Skip to content

Commit

Permalink
Merge pull request #18530 from geoffw0/sourcemodels2
Browse files Browse the repository at this point in the history
Rust: Convert source models to models-as-data
  • Loading branch information
geoffw0 authored Jan 23, 2025
2 parents e448bc6 + 24b35ed commit 9286596
Show file tree
Hide file tree
Showing 10 changed files with 66 additions and 80 deletions.
22 changes: 22 additions & 0 deletions rust/ql/lib/codeql/rust/Concepts.qll
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
private import codeql.rust.dataflow.DataFlow
private import codeql.threatmodels.ThreatModels
private import codeql.rust.Frameworks
private import codeql.rust.dataflow.FlowSource

/**
* A data flow source for a specific threat-model.
Expand Down Expand Up @@ -66,6 +67,13 @@ module CommandLineArgsSource {
}
}

/**
* An externally modeled source for command line arguments.
*/
class ModeledCommandLineArgsSource extends CommandLineArgsSource::Range {
ModeledCommandLineArgsSource() { sourceNode(this, "command-line-source") }
}

/**
* A data flow source corresponding to the program's environment.
*/
Expand All @@ -85,6 +93,13 @@ module EnvironmentSource {
}
}

/**
* An externally modeled source for data from the program's environment.
*/
class ModeledEnvironmentSource extends EnvironmentSource::Range {
ModeledEnvironmentSource() { sourceNode(this, "environment-source") }
}

/**
* A data flow source for remote (network) data.
*/
Expand All @@ -104,6 +119,13 @@ module RemoteSource {
}
}

/**
* An externally modeled source for remote (network) data.
*/
class ModeledRemoteSource extends RemoteSource::Range {
ModeledRemoteSource() { sourceNode(this, "remote") }
}

/**
* A data flow node that constructs a SQL statement (for later execution).
*
Expand Down
2 changes: 0 additions & 2 deletions rust/ql/lib/codeql/rust/Frameworks.qll
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,5 @@
* This file imports all models of frameworks and libraries.
*/

private import codeql.rust.frameworks.Reqwest
private import codeql.rust.frameworks.rustcrypto.RustCrypto
private import codeql.rust.frameworks.stdlib.Env
private import codeql.rust.frameworks.Sqlx
19 changes: 0 additions & 19 deletions rust/ql/lib/codeql/rust/frameworks/Reqwest.qll

This file was deleted.

6 changes: 6 additions & 0 deletions rust/ql/lib/codeql/rust/frameworks/reqwest.model.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,10 @@
extensions:
- addsTo:
pack: codeql/rust-all
extensible: sourceModel
data:
- ["repo:https://github.com/seanmonstar/reqwest:reqwest", "crate::get", "ReturnValue", "remote", "manual"]
- ["repo:https://github.com/seanmonstar/reqwest:reqwest", "crate::blocking::get", "ReturnValue", "remote", "manual"]
- addsTo:
pack: codeql/rust-all
extensible: summaryModel
Expand Down
36 changes: 0 additions & 36 deletions rust/ql/lib/codeql/rust/frameworks/stdlib/Env.qll

This file was deleted.

14 changes: 14 additions & 0 deletions rust/ql/lib/codeql/rust/frameworks/stdlib/env.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
extensions:
- addsTo:
pack: codeql/rust-all
extensible: sourceModel
data:
- ["lang:std", "crate::env::args", "ReturnValue", "command-line-source", "manual"]
- ["lang:std", "crate::env::args_os", "ReturnValue", "command-line-source", "manual"]
- ["lang:std", "crate::env::current_dir", "ReturnValue", "command-line-source", "manual"]
- ["lang:std", "crate::env::current_exe", "ReturnValue", "command-line-source", "manual"]
- ["lang:std", "crate::env::home_dir", "ReturnValue", "command-line-source", "manual"]
- ["lang:std", "crate::env::var", "ReturnValue", "environment-source", "manual"]
- ["lang:std", "crate::env::var_os", "ReturnValue", "environment-source", "manual"]
- ["lang:std", "crate::env::vars", "ReturnValue", "environment-source", "manual"]
- ["lang:std", "crate::env::vars_os", "ReturnValue", "environment-source", "manual"]
Original file line number Diff line number Diff line change
Expand Up @@ -174,7 +174,8 @@ module ComputationallyExpensiveHashFunction {
}

/**
* An externally modeled operation that hashes data, for example a call to `md5::Md5::digest(data)`.
* An externally modeled operation that hashes data, for example a call to `md5::Md5::digest(data)`. The
* model should identify the argument of a call that is the data to be hashed.
*/
class ModeledHashOperation extends Cryptography::CryptographicOperation::Range {
DataFlow::Node input;
Expand Down
34 changes: 17 additions & 17 deletions rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
| test.rs:8:10:8:30 | ...::var(...) | Flow source 'EnvironmentSource' of type environment. |
| test.rs:9:10:9:33 | ...::var_os(...) | Flow source 'EnvironmentSource' of type environment. |
| test.rs:11:16:11:36 | ...::var(...) | Flow source 'EnvironmentSource' of type environment. |
| test.rs:12:16:12:39 | ...::var_os(...) | Flow source 'EnvironmentSource' of type environment. |
| test.rs:17:25:17:40 | ...::vars(...) | Flow source 'EnvironmentSource' of type environment. |
| test.rs:22:25:22:43 | ...::vars_os(...) | Flow source 'EnvironmentSource' of type environment. |
| test.rs:29:29:29:44 | ...::args(...) | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:32:16:32:31 | ...::args(...) | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:33:16:33:34 | ...::args_os(...) | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:40:16:40:31 | ...::args(...) | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:44:16:44:34 | ...::args_os(...) | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:50:15:50:37 | ...::current_dir(...) | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:51:15:51:37 | ...::current_exe(...) | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:52:16:52:35 | ...::home_dir(...) | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:60:26:60:70 | ...::get(...) | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:63:26:63:70 | ...::get(...) | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:66:26:66:60 | ...::get(...) | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:8:10:8:22 | ...::var | Flow source 'EnvironmentSource' of type environment. |
| test.rs:9:10:9:25 | ...::var_os | Flow source 'EnvironmentSource' of type environment. |
| test.rs:11:16:11:28 | ...::var | Flow source 'EnvironmentSource' of type environment. |
| test.rs:12:16:12:31 | ...::var_os | Flow source 'EnvironmentSource' of type environment. |
| test.rs:17:25:17:38 | ...::vars | Flow source 'EnvironmentSource' of type environment. |
| test.rs:22:25:22:41 | ...::vars_os | Flow source 'EnvironmentSource' of type environment. |
| test.rs:29:29:29:42 | ...::args | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:32:16:32:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:33:16:33:32 | ...::args_os | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:40:16:40:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:44:16:44:32 | ...::args_os | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:50:15:50:35 | ...::current_dir | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:51:15:51:35 | ...::current_exe | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:52:16:52:33 | ...::home_dir | Flow source 'CommandLineArgs' of type commandargs. |
| test.rs:60:26:60:47 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:63:26:63:47 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
| test.rs:66:26:66:37 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
4 changes: 2 additions & 2 deletions rust/ql/test/library-tests/dataflow/sources/test.rs
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@ fn sink<T>(_: T) { }
// --- tests ---

fn test_env_vars() {
sink(std::env::var("HOME")); // $ Alert[rust/summary/taint-sources] hasTaintFlow
sink(std::env::var_os("PATH")); // $ Alert[rust/summary/taint-sources] hasTaintFlow
sink(std::env::var("HOME")); // $ Alert[rust/summary/taint-sources] hasTaintFlow="HOME"
sink(std::env::var_os("PATH")); // $ Alert[rust/summary/taint-sources] hasTaintFlow="PATH"

let var1 = std::env::var("HOME").expect("HOME not set"); // $ Alert[rust/summary/taint-sources]
let var2 = std::env::var_os("PATH").unwrap(); // $ Alert[rust/summary/taint-sources]
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
| file://:0:0:0:0 | [summary param] 0 in lang:alloc::_::crate::fmt::format | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:alloc::_::crate::fmt::format | MaD:24 |
| file://:0:0:0:0 | [summary param] self in lang:alloc::_::<crate::string::String>::as_str | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:alloc::_::<crate::string::String>::as_str | MaD:22 |
| file://:0:0:0:0 | [summary param] self in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::blocking::response::Response>::text | file://:0:0:0:0 | [summary] to write: ReturnValue.Variant[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::blocking::response::Response>::text | MaD:10 |
| file://:0:0:0:0 | [summary param] 0 in lang:alloc::_::crate::fmt::format | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:alloc::_::crate::fmt::format | MaD:35 |
| file://:0:0:0:0 | [summary param] self in lang:alloc::_::<crate::string::String>::as_str | file://:0:0:0:0 | [summary] to write: ReturnValue in lang:alloc::_::<crate::string::String>::as_str | MaD:33 |
| file://:0:0:0:0 | [summary param] self in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::blocking::response::Response>::text | file://:0:0:0:0 | [summary] to write: ReturnValue.Variant[crate::result::Result::Ok(0)] in repo:https://github.com/seanmonstar/reqwest:reqwest::_::<crate::blocking::response::Response>::text | MaD:12 |
| main.rs:4:5:4:8 | 1000 | main.rs:4:5:4:12 | ... + ... | |
| main.rs:4:12:4:12 | i | main.rs:4:5:4:12 | ... + ... | |
| main.rs:8:20:8:20 | s | main.rs:8:14:8:20 | FormatArgsExpr | |
Expand Down

0 comments on commit 9286596

Please sign in to comment.