hasTaintFlow
245245
}
246246

247247
{
@@ -253,17 +253,17 @@ fn test_io_fs() -> std::io::Result<()> {
253253
{
254254
let mut buffer = String::new();
255255
let _bytes = std::io::stdin().read_to_string(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
256-
sink(&buffer); // $ MISSING: hasTaintFlow
256+
sink(&buffer); // $ hasTaintFlow
257257
}
258258

259259
{
260260
let mut buffer = [0; 100];
261261
std::io::stdin().read_exact(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
262-
sink(&buffer); // $ MISSING: hasTaintFlow
262+
sink(&buffer); // $ hasTaintFlow
263263
}
264264

265265
for byte in std::io::stdin().bytes() { // $ Alert[rust/summary/taint-sources]
266-
sink(byte); // $ MISSING: hasTaintFlow
266+
sink(byte); // $ hasTaintFlow
267267
}
268268

269269
// --- file ---
@@ -273,57 +273,57 @@ fn test_io_fs() -> std::io::Result<()> {
273273
{
274274
let mut buffer = [0u8; 100];
275275
let _bytes = file.read(&mut buffer)?;
276-
sink(&buffer); // $ MISSING: hasTaintFlow
276+
sink(&buffer); // $ hasTaintFlow="file.txt"
277277
}
278278

279279
{
280280
let mut buffer = Vec::<u8>::new();
281281
let _bytes = file.read_to_end(&mut buffer)?;
282-
sink(&buffer); // $ MISSING: hasTaintFlow
282+
sink(&buffer); // $ hasTaintFlow="file.txt"
283283
}
284284

285285
{
286286
let mut buffer = String::new();
287287
let _bytes = file.read_to_string(&mut buffer)?;
288-
sink(&buffer); // $ MISSING: hasTaintFlow
288+
sink(&buffer); // $ hasTaintFlow="file.txt"
289289
}
290290

291291
{
292292
let mut buffer = [0; 100];
293293
file.read_exact(&mut buffer)?;
294-
sink(&buffer); // $ MISSING: hasTaintFlow
294+
sink(&buffer); // $ hasTaintFlow="file.txt"
295295
}
296296

297297
for byte in file.bytes() {
298-
sink(byte); // $ MISSING: hasTaintFlow
298+
sink(byte); // $ hasTaintFlow="file.txt"
299299
}
300300

301301
// --- BufReader ---
302302

303303
{
304304
let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
305305
let data = reader.fill_buf()?;
306-
sink(&data); // $ MISSING: hasTaintFlow
306+
sink(&data); // $ hasTaintFlow
307307
}
308308

309309
{
310310
let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
311311
let data = reader.buffer();
312-
sink(&data); // $ MISSING: hasTaintFlow
312+
sink(&data); // $ hasTaintFlow
313313
}
314314

315315
{
316316
let mut buffer = String::new();
317317
let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
318318
reader.read_line(&mut buffer)?;
319-
sink(&buffer); // $ MISSING: hasTaintFlow
319+
sink(&buffer); // $ hasTaintFlow
320320
}
321321

322322
{
323323
let mut buffer = Vec::<u8>::new();
324324
let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
325325
reader.read_until(b',', &mut buffer)?;
326-
sink(&buffer); // $ MISSING: hasTaintFlow
326+
sink(&buffer); // $ hasTaintFlow
327327
}
328328

329329
{
@@ -337,7 +337,7 @@ fn test_io_fs() -> std::io::Result<()> {
337337
{
338338
let mut reader = std::io::BufReader::new(std::io::stdin()); // $ Alert[rust/summary/taint-sources]
339339
for line in reader.lines() {
340-
sink(line); // $ MISSING: Alert[rust/summary/taint-sources]
340+
sink(line); // $ hasTaintFlow
341341
}
342342
}
343343

@@ -361,21 +361,21 @@ fn test_io_fs() -> std::io::Result<()> {
361361
let mut file2 = std::fs::File::open("another_file.txt")?; // $ Alert[rust/summary/taint-sources]
362362
let mut reader = file1.chain(file2);
363363
reader.read_to_string(&mut buffer)?;
364-
sink(&buffer); // $ MISSING: hasTaintFlow
364+
sink(&buffer); // $ hasTaintFlow="file.txt" hasTaintFlow="another_file.txt"
365365
}
366366

367367
{
368368
let mut buffer = String::new();
369369
let mut file1 = std::fs::File::open("file.txt")?; // $ Alert[rust/summary/taint-sources]
370370
let mut reader = file1.take(100);
371371
reader.read_to_string(&mut buffer)?;
372-
sink(&buffer); // $ MISSING: hasTaintFlow
372+
sink(&buffer); // $ hasTaintFlow="file.txt"
373373
}
374374

375375
{
376376
let mut buffer = String::new();
377377
let _bytes = std::io::stdin().lock().read_to_string(&mut buffer)?; // $ Alert[rust/summary/taint-sources]
378-
sink(&buffer); // $ MISSING: hasTaintFlow
378+
sink(&buffer); // $ hasTaintFlow
379379
}
380380

381381
Ok(())

0 commit comments

Comments
 (0)