Rust: Add models for tokio (io).

Author: geoffw0

rust/ql/lib/codeql/rust/frameworks/tokio/io.model.yml

@@ -0,0 +1,48 @@
+extensions:
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: sourceModel
+    data:
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::stdin::stdin", "ReturnValue", "stdin", "manual"]
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: summaryModel
+    data:
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::io::util::buf_reader::BufReader>::new", "Argument[0]", "ReturnValue", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_buf_read_ext::AsyncBufReadExt::fill_buf", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::io::util::buf_reader::BufReader>::buffer", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_buf_read_ext::AsyncBufReadExt::read_line", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_buf_read_ext::AsyncBufReadExt::read_until", "Argument[self]", "Argument[1].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_buf_read_ext::AsyncBufReadExt::split", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::io::util::split::Split>::next_segment", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_buf_read_ext::AsyncBufReadExt::lines", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "<crate::io::util::lines::Lines>::next_line", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)].Field[crate::option::Option::Some(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_buf", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u8", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u8_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u16", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u16_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u32", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u32_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u64", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u64_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u128", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_u128_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i8", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i8_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i16", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i16_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i32", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i32_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i64", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i64_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i128", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_i128_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_f32", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_f32_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_f64", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["repo:https://github.com/tokio-rs/tokio:tokio", "crate::io::util::async_read_ext::AsyncReadExt::read_f64_le", "Argument[self]", "ReturnValue.Future.Field[crate::result::Result::Ok(0)]", "taint", "manual"]

rust/ql/test/library-tests/dataflow/sources/TaintSources.expected

@@ -36,6 +36,18 @@
 | test.rs:280:46:280:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
 | test.rs:287:46:287:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
 | test.rs:293:46:293:59 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:308:25:308:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:315:25:315:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:322:25:322:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:329:25:329:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:336:25:336:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:348:25:348:40 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:357:52:357:67 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:363:48:363:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:370:52:370:67 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:377:52:377:67 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:384:58:384:73 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
+| test.rs:392:48:392:63 | ...::stdin | Flow source 'StdInSource' of type stdin (DEFAULT). |
 | test.rs:407:31:407:43 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
 | test.rs:412:31:412:38 | ...::read | Flow source 'FileSource' of type file (DEFAULT). |
 | test.rs:417:22:417:39 | ...::read_to_string | Flow source 'FileSource' of type file (DEFAULT). |

rust/ql/test/library-tests/dataflow/sources/test.rs

@@ -305,93 +305,93 @@ async fn test_tokio_stdin() -> Result<(), Box<dyn std::error::Error>> {
     // --- async reading from stdin ---
 
     {
-        let mut stdin = tokio::io::stdin(); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources]
         let mut buffer = [0u8; 100];
         let _bytes = stdin.read(&mut buffer).await?;
-        sink(&buffer); // $ MISSING: hasTaintFlow
+        sink(&buffer); // $ hasTaintFlow
     }
 
     {
-        let mut stdin = tokio::io::stdin(); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources]
         let mut buffer = Vec::<u8>::new();
         let _bytes = stdin.read_to_end(&mut buffer).await?;
-        sink(&buffer); // $ MISSING: hasTaintFlow
+        sink(&buffer); // $ hasTaintFlow
     }
 
     {
-        let mut stdin = tokio::io::stdin(); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources]
         let mut buffer = String::new();
         let _bytes = stdin.read_to_string(&mut buffer).await?;
-        sink(&buffer); // $ MISSING: hasTaintFlow
+        sink(&buffer); // $ hasTaintFlow
     }
 
     {
-        let mut stdin = tokio::io::stdin(); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources]
         let mut buffer = [0; 100];
         stdin.read_exact(&mut buffer).await?;
-        sink(&buffer); // $ MISSING: hasTaintFlow
+        sink(&buffer); // $ hasTaintFlow
     }
 
     {
-        let mut stdin = tokio::io::stdin(); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources]
         let v1 = stdin.read_u8().await?;
         let v2 = stdin.read_i16().await?;
         let v3 = stdin.read_f32().await?;
         let v4 = stdin.read_i64_le().await?;
-        sink(v1); // $ MISSING: hasTaintFlow
-        sink(v2); // $ MISSING: hasTaintFlow
-        sink(v3); // $ MISSING: hasTaintFlow
-        sink(v4); // $ MISSING: hasTaintFlow
+        sink(v1); // $ hasTaintFlow
+        sink(v2); // $ hasTaintFlow
+        sink(v3); // $ hasTaintFlow
+        sink(v4); // $ hasTaintFlow
     }
 
     {
-        let mut stdin = tokio::io::stdin(); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut stdin = tokio::io::stdin(); // $ Alert[rust/summary/taint-sources]
         let mut buffer = bytes::BytesMut::new();
         stdin.read_buf(&mut buffer).await?;
-        sink(&buffer); // $ MISSING: hasTaintFlow
+        sink(&buffer); // $ hasTaintFlow
     }
 
     // --- async reading from stdin (BufReader) ---
 
     {
-        let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources]
         let data = reader.fill_buf().await?;
-        sink(&data); // $ MISSING: hasTaintFlow
+        sink(&data); // $ hasTaintFlow
     }
 
     {
-        let reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        let reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources]
         let data = reader.buffer();
-        sink(&data); // $ MISSING: hasTaintFlow
+        sink(&data); // $ hasTaintFlow
     }
 
     {
         let mut buffer = String::new();
-        let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources]
         reader.read_line(&mut buffer).await?;
-        sink(&buffer); // $ MISSING: hasTaintFlow
+        sink(&buffer); // $ hasTaintFlow
     }
 
     {
         let mut buffer = Vec::<u8>::new();
-        let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources]
         reader.read_until(b',', &mut buffer).await?;
-        sink(&buffer); // $ MISSING: hasTaintFlow
-        sink(buffer[0]); // $ MISSING: hasTaintFlow
+        sink(&buffer); // $ hasTaintFlow
+        sink(buffer[0]); // $ hasTaintFlow
     }
 
     {
-        let mut reader_split = tokio::io::BufReader::new(tokio::io::stdin()).split(b','); // $ MISSING: Alert[rust/summary/taint-sources]
-        sink(reader_split.next_segment().await?.unwrap()); // $ MISSING: hasTaintFlow
+        let mut reader_split = tokio::io::BufReader::new(tokio::io::stdin()).split(b','); // $ Alert[rust/summary/taint-sources]
+        sink(reader_split.next_segment().await?.unwrap()); // $ hasTaintFlow
         while let Some(chunk) = reader_split.next_segment().await? {
             sink(chunk); // $ MISSING: hasTaintFlow
         }
     }
 
     {
-        let reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        let reader = tokio::io::BufReader::new(tokio::io::stdin()); // $ Alert[rust/summary/taint-sources]
         let mut lines = reader.lines();
-        sink(lines.next_line().await?.unwrap()); // $ MISSING: hasTaintFlow
+        sink(lines.next_line().await?.unwrap()); // $ hasTaintFlow
         while let Some(line) = lines.next_line().await? {
             sink(line); // $ MISSING: hasTaintFlow
         }