Rust: Add sensitive data to summary queries.

Author: geoffw0

Diff for: rust/ql/src/queries/summary/SensitiveData.ql

@@ -0,0 +1,15 @@
+/**
+ * @name Sensitive Data
+ * @description List all sensitive data found in the database. Sensitive data is anything that
+ *              should not be sent in unencrypted form.
+ * @kind problem
+ * @problem.severity info
+ * @id rust/summary/sensitive-data
+ * @tags summary
+ */
+
+import rust
+import codeql.rust.security.SensitiveData
+
+from SensitiveData d
+select d, "Sensitive data (" + d.getClassification() + "): " + d.toString()

Diff for: rust/ql/src/queries/summary/SummaryStats.ql

@@ -8,6 +8,7 @@
 
 import rust
 import codeql.rust.Concepts
+import codeql.rust.security.SensitiveData
 import codeql.rust.Diagnostics
 import Stats
 
@@ -56,4 +57,6 @@ where
   key = "Taint sources - total" and value = count(ThreatModelSource s)
   or
   key = "Taint sources - active" and value = count(ActiveThreatModelSource s)
+  or
+  key = "Sensitive data" and value = count(SensitiveData d)
 select key, value order by key

Diff for: rust/ql/test/query-tests/diagnostics/SummaryStats.expected

@@ -14,5 +14,6 @@
 | Macro calls - resolved | 8 |
 | Macro calls - total | 9 |
 | Macro calls - unresolved | 1 |
+| Sensitive data | 0 |
 | Taint sources - active | 0 |
 | Taint sources - total | 0 |