Skip to content

Commit 6444494

Browse files
geoffw0geoffw0
committed
Rust: Add taint sinks for target and key-value arguments.
1 parent 2bbf493 commit 6444494

File tree

2 files changed

+39
-37
lines changed

2 files changed

+39
-37
lines changed

rust/ql/lib/codeql/rust/frameworks/log.model.yml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,9 @@ extensions:
33
pack: codeql/rust-all
44
extensible: sinkModel
55
data:
6-
- ["repo:https://github.com/rust-lang/log:log", "crate::__private_api::log", "Argument[0]", "log-injection", "manual"]
6+
- ["repo:https://github.com/rust-lang/log:log", "crate::__private_api::log", "Argument[0]", "log-injection", "manual"] # args
7+
- ["repo:https://github.com/rust-lang/log:log", "crate::__private_api::log", "Argument[2]", "log-injection", "manual"] # target
8+
- ["repo:https://github.com/rust-lang/log:log", "crate::__private_api::log", "Argument[3]", "log-injection", "manual"] # key value
79
- ["lang:std", "crate::io::stdio::_print", "Argument[0]", "log-injection", "manual"]
810
- ["lang:std", "crate::io::stdio::_eprint", "Argument[0]", "log-injection", "manual"]
911
- ["lang:std", "<crate::io::stdio::StdoutLock as crate::io::Write>::write", "Argument[0]", "log-injection", "manual"]

rust/ql/test/query-tests/security/CWE-312/CleartextLogging.expected

Lines changed: 36 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -86,8 +86,8 @@ edges
8686
| test_logging.rs:99:14:99:46 | res | test_logging.rs:99:22:99:45 | { ... } | provenance | |
8787
| test_logging.rs:99:22:99:45 | ...::format(...) | test_logging.rs:99:14:99:46 | res | provenance | |
8888
| test_logging.rs:99:22:99:45 | ...::must_use(...) | test_logging.rs:99:9:99:10 | m3 | provenance | |
89-
| test_logging.rs:99:22:99:45 | MacroExpr | test_logging.rs:99:22:99:45 | ...::format(...) | provenance | MaD:25 |
90-
| test_logging.rs:99:22:99:45 | { ... } | test_logging.rs:99:22:99:45 | ...::must_use(...) | provenance | MaD:24 |
89+
| test_logging.rs:99:22:99:45 | MacroExpr | test_logging.rs:99:22:99:45 | ...::format(...) | provenance | MaD:27 |
90+
| test_logging.rs:99:22:99:45 | { ... } | test_logging.rs:99:22:99:45 | ...::must_use(...) | provenance | MaD:26 |
9191
| test_logging.rs:99:38:99:45 | password | test_logging.rs:99:22:99:45 | MacroExpr | provenance | |
9292
| test_logging.rs:100:11:100:18 | MacroExpr | test_logging.rs:100:5:100:19 | ...::log | provenance | MaD:0 Sink:MaD:0 |
9393
| test_logging.rs:118:12:118:41 | MacroExpr | test_logging.rs:118:5:118:42 | ...::log | provenance | MaD:0 Sink:MaD:0 |
@@ -98,77 +98,77 @@ edges
9898
| test_logging.rs:131:12:131:31 | MacroExpr | test_logging.rs:131:5:131:32 | ...::log | provenance | MaD:0 Sink:MaD:0 |
9999
| test_logging.rs:131:28:131:29 | t1 [tuple.1] | test_logging.rs:131:28:131:31 | t1.1 | provenance | |
100100
| test_logging.rs:131:28:131:31 | t1.1 | test_logging.rs:131:12:131:31 | MacroExpr | provenance | |
101-
| test_logging.rs:152:12:152:35 | MacroExpr | test_logging.rs:152:5:152:36 | ...::_print | provenance | MaD:1 Sink:MaD:1 |
101+
| test_logging.rs:152:12:152:35 | MacroExpr | test_logging.rs:152:5:152:36 | ...::_print | provenance | MaD:3 Sink:MaD:3 |
102102
| test_logging.rs:152:28:152:35 | password | test_logging.rs:152:12:152:35 | MacroExpr | provenance | |
103-
| test_logging.rs:153:14:153:37 | MacroExpr | test_logging.rs:153:5:153:38 | ...::_print | provenance | MaD:1 Sink:MaD:1 |
103+
| test_logging.rs:153:14:153:37 | MacroExpr | test_logging.rs:153:5:153:38 | ...::_print | provenance | MaD:3 Sink:MaD:3 |
104104
| test_logging.rs:153:30:153:37 | password | test_logging.rs:153:14:153:37 | MacroExpr | provenance | |
105-
| test_logging.rs:154:13:154:36 | MacroExpr | test_logging.rs:154:5:154:37 | ...::_eprint | provenance | MaD:2 Sink:MaD:2 |
105+
| test_logging.rs:154:13:154:36 | MacroExpr | test_logging.rs:154:5:154:37 | ...::_eprint | provenance | MaD:4 Sink:MaD:4 |
106106
| test_logging.rs:154:29:154:36 | password | test_logging.rs:154:13:154:36 | MacroExpr | provenance | |
107-
| test_logging.rs:155:15:155:38 | MacroExpr | test_logging.rs:155:5:155:39 | ...::_eprint | provenance | MaD:2 Sink:MaD:2 |
107+
| test_logging.rs:155:15:155:38 | MacroExpr | test_logging.rs:155:5:155:39 | ...::_eprint | provenance | MaD:4 Sink:MaD:4 |
108108
| test_logging.rs:155:31:155:38 | password | test_logging.rs:155:15:155:38 | MacroExpr | provenance | |
109-
| test_logging.rs:158:23:158:46 | MacroExpr | test_logging.rs:158:16:158:47 | ...::panic_fmt | provenance | MaD:7 Sink:MaD:7 |
109+
| test_logging.rs:158:23:158:46 | MacroExpr | test_logging.rs:158:16:158:47 | ...::panic_fmt | provenance | MaD:9 Sink:MaD:9 |
110110
| test_logging.rs:158:39:158:46 | password | test_logging.rs:158:23:158:46 | MacroExpr | provenance | |
111-
| test_logging.rs:159:22:159:45 | MacroExpr | test_logging.rs:159:16:159:46 | ...::panic_fmt | provenance | MaD:7 Sink:MaD:7 |
111+
| test_logging.rs:159:22:159:45 | MacroExpr | test_logging.rs:159:16:159:46 | ...::panic_fmt | provenance | MaD:9 Sink:MaD:9 |
112112
| test_logging.rs:159:38:159:45 | password | test_logging.rs:159:22:159:45 | MacroExpr | provenance | |
113-
| test_logging.rs:160:31:160:54 | MacroExpr | test_logging.rs:160:16:160:55 | ...::panic_fmt | provenance | MaD:7 Sink:MaD:7 |
113+
| test_logging.rs:160:31:160:54 | MacroExpr | test_logging.rs:160:16:160:55 | ...::panic_fmt | provenance | MaD:9 Sink:MaD:9 |
114114
| test_logging.rs:160:47:160:54 | password | test_logging.rs:160:31:160:54 | MacroExpr | provenance | |
115-
| test_logging.rs:161:29:161:52 | MacroExpr | test_logging.rs:161:16:161:53 | ...::panic_fmt | provenance | MaD:7 Sink:MaD:7 |
115+
| test_logging.rs:161:29:161:52 | MacroExpr | test_logging.rs:161:16:161:53 | ...::panic_fmt | provenance | MaD:9 Sink:MaD:9 |
116116
| test_logging.rs:161:45:161:52 | password | test_logging.rs:161:29:161:52 | MacroExpr | provenance | |
117-
| test_logging.rs:162:31:162:54 | MacroExpr | test_logging.rs:162:16:162:55 | ...::panic_fmt | provenance | MaD:7 Sink:MaD:7 |
117+
| test_logging.rs:162:31:162:54 | MacroExpr | test_logging.rs:162:16:162:55 | ...::panic_fmt | provenance | MaD:9 Sink:MaD:9 |
118118
| test_logging.rs:162:47:162:54 | password | test_logging.rs:162:31:162:54 | MacroExpr | provenance | |
119-
| test_logging.rs:163:33:163:56 | ...::Some(...) [Some] | test_logging.rs:163:16:163:57 | ...::assert_failed | provenance | MaD:8 Sink:MaD:8 |
119+
| test_logging.rs:163:33:163:56 | ...::Some(...) [Some] | test_logging.rs:163:16:163:57 | ...::assert_failed | provenance | MaD:10 Sink:MaD:10 |
120120
| test_logging.rs:163:33:163:56 | MacroExpr | test_logging.rs:163:33:163:56 | ...::Some(...) [Some] | provenance | |
121121
| test_logging.rs:163:49:163:56 | password | test_logging.rs:163:33:163:56 | MacroExpr | provenance | |
122-
| test_logging.rs:164:33:164:56 | ...::Some(...) [Some] | test_logging.rs:164:16:164:57 | ...::assert_failed | provenance | MaD:8 Sink:MaD:8 |
122+
| test_logging.rs:164:33:164:56 | ...::Some(...) [Some] | test_logging.rs:164:16:164:57 | ...::assert_failed | provenance | MaD:10 Sink:MaD:10 |
123123
| test_logging.rs:164:33:164:56 | MacroExpr | test_logging.rs:164:33:164:56 | ...::Some(...) [Some] | provenance | |
124124
| test_logging.rs:164:49:164:56 | password | test_logging.rs:164:33:164:56 | MacroExpr | provenance | |
125-
| test_logging.rs:165:37:165:60 | MacroExpr | test_logging.rs:165:16:165:61 | ...::panic_fmt | provenance | MaD:7 Sink:MaD:7 |
125+
| test_logging.rs:165:37:165:60 | MacroExpr | test_logging.rs:165:16:165:61 | ...::panic_fmt | provenance | MaD:9 Sink:MaD:9 |
126126
| test_logging.rs:165:53:165:60 | password | test_logging.rs:165:37:165:60 | MacroExpr | provenance | |
127-
| test_logging.rs:166:39:166:62 | ...::Some(...) [Some] | test_logging.rs:166:16:166:63 | ...::assert_failed | provenance | MaD:8 Sink:MaD:8 |
127+
| test_logging.rs:166:39:166:62 | ...::Some(...) [Some] | test_logging.rs:166:16:166:63 | ...::assert_failed | provenance | MaD:10 Sink:MaD:10 |
128128
| test_logging.rs:166:39:166:62 | MacroExpr | test_logging.rs:166:39:166:62 | ...::Some(...) [Some] | provenance | |
129129
| test_logging.rs:166:55:166:62 | password | test_logging.rs:166:39:166:62 | MacroExpr | provenance | |
130-
| test_logging.rs:167:40:167:63 | ...::Some(...) [Some] | test_logging.rs:167:17:167:64 | ...::assert_failed | provenance | MaD:8 Sink:MaD:8 |
130+
| test_logging.rs:167:40:167:63 | ...::Some(...) [Some] | test_logging.rs:167:17:167:64 | ...::assert_failed | provenance | MaD:10 Sink:MaD:10 |
131131
| test_logging.rs:167:40:167:63 | MacroExpr | test_logging.rs:167:40:167:63 | ...::Some(...) [Some] | provenance | |
132132
| test_logging.rs:167:56:167:63 | password | test_logging.rs:167:40:167:63 | MacroExpr | provenance | |
133-
| test_logging.rs:168:34:168:66 | MacroExpr | test_logging.rs:168:34:168:75 | ... .as_str(...) | provenance | MaD:22 |
133+
| test_logging.rs:168:34:168:66 | MacroExpr | test_logging.rs:168:34:168:75 | ... .as_str(...) | provenance | MaD:24 |
134134
| test_logging.rs:168:34:168:66 | res | test_logging.rs:168:42:168:65 | { ... } | provenance | |
135-
| test_logging.rs:168:34:168:75 | ... .as_str(...) | test_logging.rs:168:27:168:32 | expect | provenance | MaD:9 Sink:MaD:9 |
135+
| test_logging.rs:168:34:168:75 | ... .as_str(...) | test_logging.rs:168:27:168:32 | expect | provenance | MaD:11 Sink:MaD:11 |
136136
| test_logging.rs:168:42:168:65 | ...::format(...) | test_logging.rs:168:34:168:66 | res | provenance | |
137137
| test_logging.rs:168:42:168:65 | ...::must_use(...) | test_logging.rs:168:34:168:66 | MacroExpr | provenance | |
138-
| test_logging.rs:168:42:168:65 | MacroExpr | test_logging.rs:168:42:168:65 | ...::format(...) | provenance | MaD:25 |
139-
| test_logging.rs:168:42:168:65 | { ... } | test_logging.rs:168:42:168:65 | ...::must_use(...) | provenance | MaD:24 |
138+
| test_logging.rs:168:42:168:65 | MacroExpr | test_logging.rs:168:42:168:65 | ...::format(...) | provenance | MaD:27 |
139+
| test_logging.rs:168:42:168:65 | { ... } | test_logging.rs:168:42:168:65 | ...::must_use(...) | provenance | MaD:26 |
140140
| test_logging.rs:168:58:168:65 | password | test_logging.rs:168:42:168:65 | MacroExpr | provenance | |
141-
| test_logging.rs:174:36:174:68 | MacroExpr | test_logging.rs:174:36:174:79 | ... .as_bytes(...) | provenance | MaD:23 |
141+
| test_logging.rs:174:36:174:68 | MacroExpr | test_logging.rs:174:36:174:79 | ... .as_bytes(...) | provenance | MaD:25 |
142142
| test_logging.rs:174:36:174:68 | res | test_logging.rs:174:44:174:67 | { ... } | provenance | |
143-
| test_logging.rs:174:36:174:79 | ... .as_bytes(...) | test_logging.rs:174:30:174:34 | write | provenance | MaD:3 Sink:MaD:3 |
143+
| test_logging.rs:174:36:174:79 | ... .as_bytes(...) | test_logging.rs:174:30:174:34 | write | provenance | MaD:5 Sink:MaD:5 |
144144
| test_logging.rs:174:44:174:67 | ...::format(...) | test_logging.rs:174:36:174:68 | res | provenance | |
145145
| test_logging.rs:174:44:174:67 | ...::must_use(...) | test_logging.rs:174:36:174:68 | MacroExpr | provenance | |
146-
| test_logging.rs:174:44:174:67 | MacroExpr | test_logging.rs:174:44:174:67 | ...::format(...) | provenance | MaD:25 |
147-
| test_logging.rs:174:44:174:67 | { ... } | test_logging.rs:174:44:174:67 | ...::must_use(...) | provenance | MaD:24 |
146+
| test_logging.rs:174:44:174:67 | MacroExpr | test_logging.rs:174:44:174:67 | ...::format(...) | provenance | MaD:27 |
147+
| test_logging.rs:174:44:174:67 | { ... } | test_logging.rs:174:44:174:67 | ...::must_use(...) | provenance | MaD:26 |
148148
| test_logging.rs:174:60:174:67 | password | test_logging.rs:174:44:174:67 | MacroExpr | provenance | |
149-
| test_logging.rs:175:40:175:72 | MacroExpr | test_logging.rs:175:40:175:83 | ... .as_bytes(...) | provenance | MaD:23 |
149+
| test_logging.rs:175:40:175:72 | MacroExpr | test_logging.rs:175:40:175:83 | ... .as_bytes(...) | provenance | MaD:25 |
150150
| test_logging.rs:175:40:175:72 | res | test_logging.rs:175:48:175:71 | { ... } | provenance | |
151-
| test_logging.rs:175:40:175:83 | ... .as_bytes(...) | test_logging.rs:175:30:175:38 | write_all | provenance | MaD:4 Sink:MaD:4 |
151+
| test_logging.rs:175:40:175:83 | ... .as_bytes(...) | test_logging.rs:175:30:175:38 | write_all | provenance | MaD:6 Sink:MaD:6 |
152152
| test_logging.rs:175:48:175:71 | ...::format(...) | test_logging.rs:175:40:175:72 | res | provenance | |
153153
| test_logging.rs:175:48:175:71 | ...::must_use(...) | test_logging.rs:175:40:175:72 | MacroExpr | provenance | |
154-
| test_logging.rs:175:48:175:71 | MacroExpr | test_logging.rs:175:48:175:71 | ...::format(...) | provenance | MaD:25 |
155-
| test_logging.rs:175:48:175:71 | { ... } | test_logging.rs:175:48:175:71 | ...::must_use(...) | provenance | MaD:24 |
154+
| test_logging.rs:175:48:175:71 | MacroExpr | test_logging.rs:175:48:175:71 | ...::format(...) | provenance | MaD:27 |
155+
| test_logging.rs:175:48:175:71 | { ... } | test_logging.rs:175:48:175:71 | ...::must_use(...) | provenance | MaD:26 |
156156
| test_logging.rs:175:64:175:71 | password | test_logging.rs:175:48:175:71 | MacroExpr | provenance | |
157-
| test_logging.rs:178:15:178:47 | MacroExpr | test_logging.rs:178:15:178:58 | ... .as_bytes(...) | provenance | MaD:23 |
157+
| test_logging.rs:178:15:178:47 | MacroExpr | test_logging.rs:178:15:178:58 | ... .as_bytes(...) | provenance | MaD:25 |
158158
| test_logging.rs:178:15:178:47 | res | test_logging.rs:178:23:178:46 | { ... } | provenance | |
159-
| test_logging.rs:178:15:178:58 | ... .as_bytes(...) | test_logging.rs:178:9:178:13 | write | provenance | MaD:3 Sink:MaD:3 |
159+
| test_logging.rs:178:15:178:58 | ... .as_bytes(...) | test_logging.rs:178:9:178:13 | write | provenance | MaD:5 Sink:MaD:5 |
160160
| test_logging.rs:178:23:178:46 | ...::format(...) | test_logging.rs:178:15:178:47 | res | provenance | |
161161
| test_logging.rs:178:23:178:46 | ...::must_use(...) | test_logging.rs:178:15:178:47 | MacroExpr | provenance | |
162-
| test_logging.rs:178:23:178:46 | MacroExpr | test_logging.rs:178:23:178:46 | ...::format(...) | provenance | MaD:25 |
163-
| test_logging.rs:178:23:178:46 | { ... } | test_logging.rs:178:23:178:46 | ...::must_use(...) | provenance | MaD:24 |
162+
| test_logging.rs:178:23:178:46 | MacroExpr | test_logging.rs:178:23:178:46 | ...::format(...) | provenance | MaD:27 |
163+
| test_logging.rs:178:23:178:46 | { ... } | test_logging.rs:178:23:178:46 | ...::must_use(...) | provenance | MaD:26 |
164164
| test_logging.rs:178:39:178:46 | password | test_logging.rs:178:23:178:46 | MacroExpr | provenance | |
165-
| test_logging.rs:181:15:181:47 | MacroExpr | test_logging.rs:181:15:181:58 | ... .as_bytes(...) | provenance | MaD:23 |
165+
| test_logging.rs:181:15:181:47 | MacroExpr | test_logging.rs:181:15:181:58 | ... .as_bytes(...) | provenance | MaD:25 |
166166
| test_logging.rs:181:15:181:47 | res | test_logging.rs:181:23:181:46 | { ... } | provenance | |
167-
| test_logging.rs:181:15:181:58 | ... .as_bytes(...) | test_logging.rs:181:9:181:13 | write | provenance | MaD:5 Sink:MaD:5 |
167+
| test_logging.rs:181:15:181:58 | ... .as_bytes(...) | test_logging.rs:181:9:181:13 | write | provenance | MaD:7 Sink:MaD:7 |
168168
| test_logging.rs:181:23:181:46 | ...::format(...) | test_logging.rs:181:15:181:47 | res | provenance | |
169169
| test_logging.rs:181:23:181:46 | ...::must_use(...) | test_logging.rs:181:15:181:47 | MacroExpr | provenance | |
170-
| test_logging.rs:181:23:181:46 | MacroExpr | test_logging.rs:181:23:181:46 | ...::format(...) | provenance | MaD:25 |
171-
| test_logging.rs:181:23:181:46 | { ... } | test_logging.rs:181:23:181:46 | ...::must_use(...) | provenance | MaD:24 |
170+
| test_logging.rs:181:23:181:46 | MacroExpr | test_logging.rs:181:23:181:46 | ...::format(...) | provenance | MaD:27 |
171+
| test_logging.rs:181:23:181:46 | { ... } | test_logging.rs:181:23:181:46 | ...::must_use(...) | provenance | MaD:26 |
172172
| test_logging.rs:181:39:181:46 | password | test_logging.rs:181:23:181:46 | MacroExpr | provenance | |
173173
nodes
174174
| test_logging.rs:42:5:42:36 | ...::log | semmle.label | ...::log |

0 commit comments

Comments
 (0)