Rust: Add source tests for tokio (stdin).

geoffw0 · geoffw0 · commit 307424e87e48 · 2025-04-24T11:14:36.000+01:00
diff --git a/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected b/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
@@ -36,14 +36,14 @@
 | test.rs:278:46:278:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
 | test.rs:285:46:285:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
 | test.rs:291:46:291:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:303:31:303:43 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:308:31:308:38 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:313:22:313:39 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:319:22:319:25 | path | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:320:27:320:35 | file_name | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:326:22:326:34 | ...::read_link | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:336:20:336:38 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:370:21:370:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:371:21:371:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:379:21:379:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:390:16:390:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
+| test.rs:384:31:384:43 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:389:31:389:38 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:394:22:394:39 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:400:22:400:25 | path | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:401:27:401:35 | file_name | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:407:22:407:34 | ...::read_link | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:417:20:417:38 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:451:21:451:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:452:21:452:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:460:21:460:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:471:16:471:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
diff --git a/rust/ql/test/library-tests/dataflow/sources/test.rs b/rust/ql/test/library-tests/dataflow/sources/test.rs
@@ -296,6 +296,87 @@ fn test_io_stdin() -> std::io::Result<()> {
     Ok(())
 }
 
+use tokio::io::{AsyncReadExt, AsyncBufReadExt};
+
+async fn test_tokio_stdin() -> Result<(), Box<dyn std::error::Error>> {
+
+    // --- async reading from stdin ---
+
+    {
+        let mut stdin = tokio::io::stdin(); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut buffer = [0u8; 100];
+        let _bytes = stdin.read(&mut buffer).await?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut stdin = tokio::io::stdin(); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut buffer = Vec::<u8>::new();
+        let _bytes = stdin.read_to_end(&mut buffer).await?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut stdin = tokio::io::stdin(); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut buffer = String::new();
+        let _bytes = stdin.read_to_string(&mut buffer).await?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut stdin = tokio::io::stdin(); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut buffer = [0; 100];
+        stdin.read_exact(&mut buffer).await?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    // --- async reading from stdin (BufReader) ---
+
+    {
+        let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        let data = reader.fill_buf().await?;
+        sink(&data); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        let data = reader.buffer();
+        sink(&data); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = String::new();
+        let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        reader.read_line(&mut buffer).await?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = Vec::<u8>::new();
+        let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        reader.read_until(b',', &mut buffer).await?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+        sink(buffer[0]); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut reader_split = tokio::io::BufReader::new(tokio::io::stdin()).split(b','); // $ MISSING: Alert[rust/summary/taint-sources]
+        while let Some(chunk) = reader_split.next_segment().await? {
+            sink(chunk); // $ MISSING: hasTaintFlow
+        }
+    }
+
+    {
+        let reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut lines = reader.lines();
+        while let Some(line) = lines.next_line().await? {
+            sink(line); // $ hasTai
+        }
+    }
+
+    Ok(())
+}
+
 use std::fs;
 
 fn test_fs() -> Result<(), Box<dyn std::error::Error>> {
@@ -414,6 +495,12 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
     match test_io_stdin() {
         Ok(_) => println!("complete"),
         Err(e) => println!("error: {}", e),
+    }
+
+    println!("test_tokio_stdin...");
+    match futures::executor::block_on(test_tokio_stdin()) {
+        Ok(_) => println!("complete"),
+        Err(e) => println!("error: {}", e),
     }*/
 
     println!("test_fs...");
