diff --git a/rust/ql/lib/codeql/rust/dataflow/FlowSummary.qll b/rust/ql/lib/codeql/rust/dataflow/FlowSummary.qll index 60e76ceff94f..0c41bb6d7a8e 100644 --- a/rust/ql/lib/codeql/rust/dataflow/FlowSummary.qll +++ b/rust/ql/lib/codeql/rust/dataflow/FlowSummary.qll @@ -2,7 +2,6 @@ private import rust private import internal.FlowSummaryImpl as Impl -private import codeql.rust.elements.internal.CallExprBaseImpl::Impl as CallExprBaseImpl // import all instances below private module Summaries { @@ -10,34 +9,10 @@ private module Summaries { private import codeql.rust.dataflow.internal.ModelsAsData } -/** Provides the `Range` class used to define the extent of `LibraryCallable`. */ -module LibraryCallable { - /** A callable defined in library code, identified by a unique string. */ - abstract class Range extends string { - bindingset[this] - Range() { any() } - - /** Gets a call to this library callable. */ - CallExprBase getACall() { - exists(Resolvable r, string crate | - r = CallExprBaseImpl::getCallResolvable(result) and - this = crate + r.getResolvedPath() - | - crate = r.getResolvedCrateOrigin() + "::_::" - or - not r.hasResolvedCrateOrigin() and - crate = "" - ) - } - } -} - -final class LibraryCallable = LibraryCallable::Range; - /** Provides the `Range` class used to define the extent of `SummarizedCallable`. */ module SummarizedCallable { /** A callable with a flow summary, identified by a unique string. */ - abstract class Range extends LibraryCallable::Range, Impl::Public::SummarizedCallable { + abstract class Range extends Impl::Public::SummarizedCallable { bindingset[this] Range() { any() } diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll index 2cf9cc216681..4d7145423068 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll @@ -45,10 +45,12 @@ final class DataFlowCallable extends TDataFlowCallable { /** * Gets the underlying library callable, if any. */ - LibraryCallable asLibraryCallable() { this = TLibraryCallable(result) } + SummarizedCallable asSummarizedCallable() { this = TSummarizedCallable(result) } /** Gets a textual representation of this callable. */ - string toString() { result = [this.asCfgScope().toString(), this.asLibraryCallable().toString()] } + string toString() { + result = [this.asCfgScope().toString(), this.asSummarizedCallable().toString()] + } /** Gets the location of this callable. */ Location getLocation() { result = this.asCfgScope().getLocation() } @@ -65,12 +67,9 @@ final class DataFlowCall extends TDataFlowCall { } DataFlowCallable getEnclosingCallable() { - result = TCfgScope(this.asCallCfgNode().getExpr().getEnclosingCfgScope()) + result.asCfgScope() = this.asCallCfgNode().getExpr().getEnclosingCfgScope() or - exists(FlowSummaryImpl::Public::SummarizedCallable c | - this.isSummaryCall(c, _) and - result = TLibraryCallable(c) - ) + this.isSummaryCall(result.asSummarizedCallable(), _) } string toString() { @@ -401,9 +400,11 @@ module RustDataFlow implements InputSig { /** Gets a viable implementation of the target of the given `Call`. */ DataFlowCallable viableCallable(DataFlowCall call) { - result.asCfgScope() = call.asCallCfgNode().getCall().getStaticTarget() - or - result.asLibraryCallable().getACall() = call.asCallCfgNode().getCall() + exists(Callable target | target = call.asCallCfgNode().getCall().getStaticTarget() | + target = result.asCfgScope() + or + target = result.asSummarizedCallable() + ) } /** @@ -757,7 +758,7 @@ module RustDataFlow implements InputSig { predicate allowParameterReturnInSelf(ParameterNode p) { exists(DataFlowCallable c, ParameterPosition pos | p.isParameterOf(c, pos) and - FlowSummaryImpl::Private::summaryAllowParameterReturnInSelf(c.asLibraryCallable(), pos) + FlowSummaryImpl::Private::summaryAllowParameterReturnInSelf(c.asSummarizedCallable(), pos) ) or VariableCapture::Flow::heuristicAllowInstanceParameterReturnInSelf(p.(ClosureParameterNode) @@ -968,7 +969,7 @@ private module Cached { cached newtype TDataFlowCallable = TCfgScope(CfgScope scope) or - TLibraryCallable(LibraryCallable c) + TSummarizedCallable(SummarizedCallable c) /** This is the local flow predicate that is exposed. */ cached diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/FlowSummaryImpl.qll b/rust/ql/lib/codeql/rust/dataflow/internal/FlowSummaryImpl.qll index e46abc4dd371..d10c342c6c5d 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/FlowSummaryImpl.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/FlowSummaryImpl.qll @@ -13,7 +13,7 @@ module Input implements InputSig { private import codeql.rust.elements.internal.CallExprBaseImpl::Impl as CallExprBaseImpl private import codeql.rust.frameworks.stdlib.Stdlib - class SummarizedCallableBase = string; + class SummarizedCallableBase = Function; abstract private class SourceSinkBase extends AstNode { /** Gets the associated call. */ @@ -138,7 +138,7 @@ private import Make as Impl private module StepsInput implements Impl::Private::StepsInputSig { DataFlowCall getACall(Public::SummarizedCallable sc) { - result.asCallCfgNode().getCall() = sc.(LibraryCallable).getACall() + result.asCallCfgNode().getCall().getStaticTarget() = sc } RustDataFlow::Node getSourceNode(Input::SourceBase source, Impl::Private::SummaryComponent sc) { diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll b/rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll index a879157af5e0..00ac7058cc90 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll @@ -47,6 +47,7 @@ private import rust private import codeql.rust.dataflow.FlowSummary private import codeql.rust.dataflow.FlowSource private import codeql.rust.dataflow.FlowSink +private import codeql.rust.elements.internal.CallExprBaseImpl::Impl as CallExprBaseImpl /** * Holds if in a call to the function with canonical path `path`, defined in the @@ -120,7 +121,12 @@ private class SummarizedCallableFromModel extends SummarizedCallable::Range { SummarizedCallableFromModel() { summaryModel(crate, path, _, _, _, _, _) and - this = crate + "::_::" + path + exists(CallExprBase call, Resolvable r | + call.getStaticTarget() = this and + r = CallExprBaseImpl::getCallResolvable(call) and + r.getResolvedPath() = path and + r.getResolvedCrateOrigin() = crate + ) } override predicate propagatesFlow( diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/Node.qll b/rust/ql/lib/codeql/rust/dataflow/internal/Node.qll index 939cb45a0ca5..51343c1eb40a 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/Node.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/Node.qll @@ -44,7 +44,7 @@ abstract class NodePublic extends TNode { abstract class Node extends NodePublic { /** Gets the enclosing callable. */ - DataFlowCallable getEnclosingCallable() { result = TCfgScope(this.getCfgScope()) } + DataFlowCallable getEnclosingCallable() { result.asCfgScope() = this.getCfgScope() } /** Do not call: use `getEnclosingCallable()` instead. */ abstract CfgScope getCfgScope(); @@ -102,9 +102,9 @@ class FlowSummaryNode extends Node, TFlowSummaryNode { } override DataFlowCallable getEnclosingCallable() { - result.asLibraryCallable() = this.getSummarizedCallable() - or result.asCfgScope() = this.getCfgScope() + or + result.asSummarizedCallable() = this.getSummarizedCallable() } override Location getLocation() { @@ -195,7 +195,7 @@ final class SummaryParameterNode extends ParameterNode, FlowSummaryNode { } override predicate isParameterOf(DataFlowCallable c, ParameterPosition pos) { - this.getSummarizedCallable() = c.asLibraryCallable() and pos = pos_ + this.getSummarizedCallable() = c.asSummarizedCallable() and pos = pos_ } } diff --git a/rust/ql/lib/codeql/rust/frameworks/stdlib/Clone.qll b/rust/ql/lib/codeql/rust/frameworks/stdlib/Clone.qll index 8d3c41c47082..954792ec61e4 100644 --- a/rust/ql/lib/codeql/rust/frameworks/stdlib/Clone.qll +++ b/rust/ql/lib/codeql/rust/frameworks/stdlib/Clone.qll @@ -6,13 +6,9 @@ private import codeql.rust.dataflow.FlowSummary /** A `clone` method. */ final class CloneCallable extends SummarizedCallable::Range { CloneCallable() { - // NOTE: The function target may not exist in the database, so we base this - // on method calls. - exists(MethodCallExpr c | - c.getIdentifier().getText() = "clone" and - c.getArgList().getNumberOfArgs() = 0 and - this = c.getResolvedCrateOrigin() + "::_::" + c.getResolvedPath() - ) + this.getParamList().hasSelfParam() and + this.getParamList().getNumberOfParams() = 0 and + this.getName().getText() = "clone" } final override predicate propagatesFlow( diff --git a/rust/ql/lib/codeql/rust/internal/PathResolution.qll b/rust/ql/lib/codeql/rust/internal/PathResolution.qll index dcbda16fcbfd..c10cdc0140eb 100644 --- a/rust/ql/lib/codeql/rust/internal/PathResolution.qll +++ b/rust/ql/lib/codeql/rust/internal/PathResolution.qll @@ -1522,8 +1522,8 @@ private module Debug { private Locatable getRelevantLocatable() { exists(string filepath, int startline, int startcolumn, int endline, int endcolumn | result.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and - filepath.matches("%/test.rs") and - startline = 74 + filepath.matches("%/main.rs") and + startline = 52 ) } diff --git a/rust/ql/lib/codeql/rust/internal/TypeInference.qll b/rust/ql/lib/codeql/rust/internal/TypeInference.qll index 3248812b2bfc..b618c3fb8cb1 100644 --- a/rust/ql/lib/codeql/rust/internal/TypeInference.qll +++ b/rust/ql/lib/codeql/rust/internal/TypeInference.qll @@ -1170,6 +1170,7 @@ final class MethodCall extends Call { * Holds if a method for `type` with the name `name` and the arity `arity` * exists in `impl`. */ +pragma[nomagic] private predicate methodCandidate(Type type, string name, int arity, Impl impl) { type = impl.getSelfTy().(TypeMention).resolveType() and exists(Function f | @@ -1579,8 +1580,8 @@ private module Debug { private Locatable getRelevantLocatable() { exists(string filepath, int startline, int startcolumn, int endline, int endcolumn | result.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and - filepath.matches("%/main.rs") and - startline = 1718 + filepath.matches("%/sqlx.rs") and + startline = [56 .. 60] ) } diff --git a/rust/ql/test/library-tests/dataflow/global/viableCallable.expected b/rust/ql/test/library-tests/dataflow/global/viableCallable.expected index 822ce4e0a323..be147a36ed3f 100644 --- a/rust/ql/test/library-tests/dataflow/global/viableCallable.expected +++ b/rust/ql/test/library-tests/dataflow/global/viableCallable.expected @@ -75,10 +75,10 @@ | main.rs:279:17:279:25 | source(...) | main.rs:1:1:3:1 | fn source | | main.rs:280:9:280:15 | sink(...) | main.rs:5:1:7:1 | fn sink | | main.rs:283:5:283:17 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:287:13:287:55 | ...::block_on(...) | file://:0:0:0:0 | repo:https://github.com/rust-lang/futures-rs:futures-executor::_::crate::local_pool::block_on | +| main.rs:287:13:287:55 | ...::block_on(...) | file://:0:0:0:0 | fn block_on | | main.rs:287:41:287:54 | async_source(...) | main.rs:268:1:272:1 | fn async_source | | main.rs:288:5:288:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:290:5:290:62 | ...::block_on(...) | file://:0:0:0:0 | repo:https://github.com/rust-lang/futures-rs:futures-executor::_::crate::local_pool::block_on | +| main.rs:290:5:290:62 | ...::block_on(...) | file://:0:0:0:0 | fn block_on | | main.rs:290:33:290:61 | test_async_await_async_part(...) | main.rs:274:1:284:1 | fn test_async_await_async_part | | main.rs:294:5:294:22 | data_out_of_call(...) | main.rs:16:1:19:1 | fn data_out_of_call | | main.rs:295:5:295:35 | data_out_of_call_side_effect1(...) | main.rs:35:1:40:1 | fn data_out_of_call_side_effect1 | diff --git a/rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected b/rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected index f588371ed436..dd9bb4ae810e 100644 --- a/rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected +++ b/rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected @@ -1,5 +1,4 @@ localStep -| file://:0:0:0:0 | [summary param] self in lang:std::_::::canonicalize | file://:0:0:0:0 | [summary] read: Argument[self].OptionalBarrier[normalize-path] in lang:std::_::::canonicalize | | main.rs:3:11:3:11 | [SSA] i | main.rs:4:12:4:12 | i | | main.rs:3:11:3:11 | i | main.rs:3:11:3:11 | [SSA] i | | main.rs:3:11:3:11 | i | main.rs:3:11:3:11 | i | @@ -323,46 +322,46 @@ localStep | main.rs:263:9:263:10 | i1 | main.rs:263:9:263:10 | i1 | | main.rs:263:14:263:16 | TryExpr | main.rs:263:9:263:10 | i1 | | main.rs:266:5:266:11 | Some(...) | main.rs:260:41:267:1 | { ... } | -| main.rs:270:9:270:10 | [SSA] r1 | main.rs:271:29:271:30 | r1 | +| main.rs:270:9:270:10 | [SSA] r1 | main.rs:271:28:271:29 | r1 | | main.rs:270:9:270:10 | r1 | main.rs:270:9:270:10 | [SSA] r1 | | main.rs:270:9:270:10 | r1 | main.rs:270:9:270:10 | r1 | -| main.rs:270:33:270:46 | Ok(...) | main.rs:270:9:270:10 | r1 | +| main.rs:270:32:270:45 | Ok(...) | main.rs:270:9:270:10 | r1 | | main.rs:271:9:271:11 | [SSA] o1a | main.rs:273:10:273:12 | o1a | | main.rs:271:9:271:11 | o1a | main.rs:271:9:271:11 | [SSA] o1a | | main.rs:271:9:271:11 | o1a | main.rs:271:9:271:11 | o1a | -| main.rs:271:29:271:30 | [post] r1 | main.rs:272:29:272:30 | r1 | -| main.rs:271:29:271:30 | [post] receiver for r1 | main.rs:271:29:271:30 | [post] r1 | -| main.rs:271:29:271:30 | r1 | main.rs:271:29:271:30 | receiver for r1 | -| main.rs:271:29:271:30 | r1 | main.rs:272:29:272:30 | r1 | -| main.rs:271:29:271:35 | r1.ok() | main.rs:271:9:271:11 | o1a | +| main.rs:271:28:271:29 | [post] r1 | main.rs:272:28:272:29 | r1 | +| main.rs:271:28:271:29 | [post] receiver for r1 | main.rs:271:28:271:29 | [post] r1 | +| main.rs:271:28:271:29 | r1 | main.rs:271:28:271:29 | receiver for r1 | +| main.rs:271:28:271:29 | r1 | main.rs:272:28:272:29 | r1 | +| main.rs:271:28:271:34 | r1.ok() | main.rs:271:9:271:11 | o1a | | main.rs:272:9:272:11 | [SSA] o1b | main.rs:274:10:274:12 | o1b | | main.rs:272:9:272:11 | o1b | main.rs:272:9:272:11 | [SSA] o1b | | main.rs:272:9:272:11 | o1b | main.rs:272:9:272:11 | o1b | -| main.rs:272:29:272:30 | [post] receiver for r1 | main.rs:272:29:272:30 | [post] r1 | -| main.rs:272:29:272:30 | r1 | main.rs:272:29:272:30 | receiver for r1 | -| main.rs:272:29:272:36 | r1.err() | main.rs:272:9:272:11 | o1b | +| main.rs:272:28:272:29 | [post] receiver for r1 | main.rs:272:28:272:29 | [post] r1 | +| main.rs:272:28:272:29 | r1 | main.rs:272:28:272:29 | receiver for r1 | +| main.rs:272:28:272:35 | r1.err() | main.rs:272:9:272:11 | o1b | | main.rs:273:10:273:12 | [post] receiver for o1a | main.rs:273:10:273:12 | [post] o1a | | main.rs:273:10:273:12 | o1a | main.rs:273:10:273:12 | receiver for o1a | | main.rs:274:10:274:12 | [post] receiver for o1b | main.rs:274:10:274:12 | [post] o1b | | main.rs:274:10:274:12 | o1b | main.rs:274:10:274:12 | receiver for o1b | -| main.rs:276:9:276:10 | [SSA] r2 | main.rs:277:29:277:30 | r2 | +| main.rs:276:9:276:10 | [SSA] r2 | main.rs:277:28:277:29 | r2 | | main.rs:276:9:276:10 | r2 | main.rs:276:9:276:10 | [SSA] r2 | | main.rs:276:9:276:10 | r2 | main.rs:276:9:276:10 | r2 | -| main.rs:276:33:276:47 | Err(...) | main.rs:276:9:276:10 | r2 | +| main.rs:276:32:276:46 | Err(...) | main.rs:276:9:276:10 | r2 | | main.rs:277:9:277:11 | [SSA] o2a | main.rs:279:10:279:12 | o2a | | main.rs:277:9:277:11 | o2a | main.rs:277:9:277:11 | [SSA] o2a | | main.rs:277:9:277:11 | o2a | main.rs:277:9:277:11 | o2a | -| main.rs:277:29:277:30 | [post] r2 | main.rs:278:29:278:30 | r2 | -| main.rs:277:29:277:30 | [post] receiver for r2 | main.rs:277:29:277:30 | [post] r2 | -| main.rs:277:29:277:30 | r2 | main.rs:277:29:277:30 | receiver for r2 | -| main.rs:277:29:277:30 | r2 | main.rs:278:29:278:30 | r2 | -| main.rs:277:29:277:35 | r2.ok() | main.rs:277:9:277:11 | o2a | +| main.rs:277:28:277:29 | [post] r2 | main.rs:278:28:278:29 | r2 | +| main.rs:277:28:277:29 | [post] receiver for r2 | main.rs:277:28:277:29 | [post] r2 | +| main.rs:277:28:277:29 | r2 | main.rs:277:28:277:29 | receiver for r2 | +| main.rs:277:28:277:29 | r2 | main.rs:278:28:278:29 | r2 | +| main.rs:277:28:277:34 | r2.ok() | main.rs:277:9:277:11 | o2a | | main.rs:278:9:278:11 | [SSA] o2b | main.rs:280:10:280:12 | o2b | | main.rs:278:9:278:11 | o2b | main.rs:278:9:278:11 | [SSA] o2b | | main.rs:278:9:278:11 | o2b | main.rs:278:9:278:11 | o2b | -| main.rs:278:29:278:30 | [post] receiver for r2 | main.rs:278:29:278:30 | [post] r2 | -| main.rs:278:29:278:30 | r2 | main.rs:278:29:278:30 | receiver for r2 | -| main.rs:278:29:278:36 | r2.err() | main.rs:278:9:278:11 | o2b | +| main.rs:278:28:278:29 | [post] receiver for r2 | main.rs:278:28:278:29 | [post] r2 | +| main.rs:278:28:278:29 | r2 | main.rs:278:28:278:29 | receiver for r2 | +| main.rs:278:28:278:35 | r2.err() | main.rs:278:9:278:11 | o2b | | main.rs:279:10:279:12 | [post] receiver for o2a | main.rs:279:10:279:12 | [post] o2a | | main.rs:279:10:279:12 | o2a | main.rs:279:10:279:12 | receiver for o2a | | main.rs:280:10:280:12 | [post] receiver for o2b | main.rs:280:10:280:12 | [post] o2b | @@ -702,23 +701,23 @@ localStep | main.rs:469:9:469:9 | [SSA] c | main.rs:474:10:474:10 | c | | main.rs:469:9:469:9 | c | main.rs:469:9:469:9 | [SSA] c | | main.rs:469:9:469:9 | c | main.rs:469:9:469:9 | c | -| main.rs:469:13:469:13 | [post] b | main.rs:470:19:470:19 | b | +| main.rs:469:13:469:13 | [post] b | main.rs:470:18:470:18 | b | | main.rs:469:13:469:13 | [post] receiver for b | main.rs:469:13:469:13 | [post] b | | main.rs:469:13:469:13 | b | main.rs:469:13:469:13 | receiver for b | -| main.rs:469:13:469:13 | b | main.rs:470:19:470:19 | b | +| main.rs:469:13:469:13 | b | main.rs:470:18:470:18 | b | | main.rs:469:13:469:28 | [post] receiver for b.parse() | main.rs:469:13:469:28 | [post] b.parse() | | main.rs:469:13:469:28 | b.parse() | main.rs:469:13:469:28 | receiver for b.parse() | | main.rs:469:13:469:37 | ... .unwrap() | main.rs:469:9:469:9 | c | | main.rs:470:9:470:9 | [SSA] d | main.rs:475:10:475:10 | d | | main.rs:470:9:470:9 | d | main.rs:470:9:470:9 | [SSA] d | | main.rs:470:9:470:9 | d | main.rs:470:9:470:9 | d | -| main.rs:470:19:470:19 | [post] b | main.rs:473:17:473:17 | b | -| main.rs:470:19:470:19 | [post] receiver for b | main.rs:470:19:470:19 | [post] b | -| main.rs:470:19:470:19 | b | main.rs:470:19:470:19 | receiver for b | -| main.rs:470:19:470:19 | b | main.rs:473:17:473:17 | b | -| main.rs:470:19:470:27 | [post] receiver for b.parse() | main.rs:470:19:470:27 | [post] b.parse() | -| main.rs:470:19:470:27 | b.parse() | main.rs:470:19:470:27 | receiver for b.parse() | -| main.rs:470:19:470:36 | ... .unwrap() | main.rs:470:9:470:9 | d | +| main.rs:470:18:470:18 | [post] b | main.rs:473:17:473:17 | b | +| main.rs:470:18:470:18 | [post] receiver for b | main.rs:470:18:470:18 | [post] b | +| main.rs:470:18:470:18 | b | main.rs:470:18:470:18 | receiver for b | +| main.rs:470:18:470:18 | b | main.rs:473:17:473:17 | b | +| main.rs:470:18:470:26 | [post] receiver for b.parse() | main.rs:470:18:470:26 | [post] b.parse() | +| main.rs:470:18:470:26 | b.parse() | main.rs:470:18:470:26 | receiver for b.parse() | +| main.rs:470:18:470:35 | ... .unwrap() | main.rs:470:9:470:9 | d | | main.rs:479:9:479:10 | [SSA] vs | main.rs:481:10:481:11 | vs | | main.rs:479:9:479:10 | vs | main.rs:479:9:479:10 | [SSA] vs | | main.rs:479:9:479:10 | vs | main.rs:479:9:479:10 | vs | @@ -749,19 +748,19 @@ localStep | main.rs:488:10:488:10 | v | main.rs:488:10:488:10 | [SSA] v | | main.rs:488:10:488:10 | v | main.rs:488:10:488:10 | v | | main.rs:488:15:488:16 | [post] receiver for vs | main.rs:488:15:488:16 | [post] vs | -| main.rs:488:15:488:16 | [post] vs | main.rs:492:27:492:28 | vs | +| main.rs:488:15:488:16 | [post] vs | main.rs:492:26:492:27 | vs | | main.rs:488:15:488:16 | vs | main.rs:488:15:488:16 | receiver for vs | -| main.rs:488:15:488:16 | vs | main.rs:492:27:492:28 | vs | +| main.rs:488:15:488:16 | vs | main.rs:492:26:492:27 | vs | | main.rs:492:9:492:11 | [SSA] vs2 | main.rs:493:15:493:17 | vs2 | | main.rs:492:9:492:11 | vs2 | main.rs:492:9:492:11 | [SSA] vs2 | | main.rs:492:9:492:11 | vs2 | main.rs:492:9:492:11 | vs2 | -| main.rs:492:27:492:28 | [post] receiver for vs | main.rs:492:27:492:28 | [post] vs | -| main.rs:492:27:492:28 | [post] vs | main.rs:497:5:497:6 | vs | -| main.rs:492:27:492:28 | vs | main.rs:492:27:492:28 | receiver for vs | -| main.rs:492:27:492:28 | vs | main.rs:497:5:497:6 | vs | -| main.rs:492:27:492:35 | [post] receiver for vs.iter() | main.rs:492:27:492:35 | [post] vs.iter() | -| main.rs:492:27:492:35 | vs.iter() | main.rs:492:27:492:35 | receiver for vs.iter() | -| main.rs:492:27:492:45 | ... .collect() | main.rs:492:9:492:11 | vs2 | +| main.rs:492:26:492:27 | [post] receiver for vs | main.rs:492:26:492:27 | [post] vs | +| main.rs:492:26:492:27 | [post] vs | main.rs:497:5:497:6 | vs | +| main.rs:492:26:492:27 | vs | main.rs:492:26:492:27 | receiver for vs | +| main.rs:492:26:492:27 | vs | main.rs:497:5:497:6 | vs | +| main.rs:492:26:492:34 | [post] receiver for vs.iter() | main.rs:492:26:492:34 | [post] vs.iter() | +| main.rs:492:26:492:34 | vs.iter() | main.rs:492:26:492:34 | receiver for vs.iter() | +| main.rs:492:26:492:44 | ... .collect() | main.rs:492:9:492:11 | vs2 | | main.rs:493:10:493:10 | [SSA] v | main.rs:494:14:494:14 | v | | main.rs:493:10:493:10 | v | main.rs:493:10:493:10 | [SSA] v | | main.rs:493:10:493:10 | v | main.rs:493:10:493:10 | v | @@ -963,7 +962,7 @@ readStep | main.rs:444:41:444:67 | [post] \|...\| ... | main.rs:441:9:441:20 | captured default_name | main.rs:444:41:444:67 | [post] default_name | | main.rs:444:44:444:55 | this | main.rs:441:9:441:20 | captured default_name | main.rs:444:44:444:55 | default_name | | main.rs:469:13:469:13 | [post] receiver for b | file://:0:0:0:0 | &ref | main.rs:469:13:469:13 | [post] b | -| main.rs:470:19:470:19 | [post] receiver for b | file://:0:0:0:0 | &ref | main.rs:470:19:470:19 | [post] b | +| main.rs:470:18:470:18 | [post] receiver for b | file://:0:0:0:0 | &ref | main.rs:470:18:470:18 | [post] b | | main.rs:481:10:481:11 | vs | file://:0:0:0:0 | element | main.rs:481:10:481:14 | vs[0] | | main.rs:482:11:482:35 | ... .unwrap() | file://:0:0:0:0 | &ref | main.rs:482:10:482:35 | * ... | | main.rs:483:11:483:35 | ... .unwrap() | file://:0:0:0:0 | &ref | main.rs:483:10:483:35 | * ... | @@ -1023,8 +1022,8 @@ storeStep | main.rs:261:19:261:28 | source(...) | {EXTERNAL LOCATION} | Some | main.rs:261:14:261:29 | Some(...) | | main.rs:262:19:262:19 | 2 | {EXTERNAL LOCATION} | Some | main.rs:262:14:262:20 | Some(...) | | main.rs:266:10:266:10 | 0 | {EXTERNAL LOCATION} | Some | main.rs:266:5:266:11 | Some(...) | -| main.rs:270:36:270:45 | source(...) | {EXTERNAL LOCATION} | Ok | main.rs:270:33:270:46 | Ok(...) | -| main.rs:276:37:276:46 | source(...) | {EXTERNAL LOCATION} | Err | main.rs:276:33:276:47 | Err(...) | +| main.rs:270:35:270:44 | source(...) | {EXTERNAL LOCATION} | Ok | main.rs:270:32:270:45 | Ok(...) | +| main.rs:276:36:276:45 | source(...) | {EXTERNAL LOCATION} | Err | main.rs:276:32:276:46 | Err(...) | | main.rs:284:35:284:44 | source(...) | {EXTERNAL LOCATION} | Ok | main.rs:284:32:284:45 | Ok(...) | | main.rs:285:35:285:35 | 2 | {EXTERNAL LOCATION} | Ok | main.rs:285:32:285:36 | Ok(...) | | main.rs:286:36:286:45 | source(...) | {EXTERNAL LOCATION} | Err | main.rs:286:32:286:46 | Err(...) | @@ -1061,7 +1060,7 @@ storeStep | main.rs:432:18:432:27 | source(...) | file://:0:0:0:0 | element | main.rs:432:5:432:11 | [post] mut_arr | | main.rs:444:41:444:67 | default_name | main.rs:441:9:441:20 | captured default_name | main.rs:444:41:444:67 | \|...\| ... | | main.rs:469:13:469:13 | b | file://:0:0:0:0 | &ref | main.rs:469:13:469:13 | receiver for b | -| main.rs:470:19:470:19 | b | file://:0:0:0:0 | &ref | main.rs:470:19:470:19 | receiver for b | +| main.rs:470:18:470:18 | b | file://:0:0:0:0 | &ref | main.rs:470:18:470:18 | receiver for b | | main.rs:479:15:479:24 | source(...) | file://:0:0:0:0 | element | main.rs:479:14:479:34 | [...] | | main.rs:479:27:479:27 | 2 | file://:0:0:0:0 | element | main.rs:479:14:479:34 | [...] | | main.rs:479:30:479:30 | 3 | file://:0:0:0:0 | element | main.rs:479:14:479:34 | [...] | diff --git a/rust/ql/test/library-tests/dataflow/local/inline-flow.expected b/rust/ql/test/library-tests/dataflow/local/inline-flow.expected index 77e462c2dce4..5d9fabca983d 100644 --- a/rust/ql/test/library-tests/dataflow/local/inline-flow.expected +++ b/rust/ql/test/library-tests/dataflow/local/inline-flow.expected @@ -117,16 +117,16 @@ edges | main.rs:263:9:263:10 | i1 | main.rs:264:10:264:11 | i1 | provenance | | | main.rs:263:14:263:15 | s1 [Some] | main.rs:263:14:263:16 | TryExpr | provenance | | | main.rs:263:14:263:16 | TryExpr | main.rs:263:9:263:10 | i1 | provenance | | -| main.rs:270:9:270:10 | r1 [Ok] | main.rs:271:29:271:35 | r1.ok() [Some] | provenance | MaD:11 | -| main.rs:270:33:270:46 | Ok(...) [Ok] | main.rs:270:9:270:10 | r1 [Ok] | provenance | | -| main.rs:270:36:270:45 | source(...) | main.rs:270:33:270:46 | Ok(...) [Ok] | provenance | | +| main.rs:270:9:270:10 | r1 [Ok] | main.rs:271:28:271:34 | r1.ok() [Some] | provenance | MaD:11 | +| main.rs:270:32:270:45 | Ok(...) [Ok] | main.rs:270:9:270:10 | r1 [Ok] | provenance | | +| main.rs:270:35:270:44 | source(...) | main.rs:270:32:270:45 | Ok(...) [Ok] | provenance | | | main.rs:271:9:271:11 | o1a [Some] | main.rs:273:10:273:21 | o1a.unwrap() | provenance | MaD:3 | -| main.rs:271:29:271:35 | r1.ok() [Some] | main.rs:271:9:271:11 | o1a [Some] | provenance | | -| main.rs:276:9:276:10 | r2 [Err] | main.rs:278:29:278:36 | r2.err() [Some] | provenance | MaD:8 | -| main.rs:276:33:276:47 | Err(...) [Err] | main.rs:276:9:276:10 | r2 [Err] | provenance | | -| main.rs:276:37:276:46 | source(...) | main.rs:276:33:276:47 | Err(...) [Err] | provenance | | +| main.rs:271:28:271:34 | r1.ok() [Some] | main.rs:271:9:271:11 | o1a [Some] | provenance | | +| main.rs:276:9:276:10 | r2 [Err] | main.rs:278:28:278:35 | r2.err() [Some] | provenance | MaD:8 | +| main.rs:276:32:276:46 | Err(...) [Err] | main.rs:276:9:276:10 | r2 [Err] | provenance | | +| main.rs:276:36:276:45 | source(...) | main.rs:276:32:276:46 | Err(...) [Err] | provenance | | | main.rs:278:9:278:11 | o2b [Some] | main.rs:280:10:280:21 | o2b.unwrap() | provenance | MaD:3 | -| main.rs:278:29:278:36 | r2.err() [Some] | main.rs:278:9:278:11 | o2b [Some] | provenance | | +| main.rs:278:28:278:35 | r2.err() [Some] | main.rs:278:9:278:11 | o2b [Some] | provenance | | | main.rs:284:9:284:10 | s1 [Ok] | main.rs:287:14:287:15 | s1 [Ok] | provenance | | | main.rs:284:32:284:45 | Ok(...) [Ok] | main.rs:284:9:284:10 | s1 [Ok] | provenance | | | main.rs:284:35:284:44 | source(...) | main.rs:284:32:284:45 | Ok(...) [Ok] | provenance | | @@ -373,16 +373,16 @@ nodes | main.rs:263:14:263:16 | TryExpr | semmle.label | TryExpr | | main.rs:264:10:264:11 | i1 | semmle.label | i1 | | main.rs:270:9:270:10 | r1 [Ok] | semmle.label | r1 [Ok] | -| main.rs:270:33:270:46 | Ok(...) [Ok] | semmle.label | Ok(...) [Ok] | -| main.rs:270:36:270:45 | source(...) | semmle.label | source(...) | +| main.rs:270:32:270:45 | Ok(...) [Ok] | semmle.label | Ok(...) [Ok] | +| main.rs:270:35:270:44 | source(...) | semmle.label | source(...) | | main.rs:271:9:271:11 | o1a [Some] | semmle.label | o1a [Some] | -| main.rs:271:29:271:35 | r1.ok() [Some] | semmle.label | r1.ok() [Some] | +| main.rs:271:28:271:34 | r1.ok() [Some] | semmle.label | r1.ok() [Some] | | main.rs:273:10:273:21 | o1a.unwrap() | semmle.label | o1a.unwrap() | | main.rs:276:9:276:10 | r2 [Err] | semmle.label | r2 [Err] | -| main.rs:276:33:276:47 | Err(...) [Err] | semmle.label | Err(...) [Err] | -| main.rs:276:37:276:46 | source(...) | semmle.label | source(...) | +| main.rs:276:32:276:46 | Err(...) [Err] | semmle.label | Err(...) [Err] | +| main.rs:276:36:276:45 | source(...) | semmle.label | source(...) | | main.rs:278:9:278:11 | o2b [Some] | semmle.label | o2b [Some] | -| main.rs:278:29:278:36 | r2.err() [Some] | semmle.label | r2.err() [Some] | +| main.rs:278:28:278:35 | r2.err() [Some] | semmle.label | r2.err() [Some] | | main.rs:280:10:280:21 | o2b.unwrap() | semmle.label | o2b.unwrap() | | main.rs:284:9:284:10 | s1 [Ok] | semmle.label | s1 [Ok] | | main.rs:284:32:284:45 | Ok(...) [Ok] | semmle.label | Ok(...) [Ok] | @@ -545,8 +545,8 @@ testFailures | main.rs:254:10:254:32 | s1.unwrap_or_else(...) | main.rs:253:19:253:28 | source(...) | main.rs:254:10:254:32 | s1.unwrap_or_else(...) | $@ | main.rs:253:19:253:28 | source(...) | source(...) | | main.rs:257:10:257:41 | s2.unwrap_or_else(...) | main.rs:257:31:257:40 | source(...) | main.rs:257:10:257:41 | s2.unwrap_or_else(...) | $@ | main.rs:257:31:257:40 | source(...) | source(...) | | main.rs:264:10:264:11 | i1 | main.rs:261:19:261:28 | source(...) | main.rs:264:10:264:11 | i1 | $@ | main.rs:261:19:261:28 | source(...) | source(...) | -| main.rs:273:10:273:21 | o1a.unwrap() | main.rs:270:36:270:45 | source(...) | main.rs:273:10:273:21 | o1a.unwrap() | $@ | main.rs:270:36:270:45 | source(...) | source(...) | -| main.rs:280:10:280:21 | o2b.unwrap() | main.rs:276:37:276:46 | source(...) | main.rs:280:10:280:21 | o2b.unwrap() | $@ | main.rs:276:37:276:46 | source(...) | source(...) | +| main.rs:273:10:273:21 | o1a.unwrap() | main.rs:270:35:270:44 | source(...) | main.rs:273:10:273:21 | o1a.unwrap() | $@ | main.rs:270:35:270:44 | source(...) | source(...) | +| main.rs:280:10:280:21 | o2b.unwrap() | main.rs:276:36:276:45 | source(...) | main.rs:280:10:280:21 | o2b.unwrap() | $@ | main.rs:276:36:276:45 | source(...) | source(...) | | main.rs:289:10:289:11 | i1 | main.rs:284:35:284:44 | source(...) | main.rs:289:10:289:11 | i1 | $@ | main.rs:284:35:284:44 | source(...) | source(...) | | main.rs:298:10:298:22 | s1.expect(...) | main.rs:297:35:297:44 | source(...) | main.rs:298:10:298:22 | s1.expect(...) | $@ | main.rs:297:35:297:44 | source(...) | source(...) | | main.rs:303:10:303:26 | s2.expect_err(...) | main.rs:301:36:301:45 | source(...) | main.rs:303:10:303:26 | s2.expect_err(...) | $@ | main.rs:301:36:301:45 | source(...) | source(...) | diff --git a/rust/ql/test/library-tests/dataflow/local/main.rs b/rust/ql/test/library-tests/dataflow/local/main.rs index 4323f58c880b..f8df7cff372b 100644 --- a/rust/ql/test/library-tests/dataflow/local/main.rs +++ b/rust/ql/test/library-tests/dataflow/local/main.rs @@ -267,15 +267,15 @@ fn option_questionmark() -> Option { } fn option_ok() { - let r1 : Result = Ok(source(21)); - let o1a : Option = r1.ok(); - let o1b : Option = r1.err(); + let r1: Result = Ok(source(21)); + let o1a: Option = r1.ok(); + let o1b: Option = r1.err(); sink(o1a.unwrap()); // $ hasValueFlow=21 sink(o1b.unwrap()); - let r2 : Result = Err(source(22)); - let o2a : Option = r2.ok(); - let o2b : Option = r2.err(); + let r2: Result = Err(source(22)); + let o2a: Option = r2.ok(); + let o2b: Option = r2.err(); sink(o2a.unwrap()); sink(o2b.unwrap()); // $ hasValueFlow=22 } @@ -467,12 +467,12 @@ fn parse() { let a = source(90); let b = a.to_string(); let c = b.parse::().unwrap(); - let d : i64 = b.parse().unwrap(); + let d: i64 = b.parse().unwrap(); sink(a); // $ hasValueFlow=90 - sink_string(b); // $ hasTaintFlow=90 - sink(c); // $ hasTaintFlow=90 - sink(d); // $ hasTaintFlow=90 + sink_string(b); // $ MISSING: we are not currently able to resolve the `to_string` call above, which comes from `impl ToString for T` + sink(c); // $ MISSING: hasTaintFlow=90 - we are not currently able to resolve the `parse` call above + sink(d); // $ MISSING: hasTaintFlow=90 - we are not currently able to resolve the `parse` call above } fn iterators() { @@ -489,7 +489,7 @@ fn iterators() { sink(v); // $ MISSING: hasValueFlow=91 } - let vs2 : Vec<&i64> = vs.iter().collect(); + let vs2: Vec<&i64> = vs.iter().collect(); for &v in vs2 { sink(v); // $ MISSING: hasValueFlow=91 } diff --git a/rust/ql/test/library-tests/dataflow/models/models.ql b/rust/ql/test/library-tests/dataflow/models/models.ql index b17b45bba82c..e621834bdec7 100644 --- a/rust/ql/test/library-tests/dataflow/models/models.ql +++ b/rust/ql/test/library-tests/dataflow/models/models.ql @@ -20,7 +20,7 @@ query predicate invalidSpecComponent(SummarizedCallable sc, string s, string c) // not defined in `models.ext.yml`, in order to test that we can also define // models directly in QL private class SummarizedCallableIdentity extends SummarizedCallable::Range { - SummarizedCallableIdentity() { this = "repo::test::_::crate::identity" } + SummarizedCallableIdentity() { this.getName().getText() = "identity" } override predicate propagatesFlow( string input, string output, boolean preservesValue, string provenance diff --git a/rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected b/rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected index ff85ec81529c..5667ceb627d7 100644 --- a/rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected +++ b/rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected @@ -4,19 +4,19 @@ multipleMethodCallTargets | test_futures_io.rs:35:26:35:63 | pinned.poll_read(...) | file://:0:0:0:0 | fn poll_read | | test_futures_io.rs:35:26:35:63 | pinned.poll_read(...) | file://:0:0:0:0 | fn poll_read | | test_futures_io.rs:35:26:35:63 | pinned.poll_read(...) | file://:0:0:0:0 | fn poll_read | -| test_futures_io.rs:61:22:61:50 | pinned.poll_fill_buf(...) | file://:0:0:0:0 | fn poll_fill_buf | -| test_futures_io.rs:61:22:61:50 | pinned.poll_fill_buf(...) | file://:0:0:0:0 | fn poll_fill_buf | -| test_futures_io.rs:68:23:68:67 | ... .poll_fill_buf(...) | file://:0:0:0:0 | fn poll_fill_buf | -| test_futures_io.rs:68:23:68:67 | ... .poll_fill_buf(...) | file://:0:0:0:0 | fn poll_fill_buf | -| test_futures_io.rs:92:26:92:63 | pinned.poll_read(...) | file://:0:0:0:0 | fn poll_read | -| test_futures_io.rs:92:26:92:63 | pinned.poll_read(...) | file://:0:0:0:0 | fn poll_read | -| test_futures_io.rs:92:26:92:63 | pinned.poll_read(...) | file://:0:0:0:0 | fn poll_read | -| test_futures_io.rs:115:22:115:50 | pinned.poll_fill_buf(...) | file://:0:0:0:0 | fn poll_fill_buf | -| test_futures_io.rs:115:22:115:50 | pinned.poll_fill_buf(...) | file://:0:0:0:0 | fn poll_fill_buf | -| web_frameworks.rs:88:14:88:23 | a.as_str() | file://:0:0:0:0 | fn as_str | -| web_frameworks.rs:88:14:88:23 | a.as_str() | file://:0:0:0:0 | fn as_str | -| web_frameworks.rs:89:14:89:25 | a.as_bytes() | file://:0:0:0:0 | fn as_bytes | -| web_frameworks.rs:89:14:89:25 | a.as_bytes() | file://:0:0:0:0 | fn as_bytes | +| test_futures_io.rs:62:22:62:50 | pinned.poll_fill_buf(...) | file://:0:0:0:0 | fn poll_fill_buf | +| test_futures_io.rs:62:22:62:50 | pinned.poll_fill_buf(...) | file://:0:0:0:0 | fn poll_fill_buf | +| test_futures_io.rs:69:23:69:67 | ... .poll_fill_buf(...) | file://:0:0:0:0 | fn poll_fill_buf | +| test_futures_io.rs:69:23:69:67 | ... .poll_fill_buf(...) | file://:0:0:0:0 | fn poll_fill_buf | +| test_futures_io.rs:93:26:93:63 | pinned.poll_read(...) | file://:0:0:0:0 | fn poll_read | +| test_futures_io.rs:93:26:93:63 | pinned.poll_read(...) | file://:0:0:0:0 | fn poll_read | +| test_futures_io.rs:93:26:93:63 | pinned.poll_read(...) | file://:0:0:0:0 | fn poll_read | +| test_futures_io.rs:116:22:116:50 | pinned.poll_fill_buf(...) | file://:0:0:0:0 | fn poll_fill_buf | +| test_futures_io.rs:116:22:116:50 | pinned.poll_fill_buf(...) | file://:0:0:0:0 | fn poll_fill_buf | +| web_frameworks.rs:101:14:101:23 | a.as_str() | file://:0:0:0:0 | fn as_str | +| web_frameworks.rs:101:14:101:23 | a.as_str() | file://:0:0:0:0 | fn as_str | +| web_frameworks.rs:102:14:102:25 | a.as_bytes() | file://:0:0:0:0 | fn as_bytes | +| web_frameworks.rs:102:14:102:25 | a.as_bytes() | file://:0:0:0:0 | fn as_bytes | multiplePathResolutions | test.rs:112:62:112:73 | ...::from | file://:0:0:0:0 | fn from | | test.rs:112:62:112:73 | ...::from | file://:0:0:0:0 | fn from | @@ -84,8 +84,8 @@ multiplePathResolutions | test_futures_io.rs:25:23:25:61 | ...::try_from | file://:0:0:0:0 | fn try_from | | test_futures_io.rs:25:23:25:61 | ...::try_from | file://:0:0:0:0 | fn try_from | | test_futures_io.rs:25:23:25:61 | ...::try_from | file://:0:0:0:0 | fn try_from | -| test_futures_io.rs:144:26:144:43 | ...::with_capacity | file://:0:0:0:0 | fn with_capacity | -| test_futures_io.rs:144:26:144:43 | ...::with_capacity | file://:0:0:0:0 | fn with_capacity | +| test_futures_io.rs:145:26:145:43 | ...::with_capacity | file://:0:0:0:0 | fn with_capacity | +| test_futures_io.rs:145:26:145:43 | ...::with_capacity | file://:0:0:0:0 | fn with_capacity | multipleCanonicalPaths | file://:0:0:0:0 | fn to_ordering | file://:0:0:0:0 | Crate(typenum@1.18.0) | ::to_ordering | | file://:0:0:0:0 | fn to_ordering | file://:0:0:0:0 | Crate(typenum@1.18.0) | ::to_ordering | diff --git a/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected b/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected index 1958d6a87bf3..b5028f38f761 100644 --- a/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected +++ b/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected @@ -82,13 +82,13 @@ | test.rs:806:16:806:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). | | test.rs:806:16:806:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). | | test_futures_io.rs:19:15:19:32 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). | -| web_frameworks.rs:12:31:12:31 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | -| web_frameworks.rs:12:31:12:31 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | -| web_frameworks.rs:21:31:21:35 | TuplePat | Flow source 'RemoteSource' of type remote (DEFAULT). | -| web_frameworks.rs:21:31:21:36 | TuplePat | Flow source 'RemoteSource' of type remote (DEFAULT). | -| web_frameworks.rs:43:31:43:44 | MyStruct {...} | Flow source 'RemoteSource' of type remote (DEFAULT). | -| web_frameworks.rs:43:31:43:45 | MyStruct {...} | Flow source 'RemoteSource' of type remote (DEFAULT). | -| web_frameworks.rs:51:31:51:32 | ms | Flow source 'RemoteSource' of type remote (DEFAULT). | -| web_frameworks.rs:51:31:51:32 | ms | Flow source 'RemoteSource' of type remote (DEFAULT). | -| web_frameworks.rs:60:15:60:15 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | -| web_frameworks.rs:60:15:60:15 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | +| web_frameworks.rs:11:31:11:31 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | +| web_frameworks.rs:11:31:11:31 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | +| web_frameworks.rs:22:14:22:18 | TuplePat | Flow source 'RemoteSource' of type remote (DEFAULT). | +| web_frameworks.rs:22:14:22:19 | TuplePat | Flow source 'RemoteSource' of type remote (DEFAULT). | +| web_frameworks.rs:48:14:48:28 | MyStruct {...} | Flow source 'RemoteSource' of type remote (DEFAULT). | +| web_frameworks.rs:48:14:48:30 | MyStruct {...} | Flow source 'RemoteSource' of type remote (DEFAULT). | +| web_frameworks.rs:58:14:58:15 | ms | Flow source 'RemoteSource' of type remote (DEFAULT). | +| web_frameworks.rs:58:14:58:15 | ms | Flow source 'RemoteSource' of type remote (DEFAULT). | +| web_frameworks.rs:68:15:68:15 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | +| web_frameworks.rs:68:15:68:15 | a | Flow source 'RemoteSource' of type remote (DEFAULT). | diff --git a/rust/ql/test/library-tests/dataflow/sources/test.rs b/rust/ql/test/library-tests/dataflow/sources/test.rs index 342efbba69ea..845050c2fc93 100644 --- a/rust/ql/test/library-tests/dataflow/sources/test.rs +++ b/rust/ql/test/library-tests/dataflow/sources/test.rs @@ -308,28 +308,28 @@ async fn test_tokio_stdin() -> Result<(), Box> { let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources] let mut buffer = [0u8; 100]; let _bytes = stdin.read(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow + sink(&buffer); // $ MISSING: hasTaintFlow -- we cannot resolve the `read` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } { let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources] let mut buffer = Vec::::new(); let _bytes = stdin.read_to_end(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow + sink(&buffer); // $ MISSING: hasTaintFlow -- we cannot resolve the `read_to_end` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } { let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources] let mut buffer = String::new(); let _bytes = stdin.read_to_string(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow + sink(&buffer); // $ MISSING: hasTaintFlow -- we cannot resolve the `read_to_string` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } { let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources] let mut buffer = [0; 100]; stdin.read_exact(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow + sink(&buffer); // $ MISSING: hasTaintFlow -- we cannot resolve the `read_exact` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } { @@ -338,17 +338,17 @@ async fn test_tokio_stdin() -> Result<(), Box> { let v2 = stdin.read_i16().await?; let v3 = stdin.read_f32().await?; let v4 = stdin.read_i64_le().await?; - sink(v1); // $ hasTaintFlow - sink(v2); // $ hasTaintFlow - sink(v3); // $ hasTaintFlow - sink(v4); // $ hasTaintFlow + sink(v1); // $ MISSING: hasTaintFlow -- we cannot resolve the `read_u8` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` + sink(v2); // $ MISSING: hasTaintFlow -- we cannot resolve the `read_i16` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` + sink(v3); // $ MISSING: hasTaintFlow -- we cannot resolve the `read_f32` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` + sink(v4); // $ MISSING: hasTaintFlow -- we cannot resolve the `read_i64_le` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } { let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources] let mut buffer = bytes::BytesMut::new(); stdin.read_buf(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow + sink(&buffer); // $ MISSING: hasTaintFlow -- we cannot resolve the `read_buf` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } // --- async reading from stdin (BufReader) --- @@ -356,7 +356,7 @@ async fn test_tokio_stdin() -> Result<(), Box> { { let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources] let data = reader.fill_buf().await?; - sink(&data); // $ hasTaintFlow + sink(&data); // $ MISSING: hasTaintFlow -- we cannot resolve the `fill_buf` call above, which comes from `impl AsyncBufReadExt for R {}` in `async_buf_read_ext.rs` } { @@ -369,20 +369,20 @@ async fn test_tokio_stdin() -> Result<(), Box> { let mut buffer = String::new(); let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources] reader.read_line(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow + sink(&buffer); // $ MISSING: hasTaintFlow -- we cannot resolve the `read_line` call above, which comes from `impl AsyncBufReadExt for R {}` in `async_buf_read_ext.rs` } { let mut buffer = Vec::::new(); let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources] reader.read_until(b',', &mut buffer).await?; - sink(&buffer); // $ hasTaintFlow - sink(buffer[0]); // $ hasTaintFlow + sink(&buffer); // $ MISSING: hasTaintFlow -- we cannot resolve the `read_until` call above, which comes from `impl AsyncBufReadExt for R {}` in `async_buf_read_ext.rs` + sink(buffer[0]); // $ MISSING: hasTaintFlow -- we cannot resolve the `read_until` call above, which comes from `impl AsyncBufReadExt for R {}` in `async_buf_read_ext.rs` } { let mut reader_split = tokio::io::BufReader::new(tokio::io::stdin()).split(b','); // $ Alert[rust/summary/taint-sources] - sink(reader_split.next_segment().await?.unwrap()); // $ hasTaintFlow + sink(reader_split.next_segment().await?.unwrap()); // $ MISSING: hasTaintFlow -- we cannot resolve the `split` call above, which comes from `impl AsyncBufReadExt for R {}` in `async_buf_read_ext.rs` while let Some(chunk) = reader_split.next_segment().await? { sink(chunk); // $ MISSING: hasTaintFlow } @@ -391,7 +391,7 @@ async fn test_tokio_stdin() -> Result<(), Box> { { let reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources] let mut lines = reader.lines(); - sink(lines.next_line().await?.unwrap()); // $ hasTaintFlow + sink(lines.next_line().await?.unwrap()); // $ MISSING: hasTaintFlow -- we cannot resolve the `lines` call above, which comes from `impl AsyncBufReadExt for R {}` in `async_buf_read_ext.rs` while let Some(line) = lines.next_line().await? { sink(line); // $ MISSING: hasTaintFlow } @@ -529,25 +529,25 @@ async fn test_tokio_file() -> std::io::Result<()> { { let mut buffer = [0u8; 100]; let _bytes = file.read(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow="file.txt" + sink(&buffer); // $ MISSING: hasTaintFlow="file.txt" -- we cannot resolve the `read` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } { let mut buffer = Vec::::new(); let _bytes = file.read_to_end(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow="file.txt" + sink(&buffer); // $ MISSING: hasTaintFlow="file.txt" -- we cannot resolve the `read_to_end` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } { let mut buffer = String::new(); let _bytes = file.read_to_string(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow="file.txt" + sink(&buffer); // $ MISSING: hasTaintFlow="file.txt" -- we cannot resolve the `read_to_string` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } { let mut buffer = [0; 100]; file.read_exact(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow="file.txt" + sink(&buffer); // $ MISSING: hasTaintFlow="file.txt" -- we cannot resolve the `read_exact` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } { @@ -555,16 +555,16 @@ async fn test_tokio_file() -> std::io::Result<()> { let v2 = file.read_i16().await?; let v3 = file.read_f32().await?; let v4 = file.read_i64_le().await?; - sink(v1); // $ hasTaintFlow="file.txt" - sink(v2); // $ hasTaintFlow="file.txt" - sink(v3); // $ hasTaintFlow="file.txt" - sink(v4); // $ hasTaintFlow="file.txt" + sink(v1); // $ MISSING: hasTaintFlow="file.txt" -- we cannot resolve the `read_u8` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` + sink(v2); // $ MISSING: hasTaintFlow="file.txt" -- we cannot resolve the `read_i16` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` + sink(v3); // $ MISSING: hasTaintFlow="file.txt" -- we cannot resolve the `read_f32` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` + sink(v4); // $ MISSING: hasTaintFlow="file.txt" -- we cannot resolve the `read_i64_le` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } { let mut buffer = bytes::BytesMut::new(); file.read_buf(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow="file.txt" + sink(&buffer); // $ MISSING: hasTaintFlow="file.txt" -- we cannot resolve the `read_buf` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } // --- misc operations --- @@ -575,7 +575,7 @@ async fn test_tokio_file() -> std::io::Result<()> { let file2 = tokio::fs::File::open("another_file.txt").await?; // $ Alert[rust/summary/taint-sources] let mut reader = file1.chain(file2); reader.read_to_string(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow="file.txt" hasTaintFlow="another_file.txt" + sink(&buffer); // $ MISSING: hasTaintFlow="file.txt" hasTaintFlow="another_file.txt" -- we cannot resolve the `chain` and `read_to_string` calls above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } { @@ -583,7 +583,7 @@ async fn test_tokio_file() -> std::io::Result<()> { let file1 = tokio::fs::File::open("file.txt").await?; // $ Alert[rust/summary/taint-sources] let mut reader = file1.take(100); reader.read_to_string(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow="file.txt" + sink(&buffer); // $ MISSING: hasTaintFlow="file.txt" -- we cannot resolve the `take` and `read_to_string` calls above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` } Ok(()) @@ -687,8 +687,8 @@ async fn test_tokio_tcpstream(case: i64) -> std::io::Result<()> { sink(buffer1[0]); // $ hasTaintFlow=address println!("buffer2 = {:?}", buffer2); - sink(&buffer2); // $ hasTaintFlow=address - sink(buffer2[0]); // $ hasTaintFlow=address + sink(&buffer2); // $ MISSING: hasTaintFlow=address -- we cannot resolve the `read` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` + sink(buffer2[0]); // $ MISSING: hasTaintFlow=address -- we cannot resolve the `read` call above, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` let buffer_string = String::from_utf8_lossy(&buffer2[..n2]); println!("string = {}", buffer_string); @@ -777,25 +777,25 @@ fn test_rustls() -> std::io::Result<()> { let server_name = rustls::pki_types::ServerName::try_from("www.example.com").unwrap(); let config_arc = std::sync::Arc::new(config); let mut client = rustls::ClientConnection::new(config_arc, server_name).unwrap(); // $ Alert[rust/summary/taint-sources] - let mut reader = client.reader(); - sink(&reader); // $ hasTaintFlow=config_arc + let mut reader = client.reader(); // We cannot resolve the `reader` call because it comes from `Deref`: https://docs.rs/rustls/latest/rustls/client/struct.ClientConnection.html#deref-methods-ConnectionCommon%3CClientConnectionData%3E + sink(&reader); // $ MISSING: hasTaintFlow=config_arc { let mut buffer = [0u8; 100]; let _bytes = reader.read(&mut buffer)?; - sink(&buffer); // $ hasTaintFlow=config_arc + sink(&buffer); // $ MISSING: hasTaintFlow=config_arc } { let mut buffer = Vec::::new(); let _bytes = reader.read_to_end(&mut buffer)?; - sink(&buffer); // $ hasTaintFlow=config_arc + sink(&buffer); // $ MISSING: hasTaintFlow=config_arc } { let mut buffer = String::new(); let _bytes = reader.read_to_string(&mut buffer)?; - sink(&buffer); // $ hasTaintFlow=config_arc + sink(&buffer); // $ MISSING: hasTaintFlow=config_arc } Ok(()) diff --git a/rust/ql/test/library-tests/dataflow/sources/test_futures_io.rs b/rust/ql/test/library-tests/dataflow/sources/test_futures_io.rs index ad03d33c8405..67dce4b21cc7 100644 --- a/rust/ql/test/library-tests/dataflow/sources/test_futures_io.rs +++ b/rust/ql/test/library-tests/dataflow/sources/test_futures_io.rs @@ -1,18 +1,18 @@ -fn sink(_: T) { } +fn sink(_: T) {} // --- tests --- -use std::pin::Pin; -use std::task::{Context, Poll}; -use std::io; -use futures::io::AsyncRead; -use futures::io::AsyncReadExt; +use async_std::net::TcpStream; +use async_std::sync::Arc; use futures::io::AsyncBufRead; use futures::io::AsyncBufReadExt; +use futures::io::AsyncRead; +use futures::io::AsyncReadExt; use futures::StreamExt; -use futures_rustls::{TlsConnector}; -use async_std::sync::Arc; -use async_std::net::TcpStream; +use futures_rustls::TlsConnector; +use std::io; +use std::pin::Pin; +use std::task::{Context, Poll}; async fn test_futures_rustls_futures_io() -> io::Result<()> { let url = "www.example.com:443"; @@ -32,10 +32,10 @@ async fn test_futures_rustls_futures_io() -> io::Result<()> { let mut pinned = Pin::new(&mut reader); sink(&pinned); // $ hasTaintFlow=url let mut cx = Context::from_waker(futures::task::noop_waker_ref()); - let bytes_read = pinned.poll_read(&mut cx, &mut buffer); + let bytes_read = pinned.poll_read(&mut cx, &mut buffer); // we cannot correctly resolve this call, since it relies on `Deref` if let Poll::Ready(Ok(n)) = bytes_read { - sink(&buffer); // $ hasTaintFlow=url - sink(&buffer[..n]); // $ hasTaintFlow=url + sink(&buffer); // $ MISSING: hasTaintFlow=url + sink(&buffer[..n]); // $ MISSING: hasTaintFlow=url } } @@ -46,8 +46,9 @@ async fn test_futures_rustls_futures_io() -> io::Result<()> { sink(&buffer1[..bytes_read1]); // $ hasTaintFlow=url let mut buffer2 = [0u8; 64]; - let bytes_read2 = reader.read(&mut buffer2).await?; - sink(&buffer2[..bytes_read2]); // $ hasTaintFlow=url + let bytes_read2 = reader.read(&mut buffer2).await?; // we cannot resolve the `read` call, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` + + sink(&buffer2[..bytes_read2]); // $ MISSING: hasTaintFlow=url } let mut reader2 = futures::io::BufReader::new(reader); @@ -79,8 +80,8 @@ async fn test_futures_rustls_futures_io() -> io::Result<()> { { // using the `AsyncBufReadExt::fill_buf` extension method (higher-level) - let buffer = reader2.fill_buf().await?; - sink(buffer); // $ hasTaintFlow=url + let buffer = reader2.fill_buf().await?; // we cannot resolve the `fill_buf` call, which comes from `impl AsyncBufReadExt for R {}` in `async_buf_read_ext.rs` + sink(buffer); // $ MISSING: hasTaintFlow=url } { @@ -103,8 +104,8 @@ async fn test_futures_rustls_futures_io() -> io::Result<()> { sink(&buffer1[..bytes_read1]); // $ hasTaintFlow=url let mut buffer2 = [0u8; 64]; - let bytes_read2 = reader2.read(&mut buffer2).await?; - sink(&buffer2[..bytes_read2]); // $ hasTaintFlow=url + let bytes_read2 = reader2.read(&mut buffer2).await?; // we cannot resolve the `read` call, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` + sink(&buffer2[..bytes_read2]); // $ MISSING: hasTaintFlow=url } { @@ -121,35 +122,35 @@ async fn test_futures_rustls_futures_io() -> io::Result<()> { { // using the `AsyncBufReadExt::fill_buf` extension method (higher-level) - let buffer = reader2.fill_buf().await?; - sink(buffer); // $ hasTaintFlow=url + let buffer = reader2.fill_buf().await?; // we cannot resolve the `fill_buf` call, which comes from `impl AsyncBufReadExt for R {}` in `async_buf_read_ext.rs` + sink(buffer); // $ MISSING: hasTaintFlow=url } { // using the `AsyncBufReadExt::read_until` extension method let mut line = Vec::new(); - let _bytes_read = reader2.read_until(b'\n', &mut line).await?; - sink(&line); // $ hasTaintFlow=url + let _bytes_read = reader2.read_until(b'\n', &mut line).await?; // we cannot resolve the `read_until` call, which comes from `impl AsyncBufReadExt for R {}` in `async_buf_read_ext.rs` + sink(&line); // $ MISSING: hasTaintFlow=url } { // using the `AsyncBufReadExt::read_line` extension method let mut line = String::new(); - let _bytes_read = reader2.read_line(&mut line).await?; - sink(&line); // $ hasTaintFlow=url + let _bytes_read = reader2.read_line(&mut line).await?; // we cannot resolve the `read_line` call, which comes from `impl AsyncBufReadExt for R {}` in `async_buf_read_ext.rs` + sink(&line); // $ MISSING: hasTaintFlow=url } { // using the `AsyncBufReadExt::read_to_end` extension method let mut buffer = Vec::with_capacity(1024); - let _bytes_read = reader2.read_to_end(&mut buffer).await?; - sink(&buffer); // $ hasTaintFlow=url + let _bytes_read = reader2.read_to_end(&mut buffer).await?; // we cannot resolve the `read` call, which comes from `impl AsyncReadExt for R {}` in `async_read_ext.rs` + sink(&buffer); // $ MISSING: hasTaintFlow=url } { // using the `AsyncBufReadExt::lines` extension method - let mut lines_stream = reader2.lines(); - sink(lines_stream.next().await.unwrap()); // $ hasTaintFlow=url + let mut lines_stream = reader2.lines(); // we cannot resolve the `lines` call, which comes from `impl AsyncBufReadExt for R {}` in `async_buf_read_ext.rs` + sink(lines_stream.next().await.unwrap()); // $ MISSING: hasTaintFlow=url while let Some(line) = lines_stream.next().await { sink(line.unwrap()); // $ MISSING: hasTaintFlow } diff --git a/rust/ql/test/library-tests/dataflow/sources/web_frameworks.rs b/rust/ql/test/library-tests/dataflow/sources/web_frameworks.rs index f1bf3ab6b0bb..4168d1e3f6a2 100644 --- a/rust/ql/test/library-tests/dataflow/sources/web_frameworks.rs +++ b/rust/ql/test/library-tests/dataflow/sources/web_frameworks.rs @@ -1,24 +1,26 @@ - -fn sink(_: T) { } +fn sink(_: T) {} // --- tests --- mod poem_test { - use poem::{get, handler, web::Path, web::Query, Route, Server, listener::TcpListener}; - use serde::Deserialize; use super::sink; + use poem::{get, handler, listener::TcpListener, web::Path, web::Query, Route, Server}; + use serde::Deserialize; #[handler] - fn my_poem_handler_1(Path(a): Path) -> String { // $ Alert[rust/summary/taint-sources] - sink(a.as_str()); // $ hasTaintFlow - sink(a.as_bytes()); // $ hasTaintFlow + fn my_poem_handler_1(Path(a): Path, // $ Alert[rust/summary/taint-sources] + ) -> String { + sink(a.as_str()); // $ MISSING: hasTaintFlow -- no type inference for patterns + sink(a.as_bytes()); // $ MISSING: hasTaintFlow -- no type inference for patterns sink(a); // $ hasTaintFlow "".to_string() } #[handler] - fn my_poem_handler_2(Path((a, b)): Path<(String, String)>) -> String { // $ Alert[rust/summary/taint-sources] + fn my_poem_handler_2( + Path((a, b)): Path<(String, String)>, // $ Alert[rust/summary/taint-sources] + ) -> String { sink(a); // $ MISSING: hasTaintFlow sink(b); // $ MISSING: hasTaintFlow @@ -26,7 +28,9 @@ mod poem_test { } #[handler] - fn my_poem_handler_3(path: Path<(String, String)>) -> String { // $ MISSING: Alert[rust/summary/taint-sources] + fn my_poem_handler_3( + path: Path<(String, String)>, // $ MISSING: Alert[rust/summary/taint-sources] + ) -> String { sink(&path.0); // $ MISSING: hasTaintFlow sink(&path.1); // $ MISSING: hasTaintFlow @@ -40,7 +44,9 @@ mod poem_test { } #[handler] - fn my_poem_handler_4(Path(MyStruct {a, b}): Path) -> String { // $ Alert[rust/summary/taint-sources] + fn my_poem_handler_4( + Path(MyStruct { a, b }): Path, // $ Alert[rust/summary/taint-sources] + ) -> String { sink(a); // $ MISSING: hasTaintFlow sink(b); // $ MISSING: hasTaintFlow @@ -48,7 +54,9 @@ mod poem_test { } #[handler] - fn my_poem_handler_5(Path(ms): Path) -> String { // $ Alert[rust/summary/taint-sources] + fn my_poem_handler_5( + Path(ms): Path, // $ Alert[rust/summary/taint-sources] + ) -> String { sink(ms.a); // $ MISSING: hasTaintFlow sink(ms.b); // $ MISSING: hasTaintFlow @@ -73,17 +81,22 @@ mod poem_test { .at("/5/:a/:b", get(my_poem_handler_5)) .at("/6/:a/", get(my_poem_handler_6)); - Server::new(TcpListener::bind("0.0.0.0:3000")).run(app).await.unwrap(); + Server::new(TcpListener::bind("0.0.0.0:3000")) + .run(app) + .await + .unwrap(); // ... } } mod actix_test { - use actix_web::{get, web, App}; use super::sink; + use actix_web::{get, web, App}; - async fn my_actix_handler_1(path: web::Path) -> String { // $ MISSING: Alert[rust/summary/taint-sources] + async fn my_actix_handler_1( + path: web::Path, // $ MISSING: Alert[rust/summary/taint-sources] + ) -> String { let a = path.into_inner(); sink(a.as_str()); // $ MISSING: hasTaintFlow sink(a.as_bytes()); // $ MISSING: hasTaintFlow @@ -92,7 +105,9 @@ mod actix_test { "".to_string() } - async fn my_actix_handler_2(path: web::Path<(String, String)>) -> String { // $ MISSING: Alert[rust/summary/taint-sources] + async fn my_actix_handler_2( + path: web::Path<(String, String)>, // $ MISSING: Alert[rust/summary/taint-sources] + ) -> String { let (a, b) = path.into_inner(); sink(a); // $ MISSING: hasTaintFlow @@ -101,14 +116,18 @@ mod actix_test { "".to_string() } - async fn my_actix_handler_3(web::Query(a): web::Query) -> String { // $ MISSING: Alert[rust/summary/taint-sources] + async fn my_actix_handler_3( + web::Query(a): web::Query, // $ MISSING: Alert[rust/summary/taint-sources] + ) -> String { sink(a); // $ MISSING: hasTaintFlow "".to_string() } #[get("/4/{a}")] - async fn my_actix_handler_4(path: web::Path) -> String { // $ MISSING: Alert[rust/summary/taint-sources] + async fn my_actix_handler_4( + path: web::Path, // $ MISSING: Alert[rust/summary/taint-sources] + ) -> String { let a = path.into_inner(); sink(a); // $ MISSING: hasTaintFlow @@ -127,13 +146,15 @@ mod actix_test { } mod axum_test { - use axum::Router; + use super::sink; + use axum::extract::{Json, Path, Query, Request}; use axum::routing::get; - use axum::extract::{Path, Query, Request, Json}; + use axum::Router; use std::collections::HashMap; - use super::sink; - async fn my_axum_handler_1(Path(a): Path) -> &'static str { // $ MISSING: Alert[rust/summary/taint-sources] + async fn my_axum_handler_1( + Path(a): Path, // $ MISSING: Alert[rust/summary/taint-sources] + ) -> &'static str { sink(a.as_str()); // $ MISSING: hasTaintFlow sink(a.as_bytes()); // $ MISSING: hasTaintFlow sink(a); // $ MISSING: hasTaintFlow @@ -141,14 +162,18 @@ mod axum_test { "" } - async fn my_axum_handler_2(Path((a, b)): Path<(String, String)>) -> &'static str { // $ MISSING: Alert[rust/summary/taint-sources] + async fn my_axum_handler_2( + Path((a, b)): Path<(String, String)>, // $ MISSING: Alert[rust/summary/taint-sources] + ) -> &'static str { sink(a); // $ MISSING: hasTaintFlow sink(b); // $ MISSING: hasTaintFlow "" } - async fn my_axum_handler_3(Query(params): Query>) -> &'static str { // $ MISSING: Alert[rust/summary/taint-sources] + async fn my_axum_handler_3( + Query(params): Query>, // $ MISSING: Alert[rust/summary/taint-sources] + ) -> &'static str { for (key, value) in params { sink(key); // $ MISSING: hasTaintFlow sink(value); // $ MISSING: hasTaintFlow @@ -157,7 +182,9 @@ mod axum_test { "" } - async fn my_axum_handler_4(request: Request) -> &'static str { // $ MISSING: Alert[rust/summary/taint-sources] + async fn my_axum_handler_4( + request: Request, // $ MISSING: Alert[rust/summary/taint-sources] + ) -> &'static str { sink(request.body()); // $ MISSING: hasTaintFlow request.headers().get("header").unwrap(); // $ MISSING: hasTaintFlow sink(request.into_body()); // $ MISSING: hasTaintFlow @@ -165,20 +192,26 @@ mod axum_test { "" } - async fn my_axum_handler_5(Json(payload): Json) -> &'static str { // $ MISSING: Alert[rust/summary/taint-sources] + async fn my_axum_handler_5( + Json(payload): Json, // $ MISSING: Alert[rust/summary/taint-sources] + ) -> &'static str { sink(payload.as_str()); // $ MISSING: hasTaintFlow sink(payload); // $ MISSING: hasTaintFlow "" } - async fn my_axum_handler_6(body: String) -> &'static str { // $ MISSING: Alert[rust/summary/taint-sources] + async fn my_axum_handler_6( + body: String, // $ MISSING: Alert[rust/summary/taint-sources] + ) -> &'static str { sink(body); // $ MISSING: hasTaintFlow "" } - async fn my_axum_handler_7(body: String) -> &'static str { // $ MISSING: Alert[rust/summary/taint-sources] + async fn my_axum_handler_7( + body: String, // $ MISSING: Alert[rust/summary/taint-sources] + ) -> &'static str { sink(body); // $ MISSING: hasTaintFlow "" diff --git a/rust/ql/test/library-tests/dataflow/strings/CONSISTENCY/PathResolutionConsistency.expected b/rust/ql/test/library-tests/dataflow/strings/CONSISTENCY/PathResolutionConsistency.expected index 66f86daf9854..f08f15c3aef7 100644 --- a/rust/ql/test/library-tests/dataflow/strings/CONSISTENCY/PathResolutionConsistency.expected +++ b/rust/ql/test/library-tests/dataflow/strings/CONSISTENCY/PathResolutionConsistency.expected @@ -2,9 +2,9 @@ multipleMethodCallTargets | main.rs:64:16:64:25 | s.as_str() | file://:0:0:0:0 | fn as_str | | main.rs:64:16:64:25 | s.as_str() | file://:0:0:0:0 | fn as_str | multiplePathResolutions -| main.rs:52:11:52:22 | ...::from | file://:0:0:0:0 | fn from | -| main.rs:52:11:52:22 | ...::from | file://:0:0:0:0 | fn from | -| main.rs:52:11:52:22 | ...::from | file://:0:0:0:0 | fn from | -| main.rs:52:11:52:22 | ...::from | file://:0:0:0:0 | fn from | -| main.rs:52:11:52:22 | ...::from | file://:0:0:0:0 | fn from | -| main.rs:52:11:52:22 | ...::from | file://:0:0:0:0 | fn from | +| main.rs:52:14:52:25 | ...::from | file://:0:0:0:0 | fn from | +| main.rs:52:14:52:25 | ...::from | file://:0:0:0:0 | fn from | +| main.rs:52:14:52:25 | ...::from | file://:0:0:0:0 | fn from | +| main.rs:52:14:52:25 | ...::from | file://:0:0:0:0 | fn from | +| main.rs:52:14:52:25 | ...::from | file://:0:0:0:0 | fn from | +| main.rs:52:14:52:25 | ...::from | file://:0:0:0:0 | fn from | diff --git a/rust/ql/test/library-tests/dataflow/strings/inline-taint-flow.expected b/rust/ql/test/library-tests/dataflow/strings/inline-taint-flow.expected index 5c56cf594e78..24306107de26 100644 --- a/rust/ql/test/library-tests/dataflow/strings/inline-taint-flow.expected +++ b/rust/ql/test/library-tests/dataflow/strings/inline-taint-flow.expected @@ -1,9 +1,8 @@ models -| 1 | Summary: lang:alloc; <_ as crate::string::ToString>::to_string; Argument[self]; ReturnValue; taint | -| 2 | Summary: lang:alloc; ::from; Argument[0]; ReturnValue; value | -| 3 | Summary: lang:alloc; ::as_str; Argument[self]; ReturnValue; value | -| 4 | Summary: lang:alloc; crate::fmt::format; Argument[0]; ReturnValue; taint | -| 5 | Summary: lang:core; crate::hint::must_use; Argument[0]; ReturnValue; value | +| 1 | Summary: lang:alloc; ::from; Argument[0]; ReturnValue; value | +| 2 | Summary: lang:alloc; ::as_str; Argument[self]; ReturnValue; value | +| 3 | Summary: lang:alloc; crate::fmt::format; Argument[0]; ReturnValue; taint | +| 4 | Summary: lang:core; crate::hint::must_use; Argument[0]; ReturnValue; value | edges | main.rs:26:9:26:9 | s | main.rs:27:19:27:25 | s[...] | provenance | | | main.rs:26:13:26:22 | source(...) | main.rs:26:9:26:9 | s | provenance | | @@ -13,46 +12,42 @@ edges | main.rs:32:9:32:10 | s1 | main.rs:35:9:35:10 | s4 | provenance | | | main.rs:32:14:32:23 | source(...) | main.rs:32:9:32:10 | s1 | provenance | | | main.rs:35:9:35:10 | s4 | main.rs:38:10:38:11 | s4 | provenance | | -| main.rs:51:6:51:7 | s1 | main.rs:52:24:52:25 | s1 | provenance | | -| main.rs:51:11:51:26 | source_slice(...) | main.rs:51:6:51:7 | s1 | provenance | | -| main.rs:52:6:52:7 | s2 | main.rs:53:7:53:8 | s2 | provenance | | -| main.rs:52:11:52:26 | ...::from(...) | main.rs:52:6:52:7 | s2 | provenance | | -| main.rs:52:24:52:25 | s1 | main.rs:52:11:52:26 | ...::from(...) | provenance | MaD:2 | -| main.rs:57:6:57:7 | s1 | main.rs:58:11:58:24 | s1.to_string() | provenance | MaD:1 | -| main.rs:57:11:57:26 | source_slice(...) | main.rs:57:6:57:7 | s1 | provenance | | -| main.rs:58:6:58:7 | s2 | main.rs:59:7:59:8 | s2 | provenance | | -| main.rs:58:11:58:24 | s1.to_string() | main.rs:58:6:58:7 | s2 | provenance | | +| main.rs:51:9:51:10 | s1 | main.rs:52:27:52:28 | s1 | provenance | | +| main.rs:51:14:51:29 | source_slice(...) | main.rs:51:9:51:10 | s1 | provenance | | +| main.rs:52:9:52:10 | s2 | main.rs:53:10:53:11 | s2 | provenance | | +| main.rs:52:14:52:29 | ...::from(...) | main.rs:52:9:52:10 | s2 | provenance | | +| main.rs:52:27:52:28 | s1 | main.rs:52:14:52:29 | ...::from(...) | provenance | MaD:1 | | main.rs:63:9:63:9 | s | main.rs:64:16:64:16 | s | provenance | | -| main.rs:63:9:63:9 | s | main.rs:64:16:64:25 | s.as_str() | provenance | MaD:3 | +| main.rs:63:9:63:9 | s | main.rs:64:16:64:25 | s.as_str() | provenance | MaD:2 | | main.rs:63:13:63:22 | source(...) | main.rs:63:9:63:9 | s | provenance | | -| main.rs:64:16:64:16 | s | main.rs:64:16:64:25 | s.as_str() | provenance | MaD:3 | +| main.rs:64:16:64:16 | s | main.rs:64:16:64:25 | s.as_str() | provenance | MaD:2 | | main.rs:68:9:68:9 | s | main.rs:70:34:70:61 | MacroExpr | provenance | | | main.rs:68:9:68:9 | s | main.rs:73:34:73:59 | MacroExpr | provenance | | | main.rs:68:13:68:22 | source(...) | main.rs:68:9:68:9 | s | provenance | | | main.rs:70:9:70:18 | formatted1 | main.rs:71:10:71:19 | formatted1 | provenance | | | main.rs:70:22:70:62 | ...::format(...) | main.rs:70:9:70:18 | formatted1 | provenance | | -| main.rs:70:34:70:61 | MacroExpr | main.rs:70:22:70:62 | ...::format(...) | provenance | MaD:4 | +| main.rs:70:34:70:61 | MacroExpr | main.rs:70:22:70:62 | ...::format(...) | provenance | MaD:3 | | main.rs:73:9:73:18 | formatted2 | main.rs:74:10:74:19 | formatted2 | provenance | | | main.rs:73:22:73:60 | ...::format(...) | main.rs:73:9:73:18 | formatted2 | provenance | | -| main.rs:73:34:73:59 | MacroExpr | main.rs:73:22:73:60 | ...::format(...) | provenance | MaD:4 | +| main.rs:73:34:73:59 | MacroExpr | main.rs:73:22:73:60 | ...::format(...) | provenance | MaD:3 | | main.rs:76:9:76:13 | width | main.rs:77:34:77:74 | MacroExpr | provenance | | | main.rs:76:17:76:32 | source_usize(...) | main.rs:76:9:76:13 | width | provenance | | | main.rs:77:9:77:18 | formatted3 | main.rs:78:10:78:19 | formatted3 | provenance | | | main.rs:77:22:77:75 | ...::format(...) | main.rs:77:9:77:18 | formatted3 | provenance | | -| main.rs:77:34:77:74 | MacroExpr | main.rs:77:22:77:75 | ...::format(...) | provenance | MaD:4 | +| main.rs:77:34:77:74 | MacroExpr | main.rs:77:22:77:75 | ...::format(...) | provenance | MaD:3 | | main.rs:82:9:82:10 | s1 | main.rs:86:18:86:25 | MacroExpr | provenance | | | main.rs:82:9:82:10 | s1 | main.rs:87:18:87:32 | MacroExpr | provenance | | | main.rs:82:14:82:23 | source(...) | main.rs:82:9:82:10 | s1 | provenance | | | main.rs:86:10:86:26 | res | main.rs:86:18:86:25 | { ... } | provenance | | | main.rs:86:18:86:25 | ...::format(...) | main.rs:86:10:86:26 | res | provenance | | | main.rs:86:18:86:25 | ...::must_use(...) | main.rs:86:10:86:26 | MacroExpr | provenance | | -| main.rs:86:18:86:25 | MacroExpr | main.rs:86:18:86:25 | ...::format(...) | provenance | MaD:4 | -| main.rs:86:18:86:25 | { ... } | main.rs:86:18:86:25 | ...::must_use(...) | provenance | MaD:5 | +| main.rs:86:18:86:25 | MacroExpr | main.rs:86:18:86:25 | ...::format(...) | provenance | MaD:3 | +| main.rs:86:18:86:25 | { ... } | main.rs:86:18:86:25 | ...::must_use(...) | provenance | MaD:4 | | main.rs:87:10:87:33 | res | main.rs:87:18:87:32 | { ... } | provenance | | | main.rs:87:18:87:32 | ...::format(...) | main.rs:87:10:87:33 | res | provenance | | | main.rs:87:18:87:32 | ...::must_use(...) | main.rs:87:10:87:33 | MacroExpr | provenance | | -| main.rs:87:18:87:32 | MacroExpr | main.rs:87:18:87:32 | ...::format(...) | provenance | MaD:4 | -| main.rs:87:18:87:32 | { ... } | main.rs:87:18:87:32 | ...::must_use(...) | provenance | MaD:5 | +| main.rs:87:18:87:32 | MacroExpr | main.rs:87:18:87:32 | ...::format(...) | provenance | MaD:3 | +| main.rs:87:18:87:32 | { ... } | main.rs:87:18:87:32 | ...::must_use(...) | provenance | MaD:4 | nodes | main.rs:26:9:26:9 | s | semmle.label | s | | main.rs:26:13:26:22 | source(...) | semmle.label | source(...) | @@ -64,17 +59,12 @@ nodes | main.rs:32:14:32:23 | source(...) | semmle.label | source(...) | | main.rs:35:9:35:10 | s4 | semmle.label | s4 | | main.rs:38:10:38:11 | s4 | semmle.label | s4 | -| main.rs:51:6:51:7 | s1 | semmle.label | s1 | -| main.rs:51:11:51:26 | source_slice(...) | semmle.label | source_slice(...) | -| main.rs:52:6:52:7 | s2 | semmle.label | s2 | -| main.rs:52:11:52:26 | ...::from(...) | semmle.label | ...::from(...) | -| main.rs:52:24:52:25 | s1 | semmle.label | s1 | -| main.rs:53:7:53:8 | s2 | semmle.label | s2 | -| main.rs:57:6:57:7 | s1 | semmle.label | s1 | -| main.rs:57:11:57:26 | source_slice(...) | semmle.label | source_slice(...) | -| main.rs:58:6:58:7 | s2 | semmle.label | s2 | -| main.rs:58:11:58:24 | s1.to_string() | semmle.label | s1.to_string() | -| main.rs:59:7:59:8 | s2 | semmle.label | s2 | +| main.rs:51:9:51:10 | s1 | semmle.label | s1 | +| main.rs:51:14:51:29 | source_slice(...) | semmle.label | source_slice(...) | +| main.rs:52:9:52:10 | s2 | semmle.label | s2 | +| main.rs:52:14:52:29 | ...::from(...) | semmle.label | ...::from(...) | +| main.rs:52:27:52:28 | s1 | semmle.label | s1 | +| main.rs:53:10:53:11 | s2 | semmle.label | s2 | | main.rs:63:9:63:9 | s | semmle.label | s | | main.rs:63:13:63:22 | source(...) | semmle.label | source(...) | | main.rs:64:16:64:16 | s | semmle.label | s | @@ -114,8 +104,7 @@ testFailures #select | main.rs:28:16:28:21 | sliced | main.rs:26:13:26:22 | source(...) | main.rs:28:16:28:21 | sliced | $@ | main.rs:26:13:26:22 | source(...) | source(...) | | main.rs:38:10:38:11 | s4 | main.rs:32:14:32:23 | source(...) | main.rs:38:10:38:11 | s4 | $@ | main.rs:32:14:32:23 | source(...) | source(...) | -| main.rs:53:7:53:8 | s2 | main.rs:51:11:51:26 | source_slice(...) | main.rs:53:7:53:8 | s2 | $@ | main.rs:51:11:51:26 | source_slice(...) | source_slice(...) | -| main.rs:59:7:59:8 | s2 | main.rs:57:11:57:26 | source_slice(...) | main.rs:59:7:59:8 | s2 | $@ | main.rs:57:11:57:26 | source_slice(...) | source_slice(...) | +| main.rs:53:10:53:11 | s2 | main.rs:51:14:51:29 | source_slice(...) | main.rs:53:10:53:11 | s2 | $@ | main.rs:51:14:51:29 | source_slice(...) | source_slice(...) | | main.rs:64:16:64:25 | s.as_str() | main.rs:63:13:63:22 | source(...) | main.rs:64:16:64:25 | s.as_str() | $@ | main.rs:63:13:63:22 | source(...) | source(...) | | main.rs:71:10:71:19 | formatted1 | main.rs:68:13:68:22 | source(...) | main.rs:71:10:71:19 | formatted1 | $@ | main.rs:68:13:68:22 | source(...) | source(...) | | main.rs:74:10:74:19 | formatted2 | main.rs:68:13:68:22 | source(...) | main.rs:74:10:74:19 | formatted2 | $@ | main.rs:68:13:68:22 | source(...) | source(...) | diff --git a/rust/ql/test/library-tests/dataflow/strings/main.rs b/rust/ql/test/library-tests/dataflow/strings/main.rs index c04934de0517..c2e1e02778e6 100644 --- a/rust/ql/test/library-tests/dataflow/strings/main.rs +++ b/rust/ql/test/library-tests/dataflow/strings/main.rs @@ -48,15 +48,15 @@ fn string_add_reference() { } fn string_from() { - let s1 = source_slice(36); - let s2 = String::from(s1); - sink(s2); // $ hasValueFlow=36 + let s1 = source_slice(36); + let s2 = String::from(s1); + sink(s2); // $ hasValueFlow=36 } fn string_to_string() { - let s1 = source_slice(22); - let s2 = s1.to_string(); - sink(s2); // $ hasTaintFlow=22 + let s1 = source_slice(22); + let s2 = s1.to_string(); + sink(s2); // $ MISSING: hasTaintFlow=22 - we are not currently able to resolve the `to_string` call above, which comes from `impl ToString for T` } fn as_str() { diff --git a/rust/ql/test/library-tests/sensitivedata/test.rs b/rust/ql/test/library-tests/sensitivedata/test.rs index f74de9f5bf86..a34fbb1dda9e 100644 --- a/rust/ql/test/library-tests/sensitivedata/test.rs +++ b/rust/ql/test/library-tests/sensitivedata/test.rs @@ -279,7 +279,7 @@ fn test_private_info( sink(&info.medical_notes); // $ sensitive=private sink(info.medical_notes[0].as_str()); // $ sensitive=private for n in info.medical_notes.iter() { - sink(n.as_str()); // $ sensitive=private + sink(n.as_str()); // $ MISSING: sensitive=private } sink(info.confidentialMessage.as_str()); // $ MISSING: sensitive=private sink(info.confidentialMessage.to_lowercase()); // $ MISSING: sensitive=private diff --git a/rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected b/rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected index 7d8bb23d4c59..9821637a3a0d 100644 --- a/rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected +++ b/rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected @@ -1,36 +1,15 @@ #select | src/main.rs:10:5:10:22 | ...::read_to_string | src/main.rs:6:11:6:19 | file_name | src/main.rs:10:5:10:22 | ...::read_to_string | This path depends on a $@. | src/main.rs:6:11:6:19 | file_name | user-provided value | -| src/main.rs:45:5:45:22 | ...::read_to_string | src/main.rs:37:11:37:19 | file_path | src/main.rs:45:5:45:22 | ...::read_to_string | This path depends on a $@. | src/main.rs:37:11:37:19 | file_path | user-provided value | -| src/main.rs:59:5:59:22 | ...::read_to_string | src/main.rs:50:11:50:19 | file_path | src/main.rs:59:5:59:22 | ...::read_to_string | This path depends on a $@. | src/main.rs:50:11:50:19 | file_path | user-provided value | edges | src/main.rs:6:11:6:19 | file_name | src/main.rs:8:35:8:43 | file_name | provenance | | | src/main.rs:8:9:8:17 | file_path | src/main.rs:10:24:10:32 | file_path | provenance | | | src/main.rs:8:21:8:44 | ...::from(...) | src/main.rs:8:9:8:17 | file_path | provenance | | -| src/main.rs:8:35:8:43 | file_name | src/main.rs:8:21:8:44 | ...::from(...) | provenance | MaD:4 | -| src/main.rs:8:35:8:43 | file_name | src/main.rs:8:21:8:44 | ...::from(...) | provenance | MaD:4 | +| src/main.rs:8:35:8:43 | file_name | src/main.rs:8:21:8:44 | ...::from(...) | provenance | MaD:2 | +| src/main.rs:8:35:8:43 | file_name | src/main.rs:8:21:8:44 | ...::from(...) | provenance | MaD:2 | | src/main.rs:10:24:10:32 | file_path | src/main.rs:10:5:10:22 | ...::read_to_string | provenance | MaD:1 Sink:MaD:1 | -| src/main.rs:37:11:37:19 | file_path | src/main.rs:40:52:40:60 | file_path | provenance | | -| src/main.rs:40:9:40:17 | file_path | src/main.rs:45:24:45:32 | file_path | provenance | | -| src/main.rs:40:21:40:62 | public_path.join(...) | src/main.rs:40:9:40:17 | file_path | provenance | | -| src/main.rs:40:38:40:61 | ...::from(...) | src/main.rs:40:21:40:62 | public_path.join(...) | provenance | MaD:3 | -| src/main.rs:40:52:40:60 | file_path | src/main.rs:40:38:40:61 | ...::from(...) | provenance | MaD:4 | -| src/main.rs:40:52:40:60 | file_path | src/main.rs:40:38:40:61 | ...::from(...) | provenance | MaD:4 | -| src/main.rs:45:24:45:32 | file_path | src/main.rs:45:5:45:22 | ...::read_to_string | provenance | MaD:1 Sink:MaD:1 | -| src/main.rs:50:11:50:19 | file_path | src/main.rs:53:52:53:60 | file_path | provenance | | -| src/main.rs:53:9:53:17 | file_path | src/main.rs:54:21:54:44 | file_path.canonicalize() [Ok] | provenance | Config | -| src/main.rs:53:21:53:62 | public_path.join(...) | src/main.rs:53:9:53:17 | file_path | provenance | | -| src/main.rs:53:38:53:61 | ...::from(...) | src/main.rs:53:21:53:62 | public_path.join(...) | provenance | MaD:3 | -| src/main.rs:53:52:53:60 | file_path | src/main.rs:53:38:53:61 | ...::from(...) | provenance | MaD:4 | -| src/main.rs:53:52:53:60 | file_path | src/main.rs:53:38:53:61 | ...::from(...) | provenance | MaD:4 | -| src/main.rs:54:9:54:17 | file_path | src/main.rs:59:24:59:32 | file_path | provenance | | -| src/main.rs:54:21:54:44 | file_path.canonicalize() [Ok] | src/main.rs:54:21:54:53 | ... .unwrap() | provenance | MaD:2 | -| src/main.rs:54:21:54:53 | ... .unwrap() | src/main.rs:54:9:54:17 | file_path | provenance | | -| src/main.rs:59:24:59:32 | file_path | src/main.rs:59:5:59:22 | ...::read_to_string | provenance | MaD:1 Sink:MaD:1 | models | 1 | Sink: lang:std; crate::fs::read_to_string; path-injection; Argument[0] | -| 2 | Summary: lang:core; ::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value | -| 3 | Summary: lang:std; ::join; Argument[0]; ReturnValue; taint | -| 4 | Summary: lang:std; ::from; Argument[0]; ReturnValue; taint | +| 2 | Summary: lang:std; ::from; Argument[0]; ReturnValue; taint | nodes | src/main.rs:6:11:6:19 | file_name | semmle.label | file_name | | src/main.rs:8:9:8:17 | file_path | semmle.label | file_path | @@ -38,21 +17,4 @@ nodes | src/main.rs:8:35:8:43 | file_name | semmle.label | file_name | | src/main.rs:10:5:10:22 | ...::read_to_string | semmle.label | ...::read_to_string | | src/main.rs:10:24:10:32 | file_path | semmle.label | file_path | -| src/main.rs:37:11:37:19 | file_path | semmle.label | file_path | -| src/main.rs:40:9:40:17 | file_path | semmle.label | file_path | -| src/main.rs:40:21:40:62 | public_path.join(...) | semmle.label | public_path.join(...) | -| src/main.rs:40:38:40:61 | ...::from(...) | semmle.label | ...::from(...) | -| src/main.rs:40:52:40:60 | file_path | semmle.label | file_path | -| src/main.rs:45:5:45:22 | ...::read_to_string | semmle.label | ...::read_to_string | -| src/main.rs:45:24:45:32 | file_path | semmle.label | file_path | -| src/main.rs:50:11:50:19 | file_path | semmle.label | file_path | -| src/main.rs:53:9:53:17 | file_path | semmle.label | file_path | -| src/main.rs:53:21:53:62 | public_path.join(...) | semmle.label | public_path.join(...) | -| src/main.rs:53:38:53:61 | ...::from(...) | semmle.label | ...::from(...) | -| src/main.rs:53:52:53:60 | file_path | semmle.label | file_path | -| src/main.rs:54:9:54:17 | file_path | semmle.label | file_path | -| src/main.rs:54:21:54:44 | file_path.canonicalize() [Ok] | semmle.label | file_path.canonicalize() [Ok] | -| src/main.rs:54:21:54:53 | ... .unwrap() | semmle.label | ... .unwrap() | -| src/main.rs:59:5:59:22 | ...::read_to_string | semmle.label | ...::read_to_string | -| src/main.rs:59:24:59:32 | file_path | semmle.label | file_path | subpaths diff --git a/rust/ql/test/query-tests/security/CWE-022/src/main.rs b/rust/ql/test/query-tests/security/CWE-022/src/main.rs index 7c13da08db50..972ac8e7b6a0 100644 --- a/rust/ql/test/query-tests/security/CWE-022/src/main.rs +++ b/rust/ql/test/query-tests/security/CWE-022/src/main.rs @@ -34,7 +34,7 @@ fn tainted_path_handler_folder_good(Query(file_path): Query) -> Result, // $ Source=remote4 + Query(file_path): Query, // $ MISSING: Source=remote4 ) -> Result { let public_path = PathBuf::from("/var/www/public_html"); let file_path = public_path.join(PathBuf::from(file_path)); @@ -42,12 +42,12 @@ fn tainted_path_handler_folder_almost_good1( if !file_path.starts_with(public_path) { return Err(Error::from_status(StatusCode::BAD_REQUEST)); } - fs::read_to_string(file_path).map_err(InternalServerError) // $ path-injection-sink Alert[rust/path-injection]=remote4 + fs::read_to_string(file_path).map_err(InternalServerError) // $ path-injection-sink MISSING: Alert[rust/path-injection]=remote4 -- we cannot resolve the `join` call above, because it needs a `PathBuf -> Path` `Deref` } //#[handler] fn tainted_path_handler_folder_almost_good2( - Query(file_path): Query, // $ Source=remote5 + Query(file_path): Query, // $ MISSING: Source=remote5 ) -> Result { let public_path = PathBuf::from("/var/www/public_html"); let file_path = public_path.join(PathBuf::from(file_path)); @@ -56,7 +56,7 @@ fn tainted_path_handler_folder_almost_good2( if file_path.starts_with(public_path) { return Err(Error::from_status(StatusCode::BAD_REQUEST)); } - fs::read_to_string(file_path).map_err(InternalServerError) // $ path-injection-sink Alert[rust/path-injection]=remote5 + fs::read_to_string(file_path).map_err(InternalServerError) // $ path-injection-sink MISSING: Alert[rust/path-injection]=remote5 -- we cannot resolve the `join` call above, because it needs a `PathBuf -> Path` `Deref` } fn sinks(path1: &Path, path2: &Path) { diff --git a/rust/ql/test/query-tests/security/CWE-089/Cargo.lock b/rust/ql/test/query-tests/security/CWE-089/Cargo.lock index 174703eacd20..2df49df403fc 100644 --- a/rust/ql/test/query-tests/security/CWE-089/Cargo.lock +++ b/rust/ql/test/query-tests/security/CWE-089/Cargo.lock @@ -1500,9 +1500,9 @@ dependencies = [ [[package]] name = "r-efi" -version = "5.2.0" +version = "5.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "74765f6d916ee2faa39bc8e68e4f3ed8949b48cccdac59983d287a7cb71ce9c5" +checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f" [[package]] name = "rand" @@ -1654,9 +1654,9 @@ dependencies = [ [[package]] name = "rustls" -version = "0.23.27" +version = "0.23.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "730944ca083c1c233a75c09f199e973ca499344a2b7ba9e755c457e86fb4a321" +checksum = "7160e3e10bf4535308537f3c4e1641468cd0e485175d6163087c0393c7d46643" dependencies = [ "once_cell", "rustls-pki-types", diff --git a/rust/ql/test/query-tests/security/CWE-089/SqlInjection.expected b/rust/ql/test/query-tests/security/CWE-089/SqlInjection.expected index ab8e995be762..1e0e215e5440 100644 --- a/rust/ql/test/query-tests/security/CWE-089/SqlInjection.expected +++ b/rust/ql/test/query-tests/security/CWE-089/SqlInjection.expected @@ -1,36 +1,20 @@ #select -| sqlx.rs:66:26:66:46 | safe_query_3.as_str() | sqlx.rs:48:25:48:46 | ...::get | sqlx.rs:66:26:66:46 | safe_query_3.as_str() | This query depends on a $@. | sqlx.rs:48:25:48:46 | ...::get | user-provided value | | sqlx.rs:67:26:67:48 | unsafe_query_1.as_str() | sqlx.rs:47:22:47:35 | ...::args | sqlx.rs:67:26:67:48 | unsafe_query_1.as_str() | This query depends on a $@. | sqlx.rs:47:22:47:35 | ...::args | user-provided value | | sqlx.rs:69:30:69:52 | unsafe_query_2.as_str() | sqlx.rs:48:25:48:46 | ...::get | sqlx.rs:69:30:69:52 | unsafe_query_2.as_str() | This query depends on a $@. | sqlx.rs:48:25:48:46 | ...::get | user-provided value | -| sqlx.rs:71:30:71:52 | unsafe_query_4.as_str() | sqlx.rs:48:25:48:46 | ...::get | sqlx.rs:71:30:71:52 | unsafe_query_4.as_str() | This query depends on a $@. | sqlx.rs:48:25:48:46 | ...::get | user-provided value | -| sqlx.rs:77:25:77:45 | safe_query_3.as_str() | sqlx.rs:48:25:48:46 | ...::get | sqlx.rs:77:25:77:45 | safe_query_3.as_str() | This query depends on a $@. | sqlx.rs:48:25:48:46 | ...::get | user-provided value | | sqlx.rs:78:25:78:47 | unsafe_query_1.as_str() | sqlx.rs:47:22:47:35 | ...::args | sqlx.rs:78:25:78:47 | unsafe_query_1.as_str() | This query depends on a $@. | sqlx.rs:47:22:47:35 | ...::args | user-provided value | | sqlx.rs:80:29:80:51 | unsafe_query_2.as_str() | sqlx.rs:48:25:48:46 | ...::get | sqlx.rs:80:29:80:51 | unsafe_query_2.as_str() | This query depends on a $@. | sqlx.rs:48:25:48:46 | ...::get | user-provided value | -| sqlx.rs:82:29:82:51 | unsafe_query_4.as_str() | sqlx.rs:48:25:48:46 | ...::get | sqlx.rs:82:29:82:51 | unsafe_query_4.as_str() | This query depends on a $@. | sqlx.rs:48:25:48:46 | ...::get | user-provided value | edges | sqlx.rs:47:9:47:18 | arg_string | sqlx.rs:53:27:53:36 | arg_string | provenance | | | sqlx.rs:47:22:47:35 | ...::args | sqlx.rs:47:22:47:37 | ...::args(...) [element] | provenance | Src:MaD:1 | -| sqlx.rs:47:22:47:37 | ...::args(...) [element] | sqlx.rs:47:22:47:44 | ... .nth(...) [Some] | provenance | MaD:10 | -| sqlx.rs:47:22:47:44 | ... .nth(...) [Some] | sqlx.rs:47:22:47:77 | ... .unwrap_or(...) | provenance | MaD:5 | +| sqlx.rs:47:22:47:37 | ...::args(...) [element] | sqlx.rs:47:22:47:44 | ... .nth(...) [Some] | provenance | MaD:7 | +| sqlx.rs:47:22:47:44 | ... .nth(...) [Some] | sqlx.rs:47:22:47:77 | ... .unwrap_or(...) | provenance | MaD:4 | | sqlx.rs:47:22:47:77 | ... .unwrap_or(...) | sqlx.rs:47:9:47:18 | arg_string | provenance | | -| sqlx.rs:48:9:48:21 | remote_string | sqlx.rs:49:25:49:52 | remote_string.parse() [Ok] | provenance | MaD:8 | | sqlx.rs:48:9:48:21 | remote_string | sqlx.rs:54:27:54:39 | remote_string | provenance | | -| sqlx.rs:48:9:48:21 | remote_string | sqlx.rs:59:17:59:72 | MacroExpr | provenance | | | sqlx.rs:48:25:48:46 | ...::get | sqlx.rs:48:25:48:69 | ...::get(...) [Ok] | provenance | Src:MaD:2 | -| sqlx.rs:48:25:48:69 | ...::get(...) [Ok] | sqlx.rs:48:25:48:78 | ... .unwrap() | provenance | MaD:6 | -| sqlx.rs:48:25:48:78 | ... .unwrap() | sqlx.rs:48:25:48:85 | ... .text() [Ok] | provenance | MaD:11 | -| sqlx.rs:48:25:48:85 | ... .text() [Ok] | sqlx.rs:48:25:48:118 | ... .unwrap_or(...) | provenance | MaD:7 | +| sqlx.rs:48:25:48:69 | ...::get(...) [Ok] | sqlx.rs:48:25:48:78 | ... .unwrap() | provenance | MaD:5 | +| sqlx.rs:48:25:48:78 | ... .unwrap() | sqlx.rs:48:25:48:85 | ... .text() [Ok] | provenance | MaD:8 | +| sqlx.rs:48:25:48:85 | ... .text() [Ok] | sqlx.rs:48:25:48:118 | ... .unwrap_or(...) | provenance | MaD:6 | | sqlx.rs:48:25:48:118 | ... .unwrap_or(...) | sqlx.rs:48:9:48:21 | remote_string | provenance | | -| sqlx.rs:49:9:49:21 | remote_number | sqlx.rs:52:32:52:87 | MacroExpr | provenance | | -| sqlx.rs:49:25:49:52 | remote_string.parse() [Ok] | sqlx.rs:49:25:49:65 | ... .unwrap_or(...) | provenance | MaD:7 | -| sqlx.rs:49:25:49:65 | ... .unwrap_or(...) | sqlx.rs:49:9:49:21 | remote_number | provenance | | -| sqlx.rs:52:9:52:20 | safe_query_3 | sqlx.rs:66:26:66:46 | safe_query_3.as_str() | provenance | MaD:3 | -| sqlx.rs:52:9:52:20 | safe_query_3 | sqlx.rs:77:25:77:45 | safe_query_3.as_str() | provenance | MaD:3 | -| sqlx.rs:52:24:52:88 | res | sqlx.rs:52:32:52:87 | { ... } | provenance | | -| sqlx.rs:52:32:52:87 | ...::format(...) | sqlx.rs:52:24:52:88 | res | provenance | | -| sqlx.rs:52:32:52:87 | ...::must_use(...) | sqlx.rs:52:9:52:20 | safe_query_3 | provenance | | -| sqlx.rs:52:32:52:87 | MacroExpr | sqlx.rs:52:32:52:87 | ...::format(...) | provenance | MaD:4 | -| sqlx.rs:52:32:52:87 | { ... } | sqlx.rs:52:32:52:87 | ...::must_use(...) | provenance | MaD:9 | | sqlx.rs:53:9:53:22 | unsafe_query_1 [&ref] | sqlx.rs:67:26:67:48 | unsafe_query_1.as_str() | provenance | MaD:3 | | sqlx.rs:53:9:53:22 | unsafe_query_1 [&ref] | sqlx.rs:78:25:78:47 | unsafe_query_1.as_str() | provenance | MaD:3 | | sqlx.rs:53:26:53:36 | &arg_string [&ref] | sqlx.rs:53:9:53:22 | unsafe_query_1 [&ref] | provenance | | @@ -39,25 +23,15 @@ edges | sqlx.rs:54:9:54:22 | unsafe_query_2 [&ref] | sqlx.rs:80:29:80:51 | unsafe_query_2.as_str() | provenance | MaD:3 | | sqlx.rs:54:26:54:39 | &remote_string [&ref] | sqlx.rs:54:9:54:22 | unsafe_query_2 [&ref] | provenance | | | sqlx.rs:54:27:54:39 | remote_string | sqlx.rs:54:26:54:39 | &remote_string [&ref] | provenance | | -| sqlx.rs:56:9:56:22 | unsafe_query_4 | sqlx.rs:71:30:71:52 | unsafe_query_4.as_str() | provenance | MaD:3 | -| sqlx.rs:56:9:56:22 | unsafe_query_4 | sqlx.rs:82:29:82:51 | unsafe_query_4.as_str() | provenance | MaD:3 | -| sqlx.rs:59:9:59:73 | res | sqlx.rs:59:17:59:72 | { ... } | provenance | | -| sqlx.rs:59:17:59:72 | ...::format(...) | sqlx.rs:59:9:59:73 | res | provenance | | -| sqlx.rs:59:17:59:72 | ...::must_use(...) | sqlx.rs:56:9:56:22 | unsafe_query_4 | provenance | | -| sqlx.rs:59:17:59:72 | MacroExpr | sqlx.rs:59:17:59:72 | ...::format(...) | provenance | MaD:4 | -| sqlx.rs:59:17:59:72 | { ... } | sqlx.rs:59:17:59:72 | ...::must_use(...) | provenance | MaD:9 | models | 1 | Source: lang:std; crate::env::args; commandargs; ReturnValue.Element | | 2 | Source: repo:https://github.com/seanmonstar/reqwest:reqwest; crate::blocking::get; remote; ReturnValue.Field[core::result::Result::Ok(0)] | | 3 | Summary: lang:alloc; ::as_str; Argument[self]; ReturnValue; value | -| 4 | Summary: lang:alloc; crate::fmt::format; Argument[0]; ReturnValue; taint | -| 5 | Summary: lang:core; ::unwrap_or; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value | -| 6 | Summary: lang:core; ::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value | -| 7 | Summary: lang:core; ::unwrap_or; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value | -| 8 | Summary: lang:core; ::parse; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | -| 9 | Summary: lang:core; crate::hint::must_use; Argument[0]; ReturnValue; value | -| 10 | Summary: lang:core; crate::iter::traits::iterator::Iterator::nth; Argument[self].Element; ReturnValue.Field[core::option::Option::Some(0)]; value | -| 11 | Summary: repo:https://github.com/seanmonstar/reqwest:reqwest; ::text; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | +| 4 | Summary: lang:core; ::unwrap_or; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value | +| 5 | Summary: lang:core; ::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value | +| 6 | Summary: lang:core; ::unwrap_or; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value | +| 7 | Summary: lang:core; crate::iter::traits::iterator::Iterator::nth; Argument[self].Element; ReturnValue.Field[core::option::Option::Some(0)]; value | +| 8 | Summary: repo:https://github.com/seanmonstar/reqwest:reqwest; ::text; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | nodes | sqlx.rs:47:9:47:18 | arg_string | semmle.label | arg_string | | sqlx.rs:47:22:47:35 | ...::args | semmle.label | ...::args | @@ -70,33 +44,14 @@ nodes | sqlx.rs:48:25:48:78 | ... .unwrap() | semmle.label | ... .unwrap() | | sqlx.rs:48:25:48:85 | ... .text() [Ok] | semmle.label | ... .text() [Ok] | | sqlx.rs:48:25:48:118 | ... .unwrap_or(...) | semmle.label | ... .unwrap_or(...) | -| sqlx.rs:49:9:49:21 | remote_number | semmle.label | remote_number | -| sqlx.rs:49:25:49:52 | remote_string.parse() [Ok] | semmle.label | remote_string.parse() [Ok] | -| sqlx.rs:49:25:49:65 | ... .unwrap_or(...) | semmle.label | ... .unwrap_or(...) | -| sqlx.rs:52:9:52:20 | safe_query_3 | semmle.label | safe_query_3 | -| sqlx.rs:52:24:52:88 | res | semmle.label | res | -| sqlx.rs:52:32:52:87 | ...::format(...) | semmle.label | ...::format(...) | -| sqlx.rs:52:32:52:87 | ...::must_use(...) | semmle.label | ...::must_use(...) | -| sqlx.rs:52:32:52:87 | MacroExpr | semmle.label | MacroExpr | -| sqlx.rs:52:32:52:87 | { ... } | semmle.label | { ... } | | sqlx.rs:53:9:53:22 | unsafe_query_1 [&ref] | semmle.label | unsafe_query_1 [&ref] | | sqlx.rs:53:26:53:36 | &arg_string [&ref] | semmle.label | &arg_string [&ref] | | sqlx.rs:53:27:53:36 | arg_string | semmle.label | arg_string | | sqlx.rs:54:9:54:22 | unsafe_query_2 [&ref] | semmle.label | unsafe_query_2 [&ref] | | sqlx.rs:54:26:54:39 | &remote_string [&ref] | semmle.label | &remote_string [&ref] | | sqlx.rs:54:27:54:39 | remote_string | semmle.label | remote_string | -| sqlx.rs:56:9:56:22 | unsafe_query_4 | semmle.label | unsafe_query_4 | -| sqlx.rs:59:9:59:73 | res | semmle.label | res | -| sqlx.rs:59:17:59:72 | ...::format(...) | semmle.label | ...::format(...) | -| sqlx.rs:59:17:59:72 | ...::must_use(...) | semmle.label | ...::must_use(...) | -| sqlx.rs:59:17:59:72 | MacroExpr | semmle.label | MacroExpr | -| sqlx.rs:59:17:59:72 | { ... } | semmle.label | { ... } | -| sqlx.rs:66:26:66:46 | safe_query_3.as_str() | semmle.label | safe_query_3.as_str() | | sqlx.rs:67:26:67:48 | unsafe_query_1.as_str() | semmle.label | unsafe_query_1.as_str() | | sqlx.rs:69:30:69:52 | unsafe_query_2.as_str() | semmle.label | unsafe_query_2.as_str() | -| sqlx.rs:71:30:71:52 | unsafe_query_4.as_str() | semmle.label | unsafe_query_4.as_str() | -| sqlx.rs:77:25:77:45 | safe_query_3.as_str() | semmle.label | safe_query_3.as_str() | | sqlx.rs:78:25:78:47 | unsafe_query_1.as_str() | semmle.label | unsafe_query_1.as_str() | | sqlx.rs:80:29:80:51 | unsafe_query_2.as_str() | semmle.label | unsafe_query_2.as_str() | -| sqlx.rs:82:29:82:51 | unsafe_query_4.as_str() | semmle.label | unsafe_query_4.as_str() | subpaths diff --git a/rust/ql/test/query-tests/security/CWE-089/sqlx.rs b/rust/ql/test/query-tests/security/CWE-089/sqlx.rs index 3de58350f20c..4d121e86fee7 100644 --- a/rust/ql/test/query-tests/security/CWE-089/sqlx.rs +++ b/rust/ql/test/query-tests/security/CWE-089/sqlx.rs @@ -63,23 +63,23 @@ async fn test_sqlx_mysql(url: &str, enable_remote: bool) -> Result<(), sqlx::Err // direct execution let _ = conn.execute(safe_query_1.as_str()).await?; // $ sql-sink let _ = conn.execute(safe_query_2.as_str()).await?; // $ sql-sink - let _ = conn.execute(safe_query_3.as_str()).await?; // $ sql-sink SPURIOUS: Alert[rust/sql-injection]=remote1 + let _ = conn.execute(safe_query_3.as_str()).await?; // $ sql-sink let _ = conn.execute(unsafe_query_1.as_str()).await?; // $ sql-sink Alert[rust/sql-injection]=args1 if enable_remote { let _ = conn.execute(unsafe_query_2.as_str()).await?; // $ sql-sink Alert[rust/sql-injection]=remote1 let _ = conn.execute(unsafe_query_3.as_str()).await?; // $ sql-sink MISSING: Alert[rust/sql-injection]=remote1 - let _ = conn.execute(unsafe_query_4.as_str()).await?; // $ sql-sink Alert[rust/sql-injection]=remote1 + let _ = conn.execute(unsafe_query_4.as_str()).await?; // $ sql-sink MISSING: Alert[rust/sql-injection]=remote1 } // prepared queries let _ = sqlx::query(safe_query_1.as_str()).execute(&pool).await?; // $ sql-sink let _ = sqlx::query(safe_query_2.as_str()).execute(&pool).await?; // $ sql-sink - let _ = sqlx::query(safe_query_3.as_str()).execute(&pool).await?; // $ sql-sink SPURIOUS: Alert[rust/sql-injection]=remote1 + let _ = sqlx::query(safe_query_3.as_str()).execute(&pool).await?; // $ sql-sink let _ = sqlx::query(unsafe_query_1.as_str()).execute(&pool).await?; // $ sql-sink Alert[rust/sql-injection]=args1 if enable_remote { let _ = sqlx::query(unsafe_query_2.as_str()).execute(&pool).await?; // $ sql-sink Alert[rust/sql-injection]=remote1 let _ = sqlx::query(unsafe_query_3.as_str()).execute(&pool).await?; // $ sql-sink MISSING: Alert[rust/sql-injection]=remote1 - let _ = sqlx::query(unsafe_query_4.as_str()).execute(&pool).await?; // $ sql-sink Alert[rust/sql-injection]=remote1 + let _ = sqlx::query(unsafe_query_4.as_str()).execute(&pool).await?; // $ sql-sink MISSING: Alert[rust/sql-injection]=remote1 } let _ = sqlx::query(prepared_query_1.as_str()).bind(const_string).execute(&pool).await?; // $ sql-sink let _ = sqlx::query(prepared_query_1.as_str()).bind(arg_string).execute(&pool).await?; // $ sql-sink diff --git a/rust/ql/test/query-tests/security/CWE-312/CleartextLogging.expected b/rust/ql/test/query-tests/security/CWE-312/CleartextLogging.expected index 2c6b8207b70f..b0dbd91436a9 100644 --- a/rust/ql/test/query-tests/security/CWE-312/CleartextLogging.expected +++ b/rust/ql/test/query-tests/security/CWE-312/CleartextLogging.expected @@ -48,242 +48,194 @@ | test_logging.rs:220:13:220:58 | ...::panic_fmt | test_logging.rs:220:50:220:57 | password | test_logging.rs:220:13:220:58 | ...::panic_fmt | This operation writes $@ to a log file. | test_logging.rs:220:50:220:57 | password | password | | test_logging.rs:223:13:223:60 | ...::assert_failed | test_logging.rs:223:52:223:59 | password | test_logging.rs:223:13:223:60 | ...::assert_failed | This operation writes $@ to a log file. | test_logging.rs:223:52:223:59 | password | password | | test_logging.rs:226:13:226:60 | ...::assert_failed | test_logging.rs:226:52:226:59 | password | test_logging.rs:226:13:226:60 | ...::assert_failed | This operation writes $@ to a log file. | test_logging.rs:226:52:226:59 | password | password | -| test_logging.rs:229:23:229:28 | expect | test_logging.rs:229:54:229:61 | password | test_logging.rs:229:23:229:28 | expect | This operation writes $@ to a log file. | test_logging.rs:229:54:229:61 | password | password | -| test_logging.rs:229:23:229:28 | expect | test_logging.rs:229:54:229:61 | password | test_logging.rs:229:23:229:28 | expect | This operation writes $@ to a log file. | test_logging.rs:229:54:229:61 | password | password | -| test_logging.rs:242:10:242:14 | write | test_logging.rs:242:42:242:49 | password | test_logging.rs:242:10:242:14 | write | This operation writes $@ to a log file. | test_logging.rs:242:42:242:49 | password | password | -| test_logging.rs:245:10:245:18 | write_all | test_logging.rs:245:46:245:53 | password | test_logging.rs:245:10:245:18 | write_all | This operation writes $@ to a log file. | test_logging.rs:245:46:245:53 | password | password | -| test_logging.rs:248:9:248:13 | write | test_logging.rs:248:41:248:48 | password | test_logging.rs:248:9:248:13 | write | This operation writes $@ to a log file. | test_logging.rs:248:41:248:48 | password | password | -| test_logging.rs:251:9:251:13 | write | test_logging.rs:251:41:251:48 | password | test_logging.rs:251:9:251:13 | write | This operation writes $@ to a log file. | test_logging.rs:251:41:251:48 | password | password | edges -| test_logging.rs:42:12:42:35 | MacroExpr | test_logging.rs:42:5:42:36 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:42:12:42:35 | MacroExpr | test_logging.rs:42:5:42:36 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:42:28:42:35 | password | test_logging.rs:42:12:42:35 | MacroExpr | provenance | | -| test_logging.rs:43:12:43:35 | MacroExpr | test_logging.rs:43:5:43:36 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:43:12:43:35 | MacroExpr | test_logging.rs:43:5:43:36 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:43:28:43:35 | password | test_logging.rs:43:12:43:35 | MacroExpr | provenance | | -| test_logging.rs:44:11:44:34 | MacroExpr | test_logging.rs:44:5:44:35 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:44:11:44:34 | MacroExpr | test_logging.rs:44:5:44:35 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:44:27:44:34 | password | test_logging.rs:44:11:44:34 | MacroExpr | provenance | | -| test_logging.rs:45:12:45:35 | MacroExpr | test_logging.rs:45:5:45:36 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:45:12:45:35 | MacroExpr | test_logging.rs:45:5:45:36 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:45:28:45:35 | password | test_logging.rs:45:12:45:35 | MacroExpr | provenance | | -| test_logging.rs:46:11:46:34 | MacroExpr | test_logging.rs:46:5:46:35 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:46:11:46:34 | MacroExpr | test_logging.rs:46:5:46:35 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:46:27:46:34 | password | test_logging.rs:46:11:46:34 | MacroExpr | provenance | | -| test_logging.rs:47:24:47:47 | MacroExpr | test_logging.rs:47:5:47:48 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:47:24:47:47 | MacroExpr | test_logging.rs:47:5:47:48 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:47:40:47:47 | password | test_logging.rs:47:24:47:47 | MacroExpr | provenance | | -| test_logging.rs:52:12:52:35 | MacroExpr | test_logging.rs:52:5:52:36 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:52:12:52:35 | MacroExpr | test_logging.rs:52:5:52:36 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:52:28:52:35 | password | test_logging.rs:52:12:52:35 | MacroExpr | provenance | | -| test_logging.rs:54:12:54:48 | MacroExpr | test_logging.rs:54:5:54:49 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:54:12:54:48 | MacroExpr | test_logging.rs:54:5:54:49 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:54:41:54:48 | password | test_logging.rs:54:12:54:48 | MacroExpr | provenance | | -| test_logging.rs:56:12:56:46 | MacroExpr | test_logging.rs:56:5:56:47 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:56:12:56:46 | MacroExpr | test_logging.rs:56:5:56:47 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:56:39:56:46 | password | test_logging.rs:56:12:56:46 | MacroExpr | provenance | | -| test_logging.rs:57:12:57:33 | MacroExpr | test_logging.rs:57:5:57:34 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:57:12:57:33 | MacroExpr | test_logging.rs:57:5:57:34 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:57:24:57:31 | password | test_logging.rs:57:12:57:33 | MacroExpr | provenance | | -| test_logging.rs:58:12:58:35 | MacroExpr | test_logging.rs:58:5:58:36 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:58:12:58:35 | MacroExpr | test_logging.rs:58:5:58:36 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:58:24:58:31 | password | test_logging.rs:58:12:58:35 | MacroExpr | provenance | | -| test_logging.rs:60:30:60:53 | MacroExpr | test_logging.rs:60:5:60:54 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:60:30:60:53 | MacroExpr | test_logging.rs:60:5:60:54 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:60:46:60:53 | password | test_logging.rs:60:30:60:53 | MacroExpr | provenance | | -| test_logging.rs:61:20:61:28 | &... [&ref, tuple.0, &ref] | test_logging.rs:61:5:61:55 | ...::log | provenance | MaD:15 Sink:MaD:15 Sink:MaD:15 | -| test_logging.rs:61:20:61:28 | &... [&ref, tuple.0, &ref] | test_logging.rs:61:5:61:55 | ...::log | provenance | MaD:15 Sink:MaD:15 Sink:MaD:15 Sink:MaD:15 | -| test_logging.rs:61:20:61:28 | &... [&ref, tuple.0] | test_logging.rs:61:5:61:55 | ...::log | provenance | MaD:15 Sink:MaD:15 Sink:MaD:15 | +| test_logging.rs:61:20:61:28 | &... [&ref, tuple.0, &ref] | test_logging.rs:61:5:61:55 | ...::log | provenance | MaD:11 Sink:MaD:11 Sink:MaD:11 | +| test_logging.rs:61:20:61:28 | &... [&ref, tuple.0, &ref] | test_logging.rs:61:5:61:55 | ...::log | provenance | MaD:11 Sink:MaD:11 Sink:MaD:11 Sink:MaD:11 | +| test_logging.rs:61:20:61:28 | &... [&ref, tuple.0] | test_logging.rs:61:5:61:55 | ...::log | provenance | MaD:11 Sink:MaD:11 Sink:MaD:11 | | test_logging.rs:61:20:61:28 | &password | test_logging.rs:61:20:61:28 | TupleExpr [tuple.0] | provenance | | | test_logging.rs:61:20:61:28 | &password [&ref] | test_logging.rs:61:20:61:28 | TupleExpr [tuple.0, &ref] | provenance | | | test_logging.rs:61:20:61:28 | TupleExpr [tuple.0, &ref] | test_logging.rs:61:20:61:28 | &... [&ref, tuple.0, &ref] | provenance | | | test_logging.rs:61:20:61:28 | TupleExpr [tuple.0] | test_logging.rs:61:20:61:28 | &... [&ref, tuple.0] | provenance | | | test_logging.rs:61:21:61:28 | password | test_logging.rs:61:20:61:28 | &password | provenance | Config | | test_logging.rs:61:21:61:28 | password | test_logging.rs:61:20:61:28 | &password [&ref] | provenance | | -| test_logging.rs:65:24:65:47 | MacroExpr | test_logging.rs:65:5:65:48 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:65:24:65:47 | MacroExpr | test_logging.rs:65:5:65:48 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:65:40:65:47 | password | test_logging.rs:65:24:65:47 | MacroExpr | provenance | | -| test_logging.rs:67:42:67:65 | MacroExpr | test_logging.rs:67:5:67:66 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:67:42:67:65 | MacroExpr | test_logging.rs:67:5:67:66 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:67:58:67:65 | password | test_logging.rs:67:42:67:65 | MacroExpr | provenance | | -| test_logging.rs:68:18:68:26 | &... [&ref, tuple.0, &ref] | test_logging.rs:68:5:68:67 | ...::log | provenance | MaD:15 Sink:MaD:15 Sink:MaD:15 | -| test_logging.rs:68:18:68:26 | &... [&ref, tuple.0, &ref] | test_logging.rs:68:5:68:67 | ...::log | provenance | MaD:15 Sink:MaD:15 Sink:MaD:15 Sink:MaD:15 | -| test_logging.rs:68:18:68:26 | &... [&ref, tuple.0] | test_logging.rs:68:5:68:67 | ...::log | provenance | MaD:15 Sink:MaD:15 Sink:MaD:15 | +| test_logging.rs:68:18:68:26 | &... [&ref, tuple.0, &ref] | test_logging.rs:68:5:68:67 | ...::log | provenance | MaD:11 Sink:MaD:11 Sink:MaD:11 | +| test_logging.rs:68:18:68:26 | &... [&ref, tuple.0, &ref] | test_logging.rs:68:5:68:67 | ...::log | provenance | MaD:11 Sink:MaD:11 Sink:MaD:11 Sink:MaD:11 | +| test_logging.rs:68:18:68:26 | &... [&ref, tuple.0] | test_logging.rs:68:5:68:67 | ...::log | provenance | MaD:11 Sink:MaD:11 Sink:MaD:11 | | test_logging.rs:68:18:68:26 | &password | test_logging.rs:68:18:68:26 | TupleExpr [tuple.0] | provenance | | | test_logging.rs:68:18:68:26 | &password [&ref] | test_logging.rs:68:18:68:26 | TupleExpr [tuple.0, &ref] | provenance | | | test_logging.rs:68:18:68:26 | TupleExpr [tuple.0, &ref] | test_logging.rs:68:18:68:26 | &... [&ref, tuple.0, &ref] | provenance | | | test_logging.rs:68:18:68:26 | TupleExpr [tuple.0] | test_logging.rs:68:18:68:26 | &... [&ref, tuple.0] | provenance | | | test_logging.rs:68:19:68:26 | password | test_logging.rs:68:18:68:26 | &password | provenance | Config | | test_logging.rs:68:19:68:26 | password | test_logging.rs:68:18:68:26 | &password [&ref] | provenance | | -| test_logging.rs:72:23:72:46 | MacroExpr | test_logging.rs:72:5:72:47 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:72:23:72:46 | MacroExpr | test_logging.rs:72:5:72:47 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:72:39:72:46 | password | test_logging.rs:72:23:72:46 | MacroExpr | provenance | | -| test_logging.rs:74:41:74:64 | MacroExpr | test_logging.rs:74:5:74:65 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:74:41:74:64 | MacroExpr | test_logging.rs:74:5:74:65 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:74:57:74:64 | password | test_logging.rs:74:41:74:64 | MacroExpr | provenance | | -| test_logging.rs:75:20:75:28 | &... [&ref, tuple.0, &ref] | test_logging.rs:75:5:75:51 | ...::log | provenance | MaD:15 Sink:MaD:15 Sink:MaD:15 | -| test_logging.rs:75:20:75:28 | &... [&ref, tuple.0, &ref] | test_logging.rs:75:5:75:51 | ...::log | provenance | MaD:15 Sink:MaD:15 Sink:MaD:15 Sink:MaD:15 | -| test_logging.rs:75:20:75:28 | &... [&ref, tuple.0] | test_logging.rs:75:5:75:51 | ...::log | provenance | MaD:15 Sink:MaD:15 Sink:MaD:15 | +| test_logging.rs:75:20:75:28 | &... [&ref, tuple.0, &ref] | test_logging.rs:75:5:75:51 | ...::log | provenance | MaD:11 Sink:MaD:11 Sink:MaD:11 | +| test_logging.rs:75:20:75:28 | &... [&ref, tuple.0, &ref] | test_logging.rs:75:5:75:51 | ...::log | provenance | MaD:11 Sink:MaD:11 Sink:MaD:11 Sink:MaD:11 | +| test_logging.rs:75:20:75:28 | &... [&ref, tuple.0] | test_logging.rs:75:5:75:51 | ...::log | provenance | MaD:11 Sink:MaD:11 Sink:MaD:11 | | test_logging.rs:75:20:75:28 | &password | test_logging.rs:75:20:75:28 | TupleExpr [tuple.0] | provenance | | | test_logging.rs:75:20:75:28 | &password [&ref] | test_logging.rs:75:20:75:28 | TupleExpr [tuple.0, &ref] | provenance | | | test_logging.rs:75:20:75:28 | TupleExpr [tuple.0, &ref] | test_logging.rs:75:20:75:28 | &... [&ref, tuple.0, &ref] | provenance | | | test_logging.rs:75:20:75:28 | TupleExpr [tuple.0] | test_logging.rs:75:20:75:28 | &... [&ref, tuple.0] | provenance | | | test_logging.rs:75:21:75:28 | password | test_logging.rs:75:20:75:28 | &password | provenance | Config | | test_logging.rs:75:21:75:28 | password | test_logging.rs:75:20:75:28 | &password [&ref] | provenance | | -| test_logging.rs:76:23:76:46 | MacroExpr | test_logging.rs:76:5:76:47 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:76:23:76:46 | MacroExpr | test_logging.rs:76:5:76:47 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:76:39:76:46 | password | test_logging.rs:76:23:76:46 | MacroExpr | provenance | | -| test_logging.rs:82:20:82:43 | MacroExpr | test_logging.rs:82:5:82:44 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:82:20:82:43 | MacroExpr | test_logging.rs:82:5:82:44 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:82:36:82:43 | password | test_logging.rs:82:20:82:43 | MacroExpr | provenance | | -| test_logging.rs:84:38:84:61 | MacroExpr | test_logging.rs:84:5:84:62 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:84:38:84:61 | MacroExpr | test_logging.rs:84:5:84:62 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:84:54:84:61 | password | test_logging.rs:84:38:84:61 | MacroExpr | provenance | | -| test_logging.rs:85:20:85:28 | &... [&ref, tuple.0, &ref] | test_logging.rs:85:5:85:48 | ...::log | provenance | MaD:15 Sink:MaD:15 Sink:MaD:15 | -| test_logging.rs:85:20:85:28 | &... [&ref, tuple.0, &ref] | test_logging.rs:85:5:85:48 | ...::log | provenance | MaD:15 Sink:MaD:15 Sink:MaD:15 Sink:MaD:15 | -| test_logging.rs:85:20:85:28 | &... [&ref, tuple.0] | test_logging.rs:85:5:85:48 | ...::log | provenance | MaD:15 Sink:MaD:15 Sink:MaD:15 | +| test_logging.rs:85:20:85:28 | &... [&ref, tuple.0, &ref] | test_logging.rs:85:5:85:48 | ...::log | provenance | MaD:11 Sink:MaD:11 Sink:MaD:11 | +| test_logging.rs:85:20:85:28 | &... [&ref, tuple.0, &ref] | test_logging.rs:85:5:85:48 | ...::log | provenance | MaD:11 Sink:MaD:11 Sink:MaD:11 Sink:MaD:11 | +| test_logging.rs:85:20:85:28 | &... [&ref, tuple.0] | test_logging.rs:85:5:85:48 | ...::log | provenance | MaD:11 Sink:MaD:11 Sink:MaD:11 | | test_logging.rs:85:20:85:28 | &password | test_logging.rs:85:20:85:28 | TupleExpr [tuple.0] | provenance | | | test_logging.rs:85:20:85:28 | &password [&ref] | test_logging.rs:85:20:85:28 | TupleExpr [tuple.0, &ref] | provenance | | | test_logging.rs:85:20:85:28 | TupleExpr [tuple.0, &ref] | test_logging.rs:85:20:85:28 | &... [&ref, tuple.0, &ref] | provenance | | | test_logging.rs:85:20:85:28 | TupleExpr [tuple.0] | test_logging.rs:85:20:85:28 | &... [&ref, tuple.0] | provenance | | | test_logging.rs:85:21:85:28 | password | test_logging.rs:85:20:85:28 | &password | provenance | Config | | test_logging.rs:85:21:85:28 | password | test_logging.rs:85:20:85:28 | &password [&ref] | provenance | | -| test_logging.rs:86:20:86:43 | MacroExpr | test_logging.rs:86:5:86:44 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:86:20:86:43 | MacroExpr | test_logging.rs:86:5:86:44 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:86:36:86:43 | password | test_logging.rs:86:20:86:43 | MacroExpr | provenance | | | test_logging.rs:93:9:93:10 | m1 | test_logging.rs:94:11:94:28 | MacroExpr | provenance | | | test_logging.rs:93:14:93:22 | &password | test_logging.rs:93:9:93:10 | m1 | provenance | | | test_logging.rs:93:15:93:22 | password | test_logging.rs:93:14:93:22 | &password | provenance | Config | -| test_logging.rs:94:11:94:28 | MacroExpr | test_logging.rs:94:5:94:29 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:94:11:94:28 | MacroExpr | test_logging.rs:94:5:94:29 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:96:9:96:10 | m2 | test_logging.rs:97:11:97:18 | MacroExpr | provenance | | | test_logging.rs:96:41:96:49 | &password | test_logging.rs:96:9:96:10 | m2 | provenance | | | test_logging.rs:96:42:96:49 | password | test_logging.rs:96:41:96:49 | &password | provenance | Config | -| test_logging.rs:97:11:97:18 | MacroExpr | test_logging.rs:97:5:97:19 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:97:11:97:18 | MacroExpr | test_logging.rs:97:5:97:19 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:99:9:99:10 | m3 | test_logging.rs:100:11:100:18 | MacroExpr | provenance | | | test_logging.rs:99:14:99:46 | res | test_logging.rs:99:22:99:45 | { ... } | provenance | | | test_logging.rs:99:22:99:45 | ...::format(...) | test_logging.rs:99:14:99:46 | res | provenance | | | test_logging.rs:99:22:99:45 | ...::must_use(...) | test_logging.rs:99:9:99:10 | m3 | provenance | | -| test_logging.rs:99:22:99:45 | MacroExpr | test_logging.rs:99:22:99:45 | ...::format(...) | provenance | MaD:18 | -| test_logging.rs:99:22:99:45 | { ... } | test_logging.rs:99:22:99:45 | ...::must_use(...) | provenance | MaD:19 | +| test_logging.rs:99:22:99:45 | MacroExpr | test_logging.rs:99:22:99:45 | ...::format(...) | provenance | MaD:12 | +| test_logging.rs:99:22:99:45 | { ... } | test_logging.rs:99:22:99:45 | ...::must_use(...) | provenance | MaD:13 | | test_logging.rs:99:38:99:45 | password | test_logging.rs:99:22:99:45 | MacroExpr | provenance | | -| test_logging.rs:100:11:100:18 | MacroExpr | test_logging.rs:100:5:100:19 | ...::log | provenance | MaD:14 Sink:MaD:14 | -| test_logging.rs:118:12:118:41 | MacroExpr | test_logging.rs:118:5:118:42 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:100:11:100:18 | MacroExpr | test_logging.rs:100:5:100:19 | ...::log | provenance | MaD:10 Sink:MaD:10 | +| test_logging.rs:118:12:118:41 | MacroExpr | test_logging.rs:118:5:118:42 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:118:28:118:41 | get_password(...) | test_logging.rs:118:12:118:41 | MacroExpr | provenance | | | test_logging.rs:129:9:129:10 | t1 [tuple.1] | test_logging.rs:131:28:131:29 | t1 [tuple.1] | provenance | | | test_logging.rs:129:14:129:33 | TupleExpr [tuple.1] | test_logging.rs:129:9:129:10 | t1 [tuple.1] | provenance | | | test_logging.rs:129:25:129:32 | password | test_logging.rs:129:14:129:33 | TupleExpr [tuple.1] | provenance | | -| test_logging.rs:131:12:131:31 | MacroExpr | test_logging.rs:131:5:131:32 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:131:12:131:31 | MacroExpr | test_logging.rs:131:5:131:32 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:131:28:131:29 | t1 [tuple.1] | test_logging.rs:131:28:131:31 | t1.1 | provenance | | | test_logging.rs:131:28:131:31 | t1.1 | test_logging.rs:131:12:131:31 | MacroExpr | provenance | | -| test_logging.rs:141:11:141:37 | MacroExpr | test_logging.rs:141:5:141:38 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:141:11:141:37 | MacroExpr | test_logging.rs:141:5:141:38 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:141:27:141:37 | s1.password | test_logging.rs:141:11:141:37 | MacroExpr | provenance | | -| test_logging.rs:151:11:151:37 | MacroExpr | test_logging.rs:151:5:151:38 | ...::log | provenance | MaD:14 Sink:MaD:14 | +| test_logging.rs:151:11:151:37 | MacroExpr | test_logging.rs:151:5:151:38 | ...::log | provenance | MaD:10 Sink:MaD:10 | | test_logging.rs:151:27:151:37 | s2.password | test_logging.rs:151:11:151:37 | MacroExpr | provenance | | -| test_logging.rs:176:33:176:79 | &... | test_logging.rs:176:22:176:31 | log_expect | provenance | MaD:10 Sink:MaD:10 | -| test_logging.rs:176:33:176:79 | &... [&ref] | test_logging.rs:176:22:176:31 | log_expect | provenance | MaD:10 Sink:MaD:10 | +| test_logging.rs:176:33:176:79 | &... | test_logging.rs:176:22:176:31 | log_expect | provenance | MaD:6 Sink:MaD:6 | +| test_logging.rs:176:33:176:79 | &... [&ref] | test_logging.rs:176:22:176:31 | log_expect | provenance | MaD:6 Sink:MaD:6 | | test_logging.rs:176:34:176:79 | MacroExpr | test_logging.rs:176:33:176:79 | &... | provenance | Config | | test_logging.rs:176:34:176:79 | MacroExpr | test_logging.rs:176:33:176:79 | &... [&ref] | provenance | | | test_logging.rs:176:34:176:79 | res | test_logging.rs:176:42:176:78 | { ... } | provenance | | | test_logging.rs:176:42:176:78 | ...::format(...) | test_logging.rs:176:34:176:79 | res | provenance | | | test_logging.rs:176:42:176:78 | ...::must_use(...) | test_logging.rs:176:34:176:79 | MacroExpr | provenance | | -| test_logging.rs:176:42:176:78 | MacroExpr | test_logging.rs:176:42:176:78 | ...::format(...) | provenance | MaD:18 | -| test_logging.rs:176:42:176:78 | { ... } | test_logging.rs:176:42:176:78 | ...::must_use(...) | provenance | MaD:19 | +| test_logging.rs:176:42:176:78 | MacroExpr | test_logging.rs:176:42:176:78 | ...::format(...) | provenance | MaD:12 | +| test_logging.rs:176:42:176:78 | { ... } | test_logging.rs:176:42:176:78 | ...::must_use(...) | provenance | MaD:13 | | test_logging.rs:176:70:176:78 | password2 | test_logging.rs:176:42:176:78 | MacroExpr | provenance | | -| test_logging.rs:180:35:180:81 | &... | test_logging.rs:180:24:180:33 | log_expect | provenance | MaD:11 Sink:MaD:11 | -| test_logging.rs:180:35:180:81 | &... [&ref] | test_logging.rs:180:24:180:33 | log_expect | provenance | MaD:11 Sink:MaD:11 | +| test_logging.rs:180:35:180:81 | &... | test_logging.rs:180:24:180:33 | log_expect | provenance | MaD:7 Sink:MaD:7 | +| test_logging.rs:180:35:180:81 | &... [&ref] | test_logging.rs:180:24:180:33 | log_expect | provenance | MaD:7 Sink:MaD:7 | | test_logging.rs:180:36:180:81 | MacroExpr | test_logging.rs:180:35:180:81 | &... | provenance | Config | | test_logging.rs:180:36:180:81 | MacroExpr | test_logging.rs:180:35:180:81 | &... [&ref] | provenance | | | test_logging.rs:180:36:180:81 | res | test_logging.rs:180:44:180:80 | { ... } | provenance | | | test_logging.rs:180:44:180:80 | ...::format(...) | test_logging.rs:180:36:180:81 | res | provenance | | | test_logging.rs:180:44:180:80 | ...::must_use(...) | test_logging.rs:180:36:180:81 | MacroExpr | provenance | | -| test_logging.rs:180:44:180:80 | MacroExpr | test_logging.rs:180:44:180:80 | ...::format(...) | provenance | MaD:18 | -| test_logging.rs:180:44:180:80 | { ... } | test_logging.rs:180:44:180:80 | ...::must_use(...) | provenance | MaD:19 | +| test_logging.rs:180:44:180:80 | MacroExpr | test_logging.rs:180:44:180:80 | ...::format(...) | provenance | MaD:12 | +| test_logging.rs:180:44:180:80 | { ... } | test_logging.rs:180:44:180:80 | ...::must_use(...) | provenance | MaD:13 | | test_logging.rs:180:72:180:80 | password2 | test_logging.rs:180:44:180:80 | MacroExpr | provenance | | | test_logging.rs:183:9:183:19 | err_result2 [Err] | test_logging.rs:184:13:184:23 | err_result2 [Err] | provenance | | | test_logging.rs:183:47:183:68 | Err(...) [Err] | test_logging.rs:183:9:183:19 | err_result2 [Err] | provenance | | | test_logging.rs:183:51:183:59 | password2 | test_logging.rs:183:51:183:67 | password2.clone() | provenance | generated | | test_logging.rs:183:51:183:67 | password2.clone() | test_logging.rs:183:47:183:68 | Err(...) [Err] | provenance | | -| test_logging.rs:184:13:184:23 | err_result2 [Err] | test_logging.rs:184:25:184:34 | log_expect | provenance | MaD:12 Sink:MaD:12 | +| test_logging.rs:184:13:184:23 | err_result2 [Err] | test_logging.rs:184:25:184:34 | log_expect | provenance | MaD:8 Sink:MaD:8 | | test_logging.rs:187:9:187:19 | err_result3 [Err] | test_logging.rs:188:13:188:23 | err_result3 [Err] | provenance | | | test_logging.rs:187:47:187:60 | Err(...) [Err] | test_logging.rs:187:9:187:19 | err_result3 [Err] | provenance | | | test_logging.rs:187:51:187:59 | password2 | test_logging.rs:187:47:187:60 | Err(...) [Err] | provenance | | -| test_logging.rs:188:13:188:23 | err_result3 [Err] | test_logging.rs:188:25:188:34 | log_unwrap | provenance | MaD:13 Sink:MaD:13 | -| test_logging.rs:192:12:192:37 | MacroExpr | test_logging.rs:192:5:192:38 | ...::_print | provenance | MaD:9 Sink:MaD:9 | +| test_logging.rs:188:13:188:23 | err_result3 [Err] | test_logging.rs:188:25:188:34 | log_unwrap | provenance | MaD:9 Sink:MaD:9 | +| test_logging.rs:192:12:192:37 | MacroExpr | test_logging.rs:192:5:192:38 | ...::_print | provenance | MaD:5 Sink:MaD:5 | | test_logging.rs:192:30:192:37 | password | test_logging.rs:192:12:192:37 | MacroExpr | provenance | | -| test_logging.rs:193:14:193:37 | MacroExpr | test_logging.rs:193:5:193:38 | ...::_print | provenance | MaD:9 Sink:MaD:9 | +| test_logging.rs:193:14:193:37 | MacroExpr | test_logging.rs:193:5:193:38 | ...::_print | provenance | MaD:5 Sink:MaD:5 | | test_logging.rs:193:30:193:37 | password | test_logging.rs:193:14:193:37 | MacroExpr | provenance | | -| test_logging.rs:194:13:194:38 | MacroExpr | test_logging.rs:194:5:194:39 | ...::_eprint | provenance | MaD:8 Sink:MaD:8 | +| test_logging.rs:194:13:194:38 | MacroExpr | test_logging.rs:194:5:194:39 | ...::_eprint | provenance | MaD:4 Sink:MaD:4 | | test_logging.rs:194:31:194:38 | password | test_logging.rs:194:13:194:38 | MacroExpr | provenance | | -| test_logging.rs:195:15:195:38 | MacroExpr | test_logging.rs:195:5:195:39 | ...::_eprint | provenance | MaD:8 Sink:MaD:8 | +| test_logging.rs:195:15:195:38 | MacroExpr | test_logging.rs:195:5:195:39 | ...::_eprint | provenance | MaD:4 Sink:MaD:4 | | test_logging.rs:195:31:195:38 | password | test_logging.rs:195:15:195:38 | MacroExpr | provenance | | -| test_logging.rs:199:20:199:43 | MacroExpr | test_logging.rs:199:13:199:44 | ...::panic_fmt | provenance | MaD:4 Sink:MaD:4 | +| test_logging.rs:199:20:199:43 | MacroExpr | test_logging.rs:199:13:199:44 | ...::panic_fmt | provenance | MaD:3 Sink:MaD:3 | | test_logging.rs:199:36:199:43 | password | test_logging.rs:199:20:199:43 | MacroExpr | provenance | | -| test_logging.rs:202:19:202:42 | MacroExpr | test_logging.rs:202:13:202:43 | ...::panic_fmt | provenance | MaD:4 Sink:MaD:4 | +| test_logging.rs:202:19:202:42 | MacroExpr | test_logging.rs:202:13:202:43 | ...::panic_fmt | provenance | MaD:3 Sink:MaD:3 | | test_logging.rs:202:35:202:42 | password | test_logging.rs:202:19:202:42 | MacroExpr | provenance | | -| test_logging.rs:205:28:205:51 | MacroExpr | test_logging.rs:205:13:205:52 | ...::panic_fmt | provenance | MaD:4 Sink:MaD:4 | +| test_logging.rs:205:28:205:51 | MacroExpr | test_logging.rs:205:13:205:52 | ...::panic_fmt | provenance | MaD:3 Sink:MaD:3 | | test_logging.rs:205:44:205:51 | password | test_logging.rs:205:28:205:51 | MacroExpr | provenance | | -| test_logging.rs:208:26:208:49 | MacroExpr | test_logging.rs:208:13:208:50 | ...::panic_fmt | provenance | MaD:4 Sink:MaD:4 | +| test_logging.rs:208:26:208:49 | MacroExpr | test_logging.rs:208:13:208:50 | ...::panic_fmt | provenance | MaD:3 Sink:MaD:3 | | test_logging.rs:208:42:208:49 | password | test_logging.rs:208:26:208:49 | MacroExpr | provenance | | -| test_logging.rs:211:28:211:51 | MacroExpr | test_logging.rs:211:13:211:52 | ...::panic_fmt | provenance | MaD:4 Sink:MaD:4 | +| test_logging.rs:211:28:211:51 | MacroExpr | test_logging.rs:211:13:211:52 | ...::panic_fmt | provenance | MaD:3 Sink:MaD:3 | | test_logging.rs:211:44:211:51 | password | test_logging.rs:211:28:211:51 | MacroExpr | provenance | | -| test_logging.rs:214:13:214:54 | ...::assert_failed [Some] | test_logging.rs:214:13:214:54 | ...::assert_failed | provenance | Sink:MaD:3 | -| test_logging.rs:214:30:214:53 | ...::Some(...) [Some] | test_logging.rs:214:13:214:54 | ...::assert_failed | provenance | MaD:3 Sink:MaD:3 | -| test_logging.rs:214:30:214:53 | ...::Some(...) [Some] | test_logging.rs:214:13:214:54 | ...::assert_failed [Some] | provenance | MaD:2 | +| test_logging.rs:214:13:214:54 | ...::assert_failed [Some] | test_logging.rs:214:13:214:54 | ...::assert_failed | provenance | Sink:MaD:2 | +| test_logging.rs:214:30:214:53 | ...::Some(...) [Some] | test_logging.rs:214:13:214:54 | ...::assert_failed | provenance | MaD:2 Sink:MaD:2 | +| test_logging.rs:214:30:214:53 | ...::Some(...) [Some] | test_logging.rs:214:13:214:54 | ...::assert_failed [Some] | provenance | MaD:1 | | test_logging.rs:214:30:214:53 | MacroExpr | test_logging.rs:214:30:214:53 | ...::Some(...) [Some] | provenance | | | test_logging.rs:214:46:214:53 | password | test_logging.rs:214:30:214:53 | MacroExpr | provenance | | -| test_logging.rs:217:13:217:54 | ...::assert_failed [Some] | test_logging.rs:217:13:217:54 | ...::assert_failed | provenance | Sink:MaD:3 | -| test_logging.rs:217:30:217:53 | ...::Some(...) [Some] | test_logging.rs:217:13:217:54 | ...::assert_failed | provenance | MaD:3 Sink:MaD:3 | -| test_logging.rs:217:30:217:53 | ...::Some(...) [Some] | test_logging.rs:217:13:217:54 | ...::assert_failed [Some] | provenance | MaD:2 | +| test_logging.rs:217:13:217:54 | ...::assert_failed [Some] | test_logging.rs:217:13:217:54 | ...::assert_failed | provenance | Sink:MaD:2 | +| test_logging.rs:217:30:217:53 | ...::Some(...) [Some] | test_logging.rs:217:13:217:54 | ...::assert_failed | provenance | MaD:2 Sink:MaD:2 | +| test_logging.rs:217:30:217:53 | ...::Some(...) [Some] | test_logging.rs:217:13:217:54 | ...::assert_failed [Some] | provenance | MaD:1 | | test_logging.rs:217:30:217:53 | MacroExpr | test_logging.rs:217:30:217:53 | ...::Some(...) [Some] | provenance | | | test_logging.rs:217:46:217:53 | password | test_logging.rs:217:30:217:53 | MacroExpr | provenance | | -| test_logging.rs:220:34:220:57 | MacroExpr | test_logging.rs:220:13:220:58 | ...::panic_fmt | provenance | MaD:4 Sink:MaD:4 | +| test_logging.rs:220:34:220:57 | MacroExpr | test_logging.rs:220:13:220:58 | ...::panic_fmt | provenance | MaD:3 Sink:MaD:3 | | test_logging.rs:220:50:220:57 | password | test_logging.rs:220:34:220:57 | MacroExpr | provenance | | -| test_logging.rs:223:13:223:60 | ...::assert_failed [Some] | test_logging.rs:223:13:223:60 | ...::assert_failed | provenance | Sink:MaD:3 | -| test_logging.rs:223:36:223:59 | ...::Some(...) [Some] | test_logging.rs:223:13:223:60 | ...::assert_failed | provenance | MaD:3 Sink:MaD:3 | -| test_logging.rs:223:36:223:59 | ...::Some(...) [Some] | test_logging.rs:223:13:223:60 | ...::assert_failed [Some] | provenance | MaD:2 | +| test_logging.rs:223:13:223:60 | ...::assert_failed [Some] | test_logging.rs:223:13:223:60 | ...::assert_failed | provenance | Sink:MaD:2 | +| test_logging.rs:223:36:223:59 | ...::Some(...) [Some] | test_logging.rs:223:13:223:60 | ...::assert_failed | provenance | MaD:2 Sink:MaD:2 | +| test_logging.rs:223:36:223:59 | ...::Some(...) [Some] | test_logging.rs:223:13:223:60 | ...::assert_failed [Some] | provenance | MaD:1 | | test_logging.rs:223:36:223:59 | MacroExpr | test_logging.rs:223:36:223:59 | ...::Some(...) [Some] | provenance | | | test_logging.rs:223:52:223:59 | password | test_logging.rs:223:36:223:59 | MacroExpr | provenance | | -| test_logging.rs:226:13:226:60 | ...::assert_failed [Some] | test_logging.rs:226:13:226:60 | ...::assert_failed | provenance | Sink:MaD:3 | -| test_logging.rs:226:36:226:59 | ...::Some(...) [Some] | test_logging.rs:226:13:226:60 | ...::assert_failed | provenance | MaD:3 Sink:MaD:3 | -| test_logging.rs:226:36:226:59 | ...::Some(...) [Some] | test_logging.rs:226:13:226:60 | ...::assert_failed [Some] | provenance | MaD:2 | +| test_logging.rs:226:13:226:60 | ...::assert_failed [Some] | test_logging.rs:226:13:226:60 | ...::assert_failed | provenance | Sink:MaD:2 | +| test_logging.rs:226:36:226:59 | ...::Some(...) [Some] | test_logging.rs:226:13:226:60 | ...::assert_failed | provenance | MaD:2 Sink:MaD:2 | +| test_logging.rs:226:36:226:59 | ...::Some(...) [Some] | test_logging.rs:226:13:226:60 | ...::assert_failed [Some] | provenance | MaD:1 | | test_logging.rs:226:36:226:59 | MacroExpr | test_logging.rs:226:36:226:59 | ...::Some(...) [Some] | provenance | | | test_logging.rs:226:52:226:59 | password | test_logging.rs:226:36:226:59 | MacroExpr | provenance | | -| test_logging.rs:229:30:229:62 | res | test_logging.rs:229:38:229:61 | { ... } | provenance | | -| test_logging.rs:229:30:229:71 | ... .as_str() | test_logging.rs:229:23:229:28 | expect | provenance | MaD:1 Sink:MaD:1 | -| test_logging.rs:229:30:229:71 | ... .as_str() | test_logging.rs:229:23:229:28 | expect | provenance | MaD:1 Sink:MaD:1 | -| test_logging.rs:229:38:229:61 | ...::format(...) | test_logging.rs:229:30:229:62 | res | provenance | | -| test_logging.rs:229:38:229:61 | ...::must_use(...) | test_logging.rs:229:30:229:71 | ... .as_str() | provenance | MaD:17 | -| test_logging.rs:229:38:229:61 | MacroExpr | test_logging.rs:229:38:229:61 | ...::format(...) | provenance | MaD:18 | -| test_logging.rs:229:38:229:61 | { ... } | test_logging.rs:229:38:229:61 | ...::must_use(...) | provenance | MaD:19 | -| test_logging.rs:229:54:229:61 | password | test_logging.rs:229:38:229:61 | MacroExpr | provenance | | -| test_logging.rs:242:16:242:50 | res | test_logging.rs:242:24:242:49 | { ... } | provenance | | -| test_logging.rs:242:16:242:61 | ... .as_bytes() | test_logging.rs:242:10:242:14 | write | provenance | MaD:6 Sink:MaD:6 | -| test_logging.rs:242:24:242:49 | ...::format(...) | test_logging.rs:242:16:242:50 | res | provenance | | -| test_logging.rs:242:24:242:49 | ...::must_use(...) | test_logging.rs:242:16:242:61 | ... .as_bytes() | provenance | MaD:16 | -| test_logging.rs:242:24:242:49 | MacroExpr | test_logging.rs:242:24:242:49 | ...::format(...) | provenance | MaD:18 | -| test_logging.rs:242:24:242:49 | { ... } | test_logging.rs:242:24:242:49 | ...::must_use(...) | provenance | MaD:19 | -| test_logging.rs:242:42:242:49 | password | test_logging.rs:242:24:242:49 | MacroExpr | provenance | | -| test_logging.rs:245:20:245:54 | res | test_logging.rs:245:28:245:53 | { ... } | provenance | | -| test_logging.rs:245:20:245:65 | ... .as_bytes() | test_logging.rs:245:10:245:18 | write_all | provenance | MaD:7 Sink:MaD:7 | -| test_logging.rs:245:28:245:53 | ...::format(...) | test_logging.rs:245:20:245:54 | res | provenance | | -| test_logging.rs:245:28:245:53 | ...::must_use(...) | test_logging.rs:245:20:245:65 | ... .as_bytes() | provenance | MaD:16 | -| test_logging.rs:245:28:245:53 | MacroExpr | test_logging.rs:245:28:245:53 | ...::format(...) | provenance | MaD:18 | -| test_logging.rs:245:28:245:53 | { ... } | test_logging.rs:245:28:245:53 | ...::must_use(...) | provenance | MaD:19 | -| test_logging.rs:245:46:245:53 | password | test_logging.rs:245:28:245:53 | MacroExpr | provenance | | -| test_logging.rs:248:15:248:49 | res | test_logging.rs:248:23:248:48 | { ... } | provenance | | -| test_logging.rs:248:15:248:60 | ... .as_bytes() | test_logging.rs:248:9:248:13 | write | provenance | MaD:6 Sink:MaD:6 | -| test_logging.rs:248:23:248:48 | ...::format(...) | test_logging.rs:248:15:248:49 | res | provenance | | -| test_logging.rs:248:23:248:48 | ...::must_use(...) | test_logging.rs:248:15:248:60 | ... .as_bytes() | provenance | MaD:16 | -| test_logging.rs:248:23:248:48 | MacroExpr | test_logging.rs:248:23:248:48 | ...::format(...) | provenance | MaD:18 | -| test_logging.rs:248:23:248:48 | { ... } | test_logging.rs:248:23:248:48 | ...::must_use(...) | provenance | MaD:19 | -| test_logging.rs:248:41:248:48 | password | test_logging.rs:248:23:248:48 | MacroExpr | provenance | | -| test_logging.rs:251:15:251:49 | res | test_logging.rs:251:23:251:48 | { ... } | provenance | | -| test_logging.rs:251:15:251:60 | ... .as_bytes() | test_logging.rs:251:9:251:13 | write | provenance | MaD:5 Sink:MaD:5 | -| test_logging.rs:251:23:251:48 | ...::format(...) | test_logging.rs:251:15:251:49 | res | provenance | | -| test_logging.rs:251:23:251:48 | ...::must_use(...) | test_logging.rs:251:15:251:60 | ... .as_bytes() | provenance | MaD:16 | -| test_logging.rs:251:23:251:48 | MacroExpr | test_logging.rs:251:23:251:48 | ...::format(...) | provenance | MaD:18 | -| test_logging.rs:251:23:251:48 | { ... } | test_logging.rs:251:23:251:48 | ...::must_use(...) | provenance | MaD:19 | -| test_logging.rs:251:41:251:48 | password | test_logging.rs:251:23:251:48 | MacroExpr | provenance | | models -| 1 | Sink: lang:core; ::expect; log-injection; Argument[0] | -| 2 | Sink: lang:core; crate::panicking::assert_failed; log-injection; Argument[3] | -| 3 | Sink: lang:core; crate::panicking::assert_failed; log-injection; Argument[3].Field[core::option::Option::Some(0)] | -| 4 | Sink: lang:core; crate::panicking::panic_fmt; log-injection; Argument[0] | -| 5 | Sink: lang:std; ::write; log-injection; Argument[0] | -| 6 | Sink: lang:std; ::write; log-injection; Argument[0] | -| 7 | Sink: lang:std; ::write_all; log-injection; Argument[0] | -| 8 | Sink: lang:std; crate::io::stdio::_eprint; log-injection; Argument[0] | -| 9 | Sink: lang:std; crate::io::stdio::_print; log-injection; Argument[0] | -| 10 | Sink: repo:https://github.com/DesmondWillowbrook/rs-log_err:log_err; ::log_expect; log-injection; Argument[0] | -| 11 | Sink: repo:https://github.com/DesmondWillowbrook/rs-log_err:log_err; ::log_expect; log-injection; Argument[0] | -| 12 | Sink: repo:https://github.com/DesmondWillowbrook/rs-log_err:log_err; ::log_expect; log-injection; Argument[self].Field[core::result::Result::Err(0)] | -| 13 | Sink: repo:https://github.com/DesmondWillowbrook/rs-log_err:log_err; ::log_unwrap; log-injection; Argument[self].Field[core::result::Result::Err(0)] | -| 14 | Sink: repo:https://github.com/rust-lang/log:log; crate::__private_api::log; log-injection; Argument[1] | -| 15 | Sink: repo:https://github.com/rust-lang/log:log; crate::__private_api::log; log-injection; Argument[3] | -| 16 | Summary: lang:alloc; ::as_bytes; Argument[self]; ReturnValue; value | -| 17 | Summary: lang:alloc; ::as_str; Argument[self]; ReturnValue; value | -| 18 | Summary: lang:alloc; crate::fmt::format; Argument[0]; ReturnValue; taint | -| 19 | Summary: lang:core; crate::hint::must_use; Argument[0]; ReturnValue; value | +| 1 | Sink: lang:core; crate::panicking::assert_failed; log-injection; Argument[3] | +| 2 | Sink: lang:core; crate::panicking::assert_failed; log-injection; Argument[3].Field[core::option::Option::Some(0)] | +| 3 | Sink: lang:core; crate::panicking::panic_fmt; log-injection; Argument[0] | +| 4 | Sink: lang:std; crate::io::stdio::_eprint; log-injection; Argument[0] | +| 5 | Sink: lang:std; crate::io::stdio::_print; log-injection; Argument[0] | +| 6 | Sink: repo:https://github.com/DesmondWillowbrook/rs-log_err:log_err; ::log_expect; log-injection; Argument[0] | +| 7 | Sink: repo:https://github.com/DesmondWillowbrook/rs-log_err:log_err; ::log_expect; log-injection; Argument[0] | +| 8 | Sink: repo:https://github.com/DesmondWillowbrook/rs-log_err:log_err; ::log_expect; log-injection; Argument[self].Field[core::result::Result::Err(0)] | +| 9 | Sink: repo:https://github.com/DesmondWillowbrook/rs-log_err:log_err; ::log_unwrap; log-injection; Argument[self].Field[core::result::Result::Err(0)] | +| 10 | Sink: repo:https://github.com/rust-lang/log:log; crate::__private_api::log; log-injection; Argument[1] | +| 11 | Sink: repo:https://github.com/rust-lang/log:log; crate::__private_api::log; log-injection; Argument[3] | +| 12 | Summary: lang:alloc; crate::fmt::format; Argument[0]; ReturnValue; taint | +| 13 | Summary: lang:core; crate::hint::must_use; Argument[0]; ReturnValue; value | nodes | test_logging.rs:42:5:42:36 | ...::log | semmle.label | ...::log | | test_logging.rs:42:12:42:35 | MacroExpr | semmle.label | MacroExpr | @@ -493,45 +445,4 @@ nodes | test_logging.rs:226:36:226:59 | ...::Some(...) [Some] | semmle.label | ...::Some(...) [Some] | | test_logging.rs:226:36:226:59 | MacroExpr | semmle.label | MacroExpr | | test_logging.rs:226:52:226:59 | password | semmle.label | password | -| test_logging.rs:229:23:229:28 | expect | semmle.label | expect | -| test_logging.rs:229:23:229:28 | expect | semmle.label | expect | -| test_logging.rs:229:30:229:62 | res | semmle.label | res | -| test_logging.rs:229:30:229:71 | ... .as_str() | semmle.label | ... .as_str() | -| test_logging.rs:229:38:229:61 | ...::format(...) | semmle.label | ...::format(...) | -| test_logging.rs:229:38:229:61 | ...::must_use(...) | semmle.label | ...::must_use(...) | -| test_logging.rs:229:38:229:61 | MacroExpr | semmle.label | MacroExpr | -| test_logging.rs:229:38:229:61 | { ... } | semmle.label | { ... } | -| test_logging.rs:229:54:229:61 | password | semmle.label | password | -| test_logging.rs:242:10:242:14 | write | semmle.label | write | -| test_logging.rs:242:16:242:50 | res | semmle.label | res | -| test_logging.rs:242:16:242:61 | ... .as_bytes() | semmle.label | ... .as_bytes() | -| test_logging.rs:242:24:242:49 | ...::format(...) | semmle.label | ...::format(...) | -| test_logging.rs:242:24:242:49 | ...::must_use(...) | semmle.label | ...::must_use(...) | -| test_logging.rs:242:24:242:49 | MacroExpr | semmle.label | MacroExpr | -| test_logging.rs:242:24:242:49 | { ... } | semmle.label | { ... } | -| test_logging.rs:242:42:242:49 | password | semmle.label | password | -| test_logging.rs:245:10:245:18 | write_all | semmle.label | write_all | -| test_logging.rs:245:20:245:54 | res | semmle.label | res | -| test_logging.rs:245:20:245:65 | ... .as_bytes() | semmle.label | ... .as_bytes() | -| test_logging.rs:245:28:245:53 | ...::format(...) | semmle.label | ...::format(...) | -| test_logging.rs:245:28:245:53 | ...::must_use(...) | semmle.label | ...::must_use(...) | -| test_logging.rs:245:28:245:53 | MacroExpr | semmle.label | MacroExpr | -| test_logging.rs:245:28:245:53 | { ... } | semmle.label | { ... } | -| test_logging.rs:245:46:245:53 | password | semmle.label | password | -| test_logging.rs:248:9:248:13 | write | semmle.label | write | -| test_logging.rs:248:15:248:49 | res | semmle.label | res | -| test_logging.rs:248:15:248:60 | ... .as_bytes() | semmle.label | ... .as_bytes() | -| test_logging.rs:248:23:248:48 | ...::format(...) | semmle.label | ...::format(...) | -| test_logging.rs:248:23:248:48 | ...::must_use(...) | semmle.label | ...::must_use(...) | -| test_logging.rs:248:23:248:48 | MacroExpr | semmle.label | MacroExpr | -| test_logging.rs:248:23:248:48 | { ... } | semmle.label | { ... } | -| test_logging.rs:248:41:248:48 | password | semmle.label | password | -| test_logging.rs:251:9:251:13 | write | semmle.label | write | -| test_logging.rs:251:15:251:49 | res | semmle.label | res | -| test_logging.rs:251:15:251:60 | ... .as_bytes() | semmle.label | ... .as_bytes() | -| test_logging.rs:251:23:251:48 | ...::format(...) | semmle.label | ...::format(...) | -| test_logging.rs:251:23:251:48 | ...::must_use(...) | semmle.label | ...::must_use(...) | -| test_logging.rs:251:23:251:48 | MacroExpr | semmle.label | MacroExpr | -| test_logging.rs:251:23:251:48 | { ... } | semmle.label | { ... } | -| test_logging.rs:251:41:251:48 | password | semmle.label | password | subpaths diff --git a/rust/ql/test/query-tests/security/CWE-312/test_logging.rs b/rust/ql/test/query-tests/security/CWE-312/test_logging.rs index 4b12005a6cb5..f5f94fc89f82 100644 --- a/rust/ql/test/query-tests/security/CWE-312/test_logging.rs +++ b/rust/ql/test/query-tests/security/CWE-312/test_logging.rs @@ -226,7 +226,7 @@ fn test_std(password: String, i: i32, opt_i: Option) { debug_assert_ne!(1, 1, "message = {}", password); // $ Alert[rust/cleartext-logging] } 11 => { - _ = opt_i.expect(format!("message = {}", password).as_str()); // $ Alert[rust/cleartext-logging] + _ = opt_i.expect(format!("message = {}", password).as_str()); // $ MISSING: Alert[rust/cleartext-logging] (https://github.com/github/codeql/pull/19658) } _ => {} } @@ -239,16 +239,16 @@ fn test_std(password: String, i: i32, opt_i: Option) { .write_fmt(format_args!("message = {}\n", password)); // $ MISSING: Alert[rust/cleartext-logging] std::io::stdout() .lock() - .write(format!("message = {}\n", password).as_bytes()); // $ Alert[rust/cleartext-logging] + .write(format!("message = {}\n", password).as_bytes()); // $ MISSING: Alert[rust/cleartext-logging] (https://github.com/github/codeql/pull/19658) std::io::stdout() .lock() - .write_all(format!("message = {}\n", password).as_bytes()); // $ Alert[rust/cleartext-logging] + .write_all(format!("message = {}\n", password).as_bytes()); // $ MISSING: Alert[rust/cleartext-logging] (https://github.com/github/codeql/pull/19658) let mut out = std::io::stdout().lock(); - out.write(format!("message = {}\n", password).as_bytes()); // $ Alert[rust/cleartext-logging] + out.write(format!("message = {}\n", password).as_bytes()); // $ MISSING: Alert[rust/cleartext-logging] (https://github.com/github/codeql/pull/19658) let mut err = std::io::stderr().lock(); - err.write(format!("message = {}\n", password).as_bytes()); // $ Alert[rust/cleartext-logging] + err.write(format!("message = {}\n", password).as_bytes()); // $ MISSING: Alert[rust/cleartext-logging] (https://github.com/github/codeql/pull/19658) } fn main() { diff --git a/rust/ql/test/query-tests/security/CWE-770/UncontrolledAllocationSize.expected b/rust/ql/test/query-tests/security/CWE-770/UncontrolledAllocationSize.expected index 4294bff6c08a..34cb1edba83f 100644 --- a/rust/ql/test/query-tests/security/CWE-770/UncontrolledAllocationSize.expected +++ b/rust/ql/test/query-tests/security/CWE-770/UncontrolledAllocationSize.expected @@ -14,9 +14,7 @@ | main.rs:54:13:54:29 | ...::alloc | main.rs:317:13:317:26 | ...::args | main.rs:54:13:54:29 | ...::alloc | This allocation size is derived from a $@ and could allocate arbitrary amounts of memory. | main.rs:317:13:317:26 | ...::args | user-provided value | | main.rs:59:13:59:29 | ...::alloc | main.rs:317:13:317:26 | ...::args | main.rs:59:13:59:29 | ...::alloc | This allocation size is derived from a $@ and could allocate arbitrary amounts of memory. | main.rs:317:13:317:26 | ...::args | user-provided value | | main.rs:61:13:61:29 | ...::alloc | main.rs:317:13:317:26 | ...::args | main.rs:61:13:61:29 | ...::alloc | This allocation size is derived from a $@ and could allocate arbitrary amounts of memory. | main.rs:317:13:317:26 | ...::args | user-provided value | -| main.rs:63:13:63:29 | ...::alloc | main.rs:317:13:317:26 | ...::args | main.rs:63:13:63:29 | ...::alloc | This allocation size is derived from a $@ and could allocate arbitrary amounts of memory. | main.rs:317:13:317:26 | ...::args | user-provided value | | main.rs:64:13:64:29 | ...::alloc | main.rs:317:13:317:26 | ...::args | main.rs:64:13:64:29 | ...::alloc | This allocation size is derived from a $@ and could allocate arbitrary amounts of memory. | main.rs:317:13:317:26 | ...::args | user-provided value | -| main.rs:65:13:65:29 | ...::alloc | main.rs:317:13:317:26 | ...::args | main.rs:65:13:65:29 | ...::alloc | This allocation size is derived from a $@ and could allocate arbitrary amounts of memory. | main.rs:317:13:317:26 | ...::args | user-provided value | | main.rs:68:13:68:29 | ...::alloc | main.rs:317:13:317:26 | ...::args | main.rs:68:13:68:29 | ...::alloc | This allocation size is derived from a $@ and could allocate arbitrary amounts of memory. | main.rs:317:13:317:26 | ...::args | user-provided value | | main.rs:88:13:88:29 | ...::alloc | main.rs:317:13:317:26 | ...::args | main.rs:88:13:88:29 | ...::alloc | This allocation size is derived from a $@ and could allocate arbitrary amounts of memory. | main.rs:317:13:317:26 | ...::args | user-provided value | | main.rs:96:17:96:33 | ...::alloc | main.rs:317:13:317:26 | ...::args | main.rs:96:17:96:33 | ...::alloc | This allocation size is derived from a $@ and could allocate arbitrary amounts of memory. | main.rs:317:13:317:26 | ...::args | user-provided value | @@ -65,40 +63,40 @@ edges | main.rs:18:41:18:41 | v | main.rs:32:60:32:89 | ... * ... | provenance | | | main.rs:18:41:18:41 | v | main.rs:35:9:35:10 | s6 | provenance | | | main.rs:20:9:20:10 | l2 | main.rs:21:31:21:32 | l2 | provenance | | -| main.rs:20:14:20:54 | ...::from_size_align(...) [Ok] | main.rs:20:14:20:63 | ... .unwrap() | provenance | MaD:38 | +| main.rs:20:14:20:54 | ...::from_size_align(...) [Ok] | main.rs:20:14:20:63 | ... .unwrap() | provenance | MaD:36 | | main.rs:20:14:20:63 | ... .unwrap() | main.rs:20:9:20:10 | l2 | provenance | | -| main.rs:20:50:20:50 | v | main.rs:20:14:20:54 | ...::from_size_align(...) [Ok] | provenance | MaD:28 | +| main.rs:20:50:20:50 | v | main.rs:20:14:20:54 | ...::from_size_align(...) [Ok] | provenance | MaD:26 | | main.rs:21:31:21:32 | l2 | main.rs:21:13:21:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:21:31:21:32 | l2 | main.rs:22:31:22:44 | l2.align_to(...) [Ok] | provenance | MaD:22 | | main.rs:21:31:21:32 | l2 | main.rs:23:31:23:44 | l2.align_to(...) [Ok] | provenance | MaD:22 | | main.rs:21:31:21:32 | l2 | main.rs:24:38:24:39 | l2 | provenance | | -| main.rs:22:31:22:44 | l2.align_to(...) [Ok] | main.rs:22:31:22:53 | ... .unwrap() | provenance | MaD:38 | +| main.rs:22:31:22:44 | l2.align_to(...) [Ok] | main.rs:22:31:22:53 | ... .unwrap() | provenance | MaD:36 | | main.rs:22:31:22:53 | ... .unwrap() | main.rs:22:13:22:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | -| main.rs:23:31:23:44 | l2.align_to(...) [Ok] | main.rs:23:31:23:53 | ... .unwrap() | provenance | MaD:38 | -| main.rs:23:31:23:53 | ... .unwrap() | main.rs:23:31:23:68 | ... .pad_to_align() | provenance | MaD:31 | +| main.rs:23:31:23:44 | l2.align_to(...) [Ok] | main.rs:23:31:23:53 | ... .unwrap() | provenance | MaD:36 | +| main.rs:23:31:23:53 | ... .unwrap() | main.rs:23:31:23:68 | ... .pad_to_align() | provenance | MaD:29 | | main.rs:23:31:23:68 | ... .pad_to_align() | main.rs:23:13:23:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:24:38:24:39 | l2 | main.rs:24:13:24:36 | ...::alloc_zeroed | provenance | MaD:4 Sink:MaD:4 | | main.rs:29:9:29:10 | l4 | main.rs:30:31:30:32 | l4 | provenance | | | main.rs:29:14:29:64 | ...::from_size_align_unchecked(...) | main.rs:29:9:29:10 | l4 | provenance | | -| main.rs:29:60:29:60 | v | main.rs:29:14:29:64 | ...::from_size_align_unchecked(...) | provenance | MaD:30 | +| main.rs:29:60:29:60 | v | main.rs:29:14:29:64 | ...::from_size_align_unchecked(...) | provenance | MaD:28 | | main.rs:30:31:30:32 | l4 | main.rs:30:13:30:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:32:9:32:10 | l5 | main.rs:33:31:33:32 | l5 | provenance | | | main.rs:32:14:32:118 | ...::from_size_align_unchecked(...) | main.rs:32:9:32:10 | l5 | provenance | | -| main.rs:32:60:32:89 | ... * ... | main.rs:32:14:32:118 | ...::from_size_align_unchecked(...) | provenance | MaD:30 | +| main.rs:32:60:32:89 | ... * ... | main.rs:32:14:32:118 | ...::from_size_align_unchecked(...) | provenance | MaD:28 | | main.rs:33:31:33:32 | l5 | main.rs:33:13:33:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:35:9:35:10 | s6 | main.rs:36:60:36:61 | s6 | provenance | | | main.rs:36:9:36:10 | l6 | main.rs:37:31:37:32 | l6 | provenance | | | main.rs:36:9:36:10 | l6 [Layout.size] | main.rs:37:31:37:32 | l6 [Layout.size] | provenance | | | main.rs:36:14:36:65 | ...::from_size_align_unchecked(...) | main.rs:36:9:36:10 | l6 | provenance | | | main.rs:36:14:36:65 | ...::from_size_align_unchecked(...) [Layout.size] | main.rs:36:9:36:10 | l6 [Layout.size] | provenance | | -| main.rs:36:60:36:61 | s6 | main.rs:36:14:36:65 | ...::from_size_align_unchecked(...) | provenance | MaD:30 | -| main.rs:36:60:36:61 | s6 | main.rs:36:14:36:65 | ...::from_size_align_unchecked(...) [Layout.size] | provenance | MaD:29 | +| main.rs:36:60:36:61 | s6 | main.rs:36:14:36:65 | ...::from_size_align_unchecked(...) | provenance | MaD:28 | +| main.rs:36:60:36:61 | s6 | main.rs:36:14:36:65 | ...::from_size_align_unchecked(...) [Layout.size] | provenance | MaD:27 | | main.rs:37:31:37:32 | l6 | main.rs:37:13:37:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | -| main.rs:37:31:37:32 | l6 | main.rs:39:60:39:68 | l6.size() | provenance | MaD:35 | -| main.rs:37:31:37:32 | l6 [Layout.size] | main.rs:39:60:39:68 | l6.size() | provenance | MaD:34 | +| main.rs:37:31:37:32 | l6 | main.rs:39:60:39:68 | l6.size() | provenance | MaD:33 | +| main.rs:37:31:37:32 | l6 [Layout.size] | main.rs:39:60:39:68 | l6.size() | provenance | MaD:32 | | main.rs:39:9:39:10 | l7 | main.rs:40:31:40:32 | l7 | provenance | | | main.rs:39:14:39:72 | ...::from_size_align_unchecked(...) | main.rs:39:9:39:10 | l7 | provenance | | -| main.rs:39:60:39:68 | l6.size() | main.rs:39:14:39:72 | ...::from_size_align_unchecked(...) | provenance | MaD:30 | +| main.rs:39:60:39:68 | l6.size() | main.rs:39:14:39:72 | ...::from_size_align_unchecked(...) | provenance | MaD:28 | | main.rs:40:31:40:32 | l7 | main.rs:40:13:40:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:43:44:43:51 | ...: usize | main.rs:50:41:50:41 | v | provenance | | | main.rs:43:44:43:51 | ...: usize | main.rs:51:41:51:45 | ... + ... | provenance | | @@ -106,56 +104,47 @@ edges | main.rs:43:44:43:51 | ...: usize | main.rs:54:48:54:53 | ... * ... | provenance | | | main.rs:43:44:43:51 | ...: usize | main.rs:58:34:58:34 | v | provenance | | | main.rs:43:44:43:51 | ...: usize | main.rs:67:46:67:46 | v | provenance | | -| main.rs:50:31:50:42 | l2.repeat(...) [Ok, tuple.0] | main.rs:50:31:50:51 | ... .unwrap() [tuple.0] | provenance | MaD:38 | +| main.rs:50:31:50:42 | l2.repeat(...) [Ok, tuple.0] | main.rs:50:31:50:51 | ... .unwrap() [tuple.0] | provenance | MaD:36 | | main.rs:50:31:50:51 | ... .unwrap() [tuple.0] | main.rs:50:31:50:53 | ... .0 | provenance | | | main.rs:50:31:50:53 | ... .0 | main.rs:50:13:50:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | -| main.rs:50:41:50:41 | v | main.rs:50:31:50:42 | l2.repeat(...) [Ok, tuple.0] | provenance | MaD:32 | -| main.rs:51:31:51:46 | l2.repeat(...) [Ok, tuple.0] | main.rs:51:31:51:55 | ... .unwrap() [tuple.0] | provenance | MaD:38 | +| main.rs:50:41:50:41 | v | main.rs:50:31:50:42 | l2.repeat(...) [Ok, tuple.0] | provenance | MaD:30 | +| main.rs:51:31:51:46 | l2.repeat(...) [Ok, tuple.0] | main.rs:51:31:51:55 | ... .unwrap() [tuple.0] | provenance | MaD:36 | | main.rs:51:31:51:55 | ... .unwrap() [tuple.0] | main.rs:51:31:51:57 | ... .0 | provenance | | | main.rs:51:31:51:57 | ... .0 | main.rs:51:13:51:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | -| main.rs:51:41:51:45 | ... + ... | main.rs:51:31:51:46 | l2.repeat(...) [Ok, tuple.0] | provenance | MaD:32 | -| main.rs:53:31:53:49 | l2.repeat_packed(...) [Ok] | main.rs:53:31:53:58 | ... .unwrap() | provenance | MaD:38 | +| main.rs:51:41:51:45 | ... + ... | main.rs:51:31:51:46 | l2.repeat(...) [Ok, tuple.0] | provenance | MaD:30 | +| main.rs:53:31:53:49 | l2.repeat_packed(...) [Ok] | main.rs:53:31:53:58 | ... .unwrap() | provenance | MaD:36 | | main.rs:53:31:53:58 | ... .unwrap() | main.rs:53:13:53:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | -| main.rs:53:48:53:48 | v | main.rs:53:31:53:49 | l2.repeat_packed(...) [Ok] | provenance | MaD:33 | -| main.rs:54:31:54:54 | l2.repeat_packed(...) [Ok] | main.rs:54:31:54:63 | ... .unwrap() | provenance | MaD:38 | +| main.rs:53:48:53:48 | v | main.rs:53:31:53:49 | l2.repeat_packed(...) [Ok] | provenance | MaD:31 | +| main.rs:54:31:54:54 | l2.repeat_packed(...) [Ok] | main.rs:54:31:54:63 | ... .unwrap() | provenance | MaD:36 | | main.rs:54:31:54:63 | ... .unwrap() | main.rs:54:13:54:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | -| main.rs:54:48:54:53 | ... * ... | main.rs:54:31:54:54 | l2.repeat_packed(...) [Ok] | provenance | MaD:33 | +| main.rs:54:48:54:53 | ... * ... | main.rs:54:31:54:54 | l2.repeat_packed(...) [Ok] | provenance | MaD:31 | | main.rs:58:9:58:20 | TuplePat [tuple.0] | main.rs:58:10:58:11 | k1 | provenance | | | main.rs:58:10:58:11 | k1 | main.rs:59:31:59:32 | k1 | provenance | | -| main.rs:58:24:58:35 | l3.repeat(...) [Ok, tuple.0] | main.rs:58:24:58:66 | ... .expect(...) [tuple.0] | provenance | MaD:37 | +| main.rs:58:24:58:35 | l3.repeat(...) [Ok, tuple.0] | main.rs:58:24:58:66 | ... .expect(...) [tuple.0] | provenance | MaD:35 | | main.rs:58:24:58:66 | ... .expect(...) [tuple.0] | main.rs:58:9:58:20 | TuplePat [tuple.0] | provenance | | -| main.rs:58:34:58:34 | v | main.rs:58:24:58:35 | l3.repeat(...) [Ok, tuple.0] | provenance | MaD:32 | +| main.rs:58:34:58:34 | v | main.rs:58:24:58:35 | l3.repeat(...) [Ok, tuple.0] | provenance | MaD:30 | | main.rs:59:31:59:32 | k1 | main.rs:59:13:59:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:59:31:59:32 | k1 | main.rs:60:34:60:35 | k1 | provenance | | -| main.rs:59:31:59:32 | k1 | main.rs:62:24:62:36 | k1.extend(...) [Ok, tuple.0] | provenance | MaD:25 | | main.rs:59:31:59:32 | k1 | main.rs:64:48:64:49 | k1 | provenance | | -| main.rs:59:31:59:32 | k1 | main.rs:65:31:65:50 | k1.extend_packed(...) [Ok] | provenance | MaD:27 | | main.rs:60:9:60:20 | TuplePat [tuple.0] | main.rs:60:10:60:11 | k2 | provenance | | | main.rs:60:10:60:11 | k2 | main.rs:61:31:61:32 | k2 | provenance | | -| main.rs:60:24:60:36 | l3.extend(...) [Ok, tuple.0] | main.rs:60:24:60:45 | ... .unwrap() [tuple.0] | provenance | MaD:38 | +| main.rs:60:24:60:36 | l3.extend(...) [Ok, tuple.0] | main.rs:60:24:60:45 | ... .unwrap() [tuple.0] | provenance | MaD:36 | | main.rs:60:24:60:45 | ... .unwrap() [tuple.0] | main.rs:60:9:60:20 | TuplePat [tuple.0] | provenance | | | main.rs:60:34:60:35 | k1 | main.rs:60:24:60:36 | l3.extend(...) [Ok, tuple.0] | provenance | MaD:24 | | main.rs:61:31:61:32 | k2 | main.rs:61:13:61:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | -| main.rs:62:9:62:20 | TuplePat [tuple.0] | main.rs:62:10:62:11 | k3 | provenance | | -| main.rs:62:10:62:11 | k3 | main.rs:63:31:63:32 | k3 | provenance | | -| main.rs:62:24:62:36 | k1.extend(...) [Ok, tuple.0] | main.rs:62:24:62:45 | ... .unwrap() [tuple.0] | provenance | MaD:38 | -| main.rs:62:24:62:45 | ... .unwrap() [tuple.0] | main.rs:62:9:62:20 | TuplePat [tuple.0] | provenance | | -| main.rs:63:31:63:32 | k3 | main.rs:63:13:63:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | -| main.rs:64:31:64:50 | l3.extend_packed(...) [Ok] | main.rs:64:31:64:59 | ... .unwrap() | provenance | MaD:38 | +| main.rs:64:31:64:50 | l3.extend_packed(...) [Ok] | main.rs:64:31:64:59 | ... .unwrap() | provenance | MaD:36 | | main.rs:64:31:64:59 | ... .unwrap() | main.rs:64:13:64:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | -| main.rs:64:48:64:49 | k1 | main.rs:64:31:64:50 | l3.extend_packed(...) [Ok] | provenance | MaD:26 | -| main.rs:65:31:65:50 | k1.extend_packed(...) [Ok] | main.rs:65:31:65:59 | ... .unwrap() | provenance | MaD:38 | -| main.rs:65:31:65:59 | ... .unwrap() | main.rs:65:13:65:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | +| main.rs:64:48:64:49 | k1 | main.rs:64:31:64:50 | l3.extend_packed(...) [Ok] | provenance | MaD:25 | | main.rs:67:9:67:10 | l4 | main.rs:68:31:68:32 | l4 | provenance | | -| main.rs:67:14:67:47 | ...::array::<...>(...) [Ok] | main.rs:67:14:67:56 | ... .unwrap() | provenance | MaD:38 | +| main.rs:67:14:67:47 | ...::array::<...>(...) [Ok] | main.rs:67:14:67:56 | ... .unwrap() | provenance | MaD:36 | | main.rs:67:14:67:56 | ... .unwrap() | main.rs:67:9:67:10 | l4 | provenance | | | main.rs:67:46:67:46 | v | main.rs:67:14:67:47 | ...::array::<...>(...) [Ok] | provenance | MaD:23 | | main.rs:68:31:68:32 | l4 | main.rs:68:13:68:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:86:35:86:42 | ...: usize | main.rs:87:54:87:54 | v | provenance | | | main.rs:87:9:87:14 | layout | main.rs:88:31:88:36 | layout | provenance | | -| main.rs:87:18:87:58 | ...::from_size_align(...) [Ok] | main.rs:87:18:87:67 | ... .unwrap() | provenance | MaD:38 | +| main.rs:87:18:87:58 | ...::from_size_align(...) [Ok] | main.rs:87:18:87:67 | ... .unwrap() | provenance | MaD:36 | | main.rs:87:18:87:67 | ... .unwrap() | main.rs:87:9:87:14 | layout | provenance | | -| main.rs:87:54:87:54 | v | main.rs:87:18:87:58 | ...::from_size_align(...) [Ok] | provenance | MaD:28 | +| main.rs:87:54:87:54 | v | main.rs:87:18:87:58 | ...::from_size_align(...) [Ok] | provenance | MaD:26 | | main.rs:88:31:88:36 | layout | main.rs:88:13:88:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:91:38:91:45 | ...: usize | main.rs:92:47:92:47 | v | provenance | | | main.rs:91:38:91:45 | ...: usize | main.rs:101:51:101:51 | v | provenance | | @@ -166,14 +155,14 @@ edges | main.rs:91:38:91:45 | ...: usize | main.rs:161:55:161:55 | v | provenance | | | main.rs:92:9:92:10 | l1 | main.rs:96:35:96:36 | l1 | provenance | | | main.rs:92:9:92:10 | l1 | main.rs:102:35:102:36 | l1 | provenance | | -| main.rs:92:14:92:48 | ...::array::<...>(...) [Ok] | main.rs:92:14:92:57 | ... .unwrap() | provenance | MaD:38 | +| main.rs:92:14:92:48 | ...::array::<...>(...) [Ok] | main.rs:92:14:92:57 | ... .unwrap() | provenance | MaD:36 | | main.rs:92:14:92:57 | ... .unwrap() | main.rs:92:9:92:10 | l1 | provenance | | | main.rs:92:47:92:47 | v | main.rs:92:14:92:48 | ...::array::<...>(...) [Ok] | provenance | MaD:23 | | main.rs:96:35:96:36 | l1 | main.rs:96:17:96:33 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:96:35:96:36 | l1 | main.rs:109:35:109:36 | l1 | provenance | | | main.rs:96:35:96:36 | l1 | main.rs:111:35:111:36 | l1 | provenance | | | main.rs:101:13:101:14 | l3 | main.rs:103:35:103:36 | l3 | provenance | | -| main.rs:101:18:101:52 | ...::array::<...>(...) [Ok] | main.rs:101:18:101:61 | ... .unwrap() | provenance | MaD:38 | +| main.rs:101:18:101:52 | ...::array::<...>(...) [Ok] | main.rs:101:18:101:61 | ... .unwrap() | provenance | MaD:36 | | main.rs:101:18:101:61 | ... .unwrap() | main.rs:101:13:101:14 | l3 | provenance | | | main.rs:101:51:101:51 | v | main.rs:101:18:101:52 | ...::array::<...>(...) [Ok] | provenance | MaD:23 | | main.rs:102:35:102:36 | l1 | main.rs:102:17:102:33 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | @@ -186,28 +175,28 @@ edges | main.rs:111:35:111:36 | l1 | main.rs:111:17:111:33 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:111:35:111:36 | l1 | main.rs:146:35:146:36 | l1 | provenance | | | main.rs:145:13:145:14 | l9 | main.rs:148:35:148:36 | l9 | provenance | | -| main.rs:145:18:145:52 | ...::array::<...>(...) [Ok] | main.rs:145:18:145:61 | ... .unwrap() | provenance | MaD:38 | +| main.rs:145:18:145:52 | ...::array::<...>(...) [Ok] | main.rs:145:18:145:61 | ... .unwrap() | provenance | MaD:36 | | main.rs:145:18:145:61 | ... .unwrap() | main.rs:145:13:145:14 | l9 | provenance | | | main.rs:145:51:145:51 | v | main.rs:145:18:145:52 | ...::array::<...>(...) [Ok] | provenance | MaD:23 | | main.rs:146:35:146:36 | l1 | main.rs:146:17:146:33 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:146:35:146:36 | l1 | main.rs:177:31:177:32 | l1 | provenance | | | main.rs:148:35:148:36 | l9 | main.rs:148:17:148:33 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:151:9:151:11 | l10 | main.rs:152:31:152:33 | l10 | provenance | | -| main.rs:151:15:151:69 | ...::array::<...>(...) [Ok] | main.rs:151:15:151:78 | ... .unwrap() | provenance | MaD:38 | +| main.rs:151:15:151:69 | ...::array::<...>(...) [Ok] | main.rs:151:15:151:78 | ... .unwrap() | provenance | MaD:36 | | main.rs:151:15:151:78 | ... .unwrap() | main.rs:151:9:151:11 | l10 | provenance | | | main.rs:151:48:151:68 | ...::min(...) | main.rs:151:15:151:69 | ...::array::<...>(...) [Ok] | provenance | MaD:23 | -| main.rs:151:62:151:62 | v | main.rs:151:48:151:68 | ...::min(...) | provenance | MaD:41 | +| main.rs:151:62:151:62 | v | main.rs:151:48:151:68 | ...::min(...) | provenance | MaD:39 | | main.rs:152:31:152:33 | l10 | main.rs:152:13:152:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:154:9:154:11 | l11 | main.rs:155:31:155:33 | l11 | provenance | | -| main.rs:154:15:154:69 | ...::array::<...>(...) [Ok] | main.rs:154:15:154:78 | ... .unwrap() | provenance | MaD:38 | +| main.rs:154:15:154:69 | ...::array::<...>(...) [Ok] | main.rs:154:15:154:78 | ... .unwrap() | provenance | MaD:36 | | main.rs:154:15:154:78 | ... .unwrap() | main.rs:154:9:154:11 | l11 | provenance | | | main.rs:154:48:154:68 | ...::max(...) | main.rs:154:15:154:69 | ...::array::<...>(...) [Ok] | provenance | MaD:23 | -| main.rs:154:62:154:62 | v | main.rs:154:48:154:68 | ...::max(...) | provenance | MaD:40 | +| main.rs:154:62:154:62 | v | main.rs:154:48:154:68 | ...::max(...) | provenance | MaD:38 | | main.rs:155:31:155:33 | l11 | main.rs:155:13:155:29 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:161:13:161:15 | l13 | main.rs:162:35:162:37 | l13 | provenance | | -| main.rs:161:19:161:59 | ...::from_size_align(...) [Ok] | main.rs:161:19:161:68 | ... .unwrap() | provenance | MaD:38 | +| main.rs:161:19:161:59 | ...::from_size_align(...) [Ok] | main.rs:161:19:161:68 | ... .unwrap() | provenance | MaD:36 | | main.rs:161:19:161:68 | ... .unwrap() | main.rs:161:13:161:15 | l13 | provenance | | -| main.rs:161:55:161:55 | v | main.rs:161:19:161:59 | ...::from_size_align(...) [Ok] | provenance | MaD:28 | +| main.rs:161:55:161:55 | v | main.rs:161:19:161:59 | ...::from_size_align(...) [Ok] | provenance | MaD:26 | | main.rs:162:35:162:37 | l13 | main.rs:162:17:162:33 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:162:35:162:37 | l13 | main.rs:169:35:169:37 | l13 | provenance | | | main.rs:169:35:169:37 | l13 | main.rs:169:17:169:33 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | @@ -215,7 +204,7 @@ edges | main.rs:183:29:183:36 | ...: usize | main.rs:192:46:192:46 | v | provenance | | | main.rs:183:29:183:36 | ...: usize | main.rs:202:48:202:48 | v | provenance | | | main.rs:192:9:192:10 | l2 | main.rs:193:38:193:39 | l2 | provenance | | -| main.rs:192:14:192:47 | ...::array::<...>(...) [Ok] | main.rs:192:14:192:56 | ... .unwrap() | provenance | MaD:38 | +| main.rs:192:14:192:47 | ...::array::<...>(...) [Ok] | main.rs:192:14:192:56 | ... .unwrap() | provenance | MaD:36 | | main.rs:192:14:192:56 | ... .unwrap() | main.rs:192:9:192:10 | l2 | provenance | | | main.rs:192:46:192:46 | v | main.rs:192:14:192:47 | ...::array::<...>(...) [Ok] | provenance | MaD:23 | | main.rs:193:38:193:39 | l2 | main.rs:193:32:193:36 | alloc | provenance | MaD:11 Sink:MaD:11 | @@ -256,18 +245,18 @@ edges | main.rs:223:26:223:26 | v | main.rs:223:13:223:24 | ...::calloc | provenance | MaD:18 Sink:MaD:18 | | main.rs:223:26:223:26 | v | main.rs:224:31:224:31 | v | provenance | | | main.rs:224:31:224:31 | v | main.rs:224:13:224:25 | ...::realloc | provenance | MaD:20 Sink:MaD:20 | -| main.rs:279:24:279:41 | ...: String | main.rs:280:21:280:47 | user_input.parse() [Ok] | provenance | MaD:39 | +| main.rs:279:24:279:41 | ...: String | main.rs:280:21:280:47 | user_input.parse() [Ok] | provenance | MaD:37 | | main.rs:280:9:280:17 | num_bytes | main.rs:282:54:282:62 | num_bytes | provenance | | | main.rs:280:21:280:47 | user_input.parse() [Ok] | main.rs:280:21:280:48 | TryExpr | provenance | | | main.rs:280:21:280:48 | TryExpr | main.rs:280:9:280:17 | num_bytes | provenance | | | main.rs:282:9:282:14 | layout | main.rs:284:40:284:45 | layout | provenance | | -| main.rs:282:18:282:66 | ...::from_size_align(...) [Ok] | main.rs:282:18:282:75 | ... .unwrap() | provenance | MaD:38 | +| main.rs:282:18:282:66 | ...::from_size_align(...) [Ok] | main.rs:282:18:282:75 | ... .unwrap() | provenance | MaD:36 | | main.rs:282:18:282:75 | ... .unwrap() | main.rs:282:9:282:14 | layout | provenance | | -| main.rs:282:54:282:62 | num_bytes | main.rs:282:18:282:66 | ...::from_size_align(...) [Ok] | provenance | MaD:28 | +| main.rs:282:54:282:62 | num_bytes | main.rs:282:18:282:66 | ...::from_size_align(...) [Ok] | provenance | MaD:26 | | main.rs:284:40:284:45 | layout | main.rs:284:22:284:38 | ...::alloc | provenance | MaD:3 Sink:MaD:3 | | main.rs:308:25:308:38 | ...::args | main.rs:308:25:308:40 | ...::args(...) [element] | provenance | Src:MaD:21 | -| main.rs:308:25:308:40 | ...::args(...) [element] | main.rs:308:25:308:47 | ... .nth(...) [Some] | provenance | MaD:42 | -| main.rs:308:25:308:47 | ... .nth(...) [Some] | main.rs:308:25:308:74 | ... .unwrap_or(...) | provenance | MaD:36 | +| main.rs:308:25:308:40 | ...::args(...) [element] | main.rs:308:25:308:47 | ... .nth(...) [Some] | provenance | MaD:40 | +| main.rs:308:25:308:47 | ... .nth(...) [Some] | main.rs:308:25:308:74 | ... .unwrap_or(...) | provenance | MaD:34 | | main.rs:308:25:308:74 | ... .unwrap_or(...) | main.rs:279:24:279:41 | ...: String | provenance | | | main.rs:317:9:317:9 | v | main.rs:320:34:320:34 | v | provenance | | | main.rs:317:9:317:9 | v | main.rs:321:42:321:42 | v | provenance | | @@ -275,10 +264,10 @@ edges | main.rs:317:9:317:9 | v | main.rs:323:27:323:27 | v | provenance | | | main.rs:317:9:317:9 | v | main.rs:324:25:324:25 | v | provenance | | | main.rs:317:13:317:26 | ...::args | main.rs:317:13:317:28 | ...::args(...) [element] | provenance | Src:MaD:21 | -| main.rs:317:13:317:28 | ...::args(...) [element] | main.rs:317:13:317:35 | ... .nth(...) [Some] | provenance | MaD:42 | -| main.rs:317:13:317:35 | ... .nth(...) [Some] | main.rs:317:13:317:65 | ... .unwrap_or(...) | provenance | MaD:36 | -| main.rs:317:13:317:65 | ... .unwrap_or(...) | main.rs:317:13:317:82 | ... .parse() [Ok] | provenance | MaD:39 | -| main.rs:317:13:317:82 | ... .parse() [Ok] | main.rs:317:13:317:91 | ... .unwrap() | provenance | MaD:38 | +| main.rs:317:13:317:28 | ...::args(...) [element] | main.rs:317:13:317:35 | ... .nth(...) [Some] | provenance | MaD:40 | +| main.rs:317:13:317:35 | ... .nth(...) [Some] | main.rs:317:13:317:65 | ... .unwrap_or(...) | provenance | MaD:34 | +| main.rs:317:13:317:65 | ... .unwrap_or(...) | main.rs:317:13:317:82 | ... .parse() [Ok] | provenance | MaD:37 | +| main.rs:317:13:317:82 | ... .parse() [Ok] | main.rs:317:13:317:91 | ... .unwrap() | provenance | MaD:36 | | main.rs:317:13:317:91 | ... .unwrap() | main.rs:317:9:317:9 | v | provenance | | | main.rs:320:34:320:34 | v | main.rs:12:36:12:43 | ...: usize | provenance | | | main.rs:321:42:321:42 | v | main.rs:43:44:43:51 | ...: usize | provenance | | @@ -310,24 +299,22 @@ models | 22 | Summary: lang:core; ::align_to; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | | 23 | Summary: lang:core; ::array; Argument[0]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | | 24 | Summary: lang:core; ::extend; Argument[0]; ReturnValue.Field[core::result::Result::Ok(0)].Field[0]; taint | -| 25 | Summary: lang:core; ::extend; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)].Field[0]; taint | -| 26 | Summary: lang:core; ::extend_packed; Argument[0]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | -| 27 | Summary: lang:core; ::extend_packed; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | -| 28 | Summary: lang:core; ::from_size_align; Argument[0]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | -| 29 | Summary: lang:core; ::from_size_align_unchecked; Argument[0]; ReturnValue.Field[core::alloc::layout::Layout::size]; value | -| 30 | Summary: lang:core; ::from_size_align_unchecked; Argument[0]; ReturnValue; taint | -| 31 | Summary: lang:core; ::pad_to_align; Argument[self]; ReturnValue; taint | -| 32 | Summary: lang:core; ::repeat; Argument[0]; ReturnValue.Field[core::result::Result::Ok(0)].Field[0]; taint | -| 33 | Summary: lang:core; ::repeat_packed; Argument[0]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | -| 34 | Summary: lang:core; ::size; Argument[self].Field[core::alloc::layout::Layout::size]; ReturnValue; value | -| 35 | Summary: lang:core; ::size; Argument[self]; ReturnValue; taint | -| 36 | Summary: lang:core; ::unwrap_or; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value | -| 37 | Summary: lang:core; ::expect; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value | -| 38 | Summary: lang:core; ::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value | -| 39 | Summary: lang:core; ::parse; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | -| 40 | Summary: lang:core; crate::cmp::max; Argument[0]; ReturnValue; value | -| 41 | Summary: lang:core; crate::cmp::min; Argument[0]; ReturnValue; value | -| 42 | Summary: lang:core; crate::iter::traits::iterator::Iterator::nth; Argument[self].Element; ReturnValue.Field[core::option::Option::Some(0)]; value | +| 25 | Summary: lang:core; ::extend_packed; Argument[0]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | +| 26 | Summary: lang:core; ::from_size_align; Argument[0]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | +| 27 | Summary: lang:core; ::from_size_align_unchecked; Argument[0]; ReturnValue.Field[core::alloc::layout::Layout::size]; value | +| 28 | Summary: lang:core; ::from_size_align_unchecked; Argument[0]; ReturnValue; taint | +| 29 | Summary: lang:core; ::pad_to_align; Argument[self]; ReturnValue; taint | +| 30 | Summary: lang:core; ::repeat; Argument[0]; ReturnValue.Field[core::result::Result::Ok(0)].Field[0]; taint | +| 31 | Summary: lang:core; ::repeat_packed; Argument[0]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | +| 32 | Summary: lang:core; ::size; Argument[self].Field[core::alloc::layout::Layout::size]; ReturnValue; value | +| 33 | Summary: lang:core; ::size; Argument[self]; ReturnValue; taint | +| 34 | Summary: lang:core; ::unwrap_or; Argument[self].Field[core::option::Option::Some(0)]; ReturnValue; value | +| 35 | Summary: lang:core; ::expect; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value | +| 36 | Summary: lang:core; ::unwrap; Argument[self].Field[core::result::Result::Ok(0)]; ReturnValue; value | +| 37 | Summary: lang:core; ::parse; Argument[self]; ReturnValue.Field[core::result::Result::Ok(0)]; taint | +| 38 | Summary: lang:core; crate::cmp::max; Argument[0]; ReturnValue; value | +| 39 | Summary: lang:core; crate::cmp::min; Argument[0]; ReturnValue; value | +| 40 | Summary: lang:core; crate::iter::traits::iterator::Iterator::nth; Argument[self].Element; ReturnValue.Field[core::option::Option::Some(0)]; value | nodes | main.rs:12:36:12:43 | ...: usize | semmle.label | ...: usize | | main.rs:18:13:18:31 | ...::realloc | semmle.label | ...::realloc | @@ -404,19 +391,10 @@ nodes | main.rs:60:34:60:35 | k1 | semmle.label | k1 | | main.rs:61:13:61:29 | ...::alloc | semmle.label | ...::alloc | | main.rs:61:31:61:32 | k2 | semmle.label | k2 | -| main.rs:62:9:62:20 | TuplePat [tuple.0] | semmle.label | TuplePat [tuple.0] | -| main.rs:62:10:62:11 | k3 | semmle.label | k3 | -| main.rs:62:24:62:36 | k1.extend(...) [Ok, tuple.0] | semmle.label | k1.extend(...) [Ok, tuple.0] | -| main.rs:62:24:62:45 | ... .unwrap() [tuple.0] | semmle.label | ... .unwrap() [tuple.0] | -| main.rs:63:13:63:29 | ...::alloc | semmle.label | ...::alloc | -| main.rs:63:31:63:32 | k3 | semmle.label | k3 | | main.rs:64:13:64:29 | ...::alloc | semmle.label | ...::alloc | | main.rs:64:31:64:50 | l3.extend_packed(...) [Ok] | semmle.label | l3.extend_packed(...) [Ok] | | main.rs:64:31:64:59 | ... .unwrap() | semmle.label | ... .unwrap() | | main.rs:64:48:64:49 | k1 | semmle.label | k1 | -| main.rs:65:13:65:29 | ...::alloc | semmle.label | ...::alloc | -| main.rs:65:31:65:50 | k1.extend_packed(...) [Ok] | semmle.label | k1.extend_packed(...) [Ok] | -| main.rs:65:31:65:59 | ... .unwrap() | semmle.label | ... .unwrap() | | main.rs:67:9:67:10 | l4 | semmle.label | l4 | | main.rs:67:14:67:47 | ...::array::<...>(...) [Ok] | semmle.label | ...::array::<...>(...) [Ok] | | main.rs:67:14:67:56 | ... .unwrap() | semmle.label | ... .unwrap() | diff --git a/rust/ql/test/query-tests/security/CWE-770/main.rs b/rust/ql/test/query-tests/security/CWE-770/main.rs index 2aafe9317616..f0b70190042c 100644 --- a/rust/ql/test/query-tests/security/CWE-770/main.rs +++ b/rust/ql/test/query-tests/security/CWE-770/main.rs @@ -60,9 +60,9 @@ unsafe fn test_std_alloc_new_repeat_extend(v: usize) { let (k2, _offs2) = l3.extend(k1).unwrap(); let _ = std::alloc::alloc(k2); // $ Alert[rust/uncontrolled-allocation-size]=arg1 let (k3, _offs3) = k1.extend(l3).unwrap(); - let _ = std::alloc::alloc(k3); // $ Alert[rust/uncontrolled-allocation-size]=arg1 + let _ = std::alloc::alloc(k3); // $ MISSING: Alert[rust/uncontrolled-allocation-size]=arg1 (https://github.com/github/codeql/pull/19658) let _ = std::alloc::alloc(l3.extend_packed(k1).unwrap()); // $ Alert[rust/uncontrolled-allocation-size]=arg1 - let _ = std::alloc::alloc(k1.extend_packed(l3).unwrap()); // $ Alert[rust/uncontrolled-allocation-size]=arg1 + let _ = std::alloc::alloc(k1.extend_packed(l3).unwrap()); // $ MISSING: Alert[rust/uncontrolled-allocation-size]=arg1 (https://github.com/github/codeql/pull/19658) let l4 = std::alloc::Layout::array::(v).unwrap(); let _ = std::alloc::alloc(l4); // $ Alert[rust/uncontrolled-allocation-size]=arg1 diff --git a/rust/ql/test/utils-tests/modelgenerator/option.rs b/rust/ql/test/utils-tests/modelgenerator/option.rs index bc1332b75a43..4cb8bff2bc99 100644 --- a/rust/ql/test/utils-tests/modelgenerator/option.rs +++ b/rust/ql/test/utils-tests/modelgenerator/option.rs @@ -414,7 +414,7 @@ impl MyOption<&T> { } } - // summary=repo::test;::cloned;Argument[self].Field[test::option::MyOption::MySome(0)].Reference;ReturnValue.Field[test::option::MyOption::MySome(0)];value;dfc-generated + // MISSING: summary=repo::test;::cloned;Argument[self].Field[test::option::MyOption::MySome(0)].Reference;ReturnValue.Field[test::option::MyOption::MySome(0)];value;dfc-generated pub fn cloned(self) -> MyOption where T: Clone, @@ -438,7 +438,7 @@ impl MyOption<&mut T> { } } - // summary=repo::test;::cloned;Argument[self].Field[test::option::MyOption::MySome(0)].Reference;ReturnValue.Field[test::option::MyOption::MySome(0)];value;dfc-generated + // MISSING: summary=repo::test;::cloned;Argument[self].Field[test::option::MyOption::MySome(0)].Reference;ReturnValue.Field[test::option::MyOption::MySome(0)];value;dfc-generated pub fn cloned(self) -> MyOption where T: Clone, @@ -466,7 +466,7 @@ impl Clone for MyOption where T: Clone, { - // summary=repo::test;::clone;Argument[self].Field[test::option::MyOption::MySome(0)].Reference;ReturnValue.Field[test::option::MyOption::MySome(0)];value;dfc-generated + // MISSING: summary=repo::test;::clone;Argument[self].Field[test::option::MyOption::MySome(0)].Reference;ReturnValue.Field[test::option::MyOption::MySome(0)];value;dfc-generated fn clone(&self) -> Self { match self { MySome(x) => MySome(x.clone()),