Rust: Corrections after the merge.

geoffw0 · geoffw0 · commit 0ec10e5c3031 · 2025-07-21T12:12:23.000+01:00
diff --git a/rust/ql/lib/codeql/rust/frameworks/genericarray.model.yml b/rust/ql/lib/codeql/rust/frameworks/genericarray.model.yml
@@ -1,7 +1,7 @@
 extensions:
   - addsTo:
       pack: codeql/rust-all
-      extensible: summaryModel
+      extensible: summaryModelDeprecated
     data:
       - ["repo:https://github.com/fizyk20/generic-array.git:generic-array", "<crate::GenericArray>::from_slice", "Argument[0].Reference", "ReturnValue.Reference", "value", "manual"]
       - ["repo:https://github.com/fizyk20/generic-array.git:generic-array", "<crate::GenericArray>::from_mut_slice", "Argument[0].Reference", "ReturnValue.Reference", "value", "manual"]
diff --git a/rust/ql/lib/codeql/rust/frameworks/stdlib/lang-core.model.yml b/rust/ql/lib/codeql/rust/frameworks/stdlib/lang-core.model.yml
@@ -1,7 +1,7 @@
 extensions:
   - addsTo:
       pack: codeql/rust-all
-      extensible: sourceModel
+      extensible: sourceModelDeprecated
     data:
       - ["lang:core", "crate::mem::zeroed", "ReturnValue.Element", "constant-source", "manual"]
   - addsTo:
@@ -12,8 +12,6 @@ extensions:
       - ["lang:core", "<_ as crate::convert::Into>::into", "Argument[self].Element", "ReturnValue.Element", "taint", "manual"]
       - ["lang:core", "<_ as crate::convert::Into>::into", "Argument[self].Reference.Element", "ReturnValue.Element", "taint", "manual"]
       - ["lang:core", "<[_]>::align_to", "Argument[self].Element", "ReturnValue.Field[0,1,2].Reference.Element", "taint", "manual"]
-      # Fmt
-      - ["lang:alloc", "crate::fmt::format", "Argument[0]", "ReturnValue", "taint", "manual"]
   - addsTo:
       pack: codeql/rust-all
       extensible: summaryModel
diff --git a/rust/ql/lib/codeql/rust/security/HardcodedCryptographicValueExtensions.qll b/rust/ql/lib/codeql/rust/security/HardcodedCryptographicValueExtensions.qll
@@ -7,6 +7,7 @@ import rust
 private import codeql.rust.dataflow.DataFlow
 private import codeql.rust.dataflow.FlowSource
 private import codeql.rust.dataflow.FlowSink
+private import codeql.rust.Concepts
 private import codeql.rust.security.SensitiveData
 
 /**
@@ -44,7 +45,9 @@ module HardcodedCryptographicValue {
   /**
    * A data flow sink for hard-coded cryptographic value vulnerabilities.
    */
-  abstract class Sink extends DataFlow::Node {
+  abstract class Sink extends QuerySink::Range {
+    override string getSinkType() { result = "HardcodedCryptographicValue" }
+
     /**
      * Gets the kind of credential this sink is interpreted as.
      */
diff --git a/rust/ql/src/queries/summary/Stats.qll b/rust/ql/src/queries/summary/Stats.qll
@@ -4,6 +4,7 @@
 
 import rust
 private import codeql.rust.dataflow.DataFlow
+private import codeql.rust.dataflow.internal.DataFlowImpl
 private import codeql.rust.dataflow.internal.TaintTrackingImpl
 private import codeql.rust.internal.AstConsistency as AstConsistency
 private import codeql.rust.internal.PathResolutionConsistency as PathResolutionConsistency
@@ -16,15 +17,15 @@ private import codeql.rust.Diagnostics
 private import codeql.rust.security.SensitiveData
 private import TaintReach
 // import all query extensions files, so that all extensions of `QuerySink` are found
-private import codeql.rust.security.CleartextLoggingExtensions
-private import codeql.rust.security.HardcodedCryptographicValueExtensions
-private import codeql.rust.security.SqlInjectionExtensions
-private import codeql.rust.security.WeakSensitiveDataHashingExtensions
 private import codeql.rust.security.regex.RegexInjectionExtensions
 private import codeql.rust.security.AccessInvalidPointerExtensions
+private import codeql.rust.security.CleartextLoggingExtensions
 private import codeql.rust.security.CleartextTransmissionExtensions
+private import codeql.rust.security.SqlInjectionExtensions
 private import codeql.rust.security.TaintedPathExtensions
 private import codeql.rust.security.UncontrolledAllocationSizeExtensions
+private import codeql.rust.security.WeakSensitiveDataHashingExtensions
+private import codeql.rust.security.HardcodedCryptographicValueExtensions
 
 /**
  * Gets a count of the total number of lines of code in the database.
@@ -91,17 +92,6 @@ int getTaintEdgesCount() {
     )
 }
 
-/**
- * Gets a kind of query for which `n` is a sink (if any).
- */
-string getAQuerySinkKind(DataFlow::Node n) {
-  n instanceof SqlInjection::Sink and result = "SqlInjection"
-  or
-  n instanceof CleartextLogging::Sink and result = "CleartextLogging"
-  or
-  n instanceof HardcodedCryptographicValue::Sink and result = "HardcodedCryptographicValue"
-}
-
 /**
  * Gets a count of the total number of query sinks in the database.
  */
diff --git a/rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected b/rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
diff --git a/rust/ql/test/query-tests/security/CWE-798/HardcodedCryptographicValue.expected b/rust/ql/test/query-tests/security/CWE-798/HardcodedCryptographicValue.expected
