Rust: Revert ipaddr and fingerprint terms (too many FPs).

geoffw0 · geoffw0 · commit 9f59a3501c32 · 2025-07-14T11:17:09.000+01:00
diff --git a/rust/ql/lib/codeql/rust/security/internal/SensitiveDataHeuristics.qll b/rust/ql/lib/codeql/rust/security/internal/SensitiveDataHeuristics.qll
@@ -114,7 +114,7 @@ module HeuristicNames {
         // Relationships - work and family
         "employ(er|ee)|spouse|maiden.?name|" +
         // Device information
-        "([_-]|\\b)ip.?addr|mac.?addr|finger.?print" +
+        "mac.?addr" +
         // ---
         ").*"
   }
diff --git a/rust/ql/test/library-tests/sensitivedata/test.rs b/rust/ql/test/library-tests/sensitivedata/test.rs
@@ -164,8 +164,8 @@ impl DeviceInfo {
 		sink(&self.api_key); // $ sensitive=password
 		sink(&other.api_key); // $ sensitive=password
 		sink(&self.deviceApiToken); // $ sensitive=password
-		sink(&self.finger_print); // $ sensitive=private
-		sink(&self.ip_address); // $ sensitive=private
+		sink(&self.finger_print); // $ MISSING: sensitive=private
+		sink(&self.ip_address); // $ MISSING: sensitive=private
 		sink(self.macaddr12); // $ sensitive=private
 		sink(&self.mac_addr); // $ sensitive=private
 		sink(self.mac_addr.values); // $ sensitive=private

Original file line number	Diff line number	Diff line change
`@@ -114,7 +114,7 @@ module HeuristicNames {`
`114`	`114`	`// Relationships - work and family`
`115`	`115`	`"employ(er\|ee)\|spouse\|maiden.?name\|" +`
`116`	`116`	`// Device information`
`117`		`- "([_-]\|\\b)ip.?addr\|mac.?addr\|finger.?print" +`
	`117`	`+ "mac.?addr" +`
`118`	`118`	`// ---`
`119`	`119`	`").*"`
`120`	`120`	`}`