Rust: Model futures::executor::block_on.

Author: geoffw0

rust/ql/lib/codeql/rust/frameworks/futures.model.yml

@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: summaryModel
+    data:
+      - ["repo:https://github.com/rust-lang/futures-rs:futures-executor", "crate::local_pool::block_on", "Argument[0]", "ReturnValue", "value", "manual"]

rust/ql/test/library-tests/dataflow/global/inline-flow.expected

@@ -1,4 +1,5 @@
 models
+| 1 | Summary: repo:https://github.com/rust-lang/futures-rs:futures-executor; crate::local_pool::block_on; Argument[0]; ReturnValue; value |
 edges
 | main.rs:12:28:14:1 | { ... } | main.rs:17:13:17:23 | get_data(...) | provenance |  |
 | main.rs:13:5:13:13 | source(...) | main.rs:12:28:14:1 | { ... } | provenance |  |
@@ -71,10 +72,15 @@ edges
 | main.rs:161:9:161:9 | d [MyInt] | main.rs:162:10:162:10 | d [MyInt] | provenance |  |
 | main.rs:161:13:161:20 | a.add(...) [MyInt] | main.rs:161:9:161:9 | d [MyInt] | provenance |  |
 | main.rs:162:10:162:10 | d [MyInt] | main.rs:162:10:162:16 | d.value | provenance |  |
+| main.rs:200:32:204:1 | { ... } | main.rs:219:41:219:54 | async_source(...) | provenance |  |
+| main.rs:201:9:201:9 | a | main.rs:200:32:204:1 | { ... } | provenance |  |
 | main.rs:201:9:201:9 | a | main.rs:202:10:202:10 | a | provenance |  |
 | main.rs:201:13:201:21 | source(...) | main.rs:201:9:201:9 | a | provenance |  |
 | main.rs:211:13:211:13 | c | main.rs:212:14:212:14 | c | provenance |  |
 | main.rs:211:17:211:25 | source(...) | main.rs:211:13:211:13 | c | provenance |  |
+| main.rs:219:9:219:9 | a | main.rs:220:10:220:10 | a | provenance |  |
+| main.rs:219:13:219:55 | ...::block_on(...) | main.rs:219:9:219:9 | a | provenance |  |
+| main.rs:219:41:219:54 | async_source(...) | main.rs:219:13:219:55 | ...::block_on(...) | provenance | MaD:1 |
 nodes
 | main.rs:12:28:14:1 | { ... } | semmle.label | { ... } |
 | main.rs:13:5:13:13 | source(...) | semmle.label | source(...) |
@@ -156,12 +162,17 @@ nodes
 | main.rs:161:13:161:20 | a.add(...) [MyInt] | semmle.label | a.add(...) [MyInt] |
 | main.rs:162:10:162:10 | d [MyInt] | semmle.label | d [MyInt] |
 | main.rs:162:10:162:16 | d.value | semmle.label | d.value |
+| main.rs:200:32:204:1 | { ... } | semmle.label | { ... } |
 | main.rs:201:9:201:9 | a | semmle.label | a |
 | main.rs:201:13:201:21 | source(...) | semmle.label | source(...) |
 | main.rs:202:10:202:10 | a | semmle.label | a |
 | main.rs:211:13:211:13 | c | semmle.label | c |
 | main.rs:211:17:211:25 | source(...) | semmle.label | source(...) |
 | main.rs:212:14:212:14 | c | semmle.label | c |
+| main.rs:219:9:219:9 | a | semmle.label | a |
+| main.rs:219:13:219:55 | ...::block_on(...) | semmle.label | ...::block_on(...) |
+| main.rs:219:41:219:54 | async_source(...) | semmle.label | async_source(...) |
+| main.rs:220:10:220:10 | a | semmle.label | a |
 subpaths
 | main.rs:36:26:36:26 | a | main.rs:30:17:30:22 | ...: i64 | main.rs:30:32:32:1 | { ... } | main.rs:36:13:36:27 | pass_through(...) |
 | main.rs:41:26:44:5 | { ... } | main.rs:30:17:30:22 | ...: i64 | main.rs:30:32:32:1 | { ... } | main.rs:41:13:44:6 | pass_through(...) |
@@ -186,3 +197,4 @@ testFailures
 | main.rs:162:10:162:16 | d.value | main.rs:159:28:159:36 | source(...) | main.rs:162:10:162:16 | d.value | $@ | main.rs:159:28:159:36 | source(...) | source(...) |
 | main.rs:202:10:202:10 | a | main.rs:201:13:201:21 | source(...) | main.rs:202:10:202:10 | a | $@ | main.rs:201:13:201:21 | source(...) | source(...) |
 | main.rs:212:14:212:14 | c | main.rs:211:17:211:25 | source(...) | main.rs:212:14:212:14 | c | $@ | main.rs:211:17:211:25 | source(...) | source(...) |
+| main.rs:220:10:220:10 | a | main.rs:201:13:201:21 | source(...) | main.rs:220:10:220:10 | a | $@ | main.rs:201:13:201:21 | source(...) | source(...) |

rust/ql/test/library-tests/dataflow/global/main.rs

@@ -217,7 +217,7 @@ async fn test_async_await_async_part() {
 
 fn test_async_await() {
     let a = futures::executor::block_on(async_source());
-    sink(a); // $ MISSING: hasValueFlow=1
+    sink(a); // $ hasValueFlow=1
 
     futures::executor::block_on(test_async_await_async_part());
 }

rust/ql/test/library-tests/dataflow/global/viableCallable.expected

@@ -50,8 +50,10 @@
 | main.rs:211:17:211:25 | source(...) | main.rs:1:1:3:1 | fn source |
 | main.rs:212:9:212:15 | sink(...) | main.rs:5:1:7:1 | fn sink |
 | main.rs:215:5:215:17 | sink(...) | main.rs:5:1:7:1 | fn sink |
+| main.rs:219:13:219:55 | ...::block_on(...) | file://:0:0:0:0 | repo:https://github.com/rust-lang/futures-rs:futures-executor::_::crate::local_pool::block_on |
 | main.rs:219:41:219:54 | async_source(...) | main.rs:200:1:204:1 | fn async_source |
 | main.rs:220:5:220:11 | sink(...) | main.rs:5:1:7:1 | fn sink |
+| main.rs:222:5:222:62 | ...::block_on(...) | file://:0:0:0:0 | repo:https://github.com/rust-lang/futures-rs:futures-executor::_::crate::local_pool::block_on |
 | main.rs:222:33:222:61 | test_async_await_async_part(...) | main.rs:206:1:216:1 | fn test_async_await_async_part |
 | main.rs:226:5:226:22 | data_out_of_call(...) | main.rs:16:1:19:1 | fn data_out_of_call |
 | main.rs:227:5:227:21 | data_in_to_call(...) | main.rs:25:1:28:1 | fn data_in_to_call |

rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected

@@ -1909,6 +1909,7 @@ models
 | 1058 | Summary: lang:std; crate::thread::current::set_current; Argument[0]; ReturnValue.Field[crate::result::Result::Err(0)]; value |
 | 1059 | Summary: lang:std; crate::thread::current::try_with_current; Argument[0].ReturnValue; ReturnValue; value |
 | 1060 | Summary: lang:std; crate::thread::with_current_name; Argument[0].ReturnValue; ReturnValue; value |
+| 1061 | Summary: repo:https://github.com/rust-lang/futures-rs:futures-executor; crate::local_pool::block_on; Argument[0]; ReturnValue; value |
 storeStep
 | file://:0:0:0:0 | [summary] to write: Argument[0].Field[crate::option::Option::Some(0)] in lang:core::_::<crate::option::Option>::zip_with | Some | file://:0:0:0:0 | [post] [summary param] 0 in lang:core::_::<crate::option::Option>::zip_with |
 | file://:0:0:0:0 | [summary] to write: Argument[0].Parameter[0].Reference in lang:alloc::_::<crate::collections::vec_deque::VecDeque>::retain | &ref | file://:0:0:0:0 | [summary] to write: Argument[0].Parameter[0] in lang:alloc::_::<crate::collections::vec_deque::VecDeque>::retain |

rust/ql/test/query-tests/security/CWE-020/RegexInjection.expected

@@ -2,15 +2,15 @@
 | main.rs:6:25:6:30 | &regex | main.rs:4:20:4:32 | ...::var | main.rs:6:25:6:30 | &regex | This regular expression is constructed from a $@. | main.rs:4:20:4:32 | ...::var | user-provided value |
 edges
 | main.rs:4:9:4:16 | username | main.rs:5:25:5:44 | MacroExpr | provenance |  |
-| main.rs:4:20:4:32 | ...::var | main.rs:4:20:4:40 | ...::var(...) [Ok] | provenance | Src:MaD:62  |
-| main.rs:4:20:4:40 | ...::var(...) [Ok] | main.rs:4:20:4:66 | ... .unwrap_or(...) | provenance | MaD:1593 |
+| main.rs:4:20:4:32 | ...::var | main.rs:4:20:4:40 | ...::var(...) [Ok] | provenance | Src:MaD:63  |
+| main.rs:4:20:4:40 | ...::var(...) [Ok] | main.rs:4:20:4:66 | ... .unwrap_or(...) | provenance | MaD:1594 |
 | main.rs:4:20:4:66 | ... .unwrap_or(...) | main.rs:4:9:4:16 | username | provenance |  |
 | main.rs:5:9:5:13 | regex | main.rs:6:26:6:30 | regex | provenance |  |
 | main.rs:5:17:5:45 | res | main.rs:5:25:5:44 | { ... } | provenance |  |
 | main.rs:5:25:5:44 | ...::format(...) | main.rs:5:17:5:45 | res | provenance |  |
 | main.rs:5:25:5:44 | ...::must_use(...) | main.rs:5:9:5:13 | regex | provenance |  |
-| main.rs:5:25:5:44 | MacroExpr | main.rs:5:25:5:44 | ...::format(...) | provenance | MaD:66 |
-| main.rs:5:25:5:44 | { ... } | main.rs:5:25:5:44 | ...::must_use(...) | provenance | MaD:3016 |
+| main.rs:5:25:5:44 | MacroExpr | main.rs:5:25:5:44 | ...::format(...) | provenance | MaD:67 |
+| main.rs:5:25:5:44 | { ... } | main.rs:5:25:5:44 | ...::must_use(...) | provenance | MaD:3017 |
 | main.rs:6:26:6:30 | regex | main.rs:6:25:6:30 | &regex | provenance |  |
 nodes
 | main.rs:4:9:4:16 | username | semmle.label | username |