Rust: Add further source test cases for tokio.

geoffw0 · geoffw0 · commit 38397195a258 · 2025-04-24T11:37:44.000+01:00
diff --git a/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected b/rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
@@ -36,14 +36,14 @@
 | test.rs:278:46:278:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
 | test.rs:285:46:285:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
 | test.rs:291:46:291:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
-| test.rs:384:31:384:43 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:389:31:389:38 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:394:22:394:39 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:400:22:400:25 | path | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:401:27:401:35 | file_name | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:407:22:407:34 | ...::read_link | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:417:20:417:38 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:451:21:451:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:452:21:452:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:460:21:460:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
-| test.rs:621:16:621:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
+| test.rs:403:31:403:43 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:408:31:408:38 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:413:22:413:39 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:419:22:419:25 | path | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:420:27:420:35 | file_name | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:426:22:426:34 | ...::read_link | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:436:20:436:38 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:470:21:470:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:471:21:471:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:479:21:479:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
+| test.rs:657:16:657:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
diff --git a/rust/ql/test/library-tests/dataflow/sources/options.yml b/rust/ql/test/library-tests/dataflow/sources/options.yml
@@ -7,3 +7,4 @@ qltest_dependencies:
     - http = { version = "1.2.0" }
     - tokio = { version = "1.43.0", features = ["full"] }
     - futures = { version = "0.3" }
+    - bytes = { version = "1.10.1" }
diff --git a/rust/ql/test/library-tests/dataflow/sources/test.rs b/rust/ql/test/library-tests/dataflow/sources/test.rs
@@ -330,6 +330,25 @@ async fn test_tokio_stdin() -> Result<(), Box<dyn std::error::Error>> {
         sink(&buffer); // $ MISSING: hasTaintFlow
     }
 
+    {
+        let mut stdin = tokio::io::stdin(); // $ MISSING: Alert[rust/summary/taint-sources]
+        let v1 = stdin.read_u8().await?;
+        let v2 = stdin.read_i16().await?;
+        let v3 = stdin.read_f32().await?;
+        let v4 = stdin.read_i64_le().await?;
+        sink(v1); // $ MISSING: hasTaintFlow
+        sink(v2); // $ MISSING: hasTaintFlow
+        sink(v3); // $ MISSING: hasTaintFlow
+        sink(v4); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut stdin = tokio::io::stdin(); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut buffer = bytes::BytesMut::new();
+        stdin.read_buf(&mut buffer).await?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
     // --- async reading from stdin (BufReader) ---
 
     {
@@ -495,6 +514,23 @@ async fn test_tokio_file() -> std::io::Result<()> {
         sink(&buffer); // $ MISSING: hasTaintFlow="file.txt"
     }
 
+    {
+        let v1 = file.read_u8().await?;
+        let v2 = file.read_i16().await?;
+        let v3 = file.read_f32().await?;
+        let v4 = file.read_i64_le().await?;
+        sink(v1); // $ MISSING: hasTaintFlow
+        sink(v2); // $ MISSING: hasTaintFlow
+        sink(v3); // $ MISSING: hasTaintFlow
+        sink(v4); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = bytes::BytesMut::new();
+        file.read_buf(&mut buffer).await?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
     // --- misc operations ---
 
     {
