Rust: Add tests for std::io sources.

Author: geoffw0

rust/ql/test/library-tests/dataflow/sources/TaintSources.expected

@@ -22,4 +22,4 @@
 | test.rs:80:24:80:35 | ...::get | Flow source 'RemoteSource' of type remote (DEFAULT). |
 | test.rs:112:35:112:46 | send_request | Flow source 'RemoteSource' of type remote (DEFAULT). |
 | test.rs:119:31:119:42 | send_request | Flow source 'RemoteSource' of type remote (DEFAULT). |
-| test.rs:203:16:203:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
+| test.rs:352:16:352:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |

rust/ql/test/library-tests/dataflow/sources/test.rs

@@ -198,6 +198,155 @@ async fn test_hyper_http(case: i64) -> Result<(), Box<dyn std::error::Error>> {
     Ok(())
 }
 
+use std::io::Read;
+use std::io::BufRead;
+
+fn test_io_fs() -> std::io::Result<()> {
+    // --- stdin ---
+
+    {
+        let mut buffer = [0u8; 100];
+        let _bytes = std::io::stdin().read(&mut buffer)?; // $ MISSING: Alert[rust/summary/taint-sources]
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = Vec::<u8>::new();
+        let _bytes = std::io::stdin().read_to_end(&mut buffer)?; // $ MISSING: Alert[rust/summary/taint-sources]
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = String::new();
+        let _bytes = std::io::stdin().read_to_string(&mut buffer)?; // $ MISSING: Alert[rust/summary/taint-sources]
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = [0; 100];
+        std::io::stdin().read_exact(&mut buffer)?; // $ MISSING: Alert[rust/summary/taint-sources]
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    for byte in std::io::stdin().bytes() { // $ MISSING: Alert[rust/summary/taint-sources]
+        sink(byte); // $ MISSING: hasTaintFlow
+    }
+
+    // --- file ---
+
+    let mut file = std::fs::File::open("file.txt")?; // $ MISSING: Alert[rust/summary/taint-sources]
+
+    {
+        let mut buffer = [0u8; 100];
+        let _bytes = file.read(&mut buffer)?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = Vec::<u8>::new();
+        let _bytes = file.read_to_end(&mut buffer)?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = String::new();
+        let _bytes = file.read_to_string(&mut buffer)?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = [0; 100];
+        file.read_exact(&mut buffer)?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    for byte in file.bytes() {
+        sink(byte); // $ MISSING: hasTaintFlow
+    }
+
+    // --- BufReader ---
+
+    {
+        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        let data = reader.fill_buf()?;
+        sink(&data); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        let data = reader.buffer();
+        sink(&data); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = String::new();
+        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        reader.read_line(&mut buffer)?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = Vec::<u8>::new();
+        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        reader.read_until(b',', &mut buffer)?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = Vec::<u8>::new();
+        let mut reader_split = std::io::BufReader::new(std::io::stdin()).split(b','); // $ MISSING: Alert[rust/summary/taint-sources]
+        while let Some(chunk) = reader_split.next() {
+            sink(chunk.unwrap()); // $ MISSING: hasTaintFlow
+        }
+    }
+
+    {
+        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        for line in reader.lines() {
+            sink(line); // $ MISSING: Alert[rust/summary/taint-sources]
+        }
+    }
+
+    {
+        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        let line = reader.lines().nth(1).unwrap();
+        sink(line.unwrap().clone()); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut reader = std::io::BufReader::new(std::io::stdin()); // $ MISSING: Alert[rust/summary/taint-sources]
+        let lines: Vec<_> = reader.lines().collect();
+        sink(lines[1].as_ref().unwrap().clone()); // $ MISSING: hasTaintFlow
+    }
+
+    // --- misc operations ---
+
+    {
+        let mut buffer = String::new();
+        let mut file1 = std::fs::File::open("file.txt")?; // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut file2 = std::fs::File::open("another_file.txt")?; // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut reader = file1.chain(file2);
+        reader.read_to_string(&mut buffer)?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = String::new();
+        let mut file1 = std::fs::File::open("file.txt")?; // $ MISSING: Alert[rust/summary/taint-sources]
+        let mut reader = file1.take(100);
+        reader.read_to_string(&mut buffer)?;
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    {
+        let mut buffer = String::new();
+        let _bytes = std::io::stdin().lock().read_to_string(&mut buffer)?; // $ MISSING: Alert[rust/summary/taint-sources]
+        sink(&buffer); // $ MISSING: hasTaintFlow
+    }
+
+    Ok(())
+}
+
 #[tokio::main]
 async fn main() -> Result<(), Box<dyn std::error::Error>> {
     let case = std::env::args().nth(1).unwrap_or(String::from("1")).parse::<i64>().unwrap(); // $ Alert[rust/summary/taint-sources]