feat(rust): Add models + tests

GeekMasher · GeekMasher · commit 121f0584e470 · 2025-01-20T12:06:09.000Z
diff --git a/rust/ql/lib/codeql/rust/frameworks/postgres.model.yml b/rust/ql/lib/codeql/rust/frameworks/postgres.model.yml
@@ -0,0 +1,15 @@
+extensions:
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: sinkModel
+    data:
+      - ["repo:https://github.com/sfackler/rust-postgres:postgres", "<crate::client::Client>::execute", "Argument[0]", "sql-injection", "manual"]
+      - ["repo:https://github.com/sfackler/rust-postgres:postgres", "<crate::client::Client>::batch_execute", "Argument[0]", "sql-injection", "manual"]
+      - ["repo:https://github.com/sfackler/rust-postgres:postgres", "<crate::client::Client>::prepare", "Argument[0]", "sql-injection", "manual"]
+      - ["repo:https://github.com/sfackler/rust-postgres:postgres", "<crate::client::Client>::prepare_typed", "Argument[0]", "sql-injection", "manual"]
+      - ["repo:https://github.com/sfackler/rust-postgres:postgres", "<crate::client::Client>::query", "Argument[0]", "sql-injection", "manual"]
+      - ["repo:https://github.com/sfackler/rust-postgres:postgres", "<crate::client::Client>::query_one", "Argument[0]", "sql-injection", "manual"]
+      - ["repo:https://github.com/sfackler/rust-postgres:postgres", "<crate::client::Client>::query_opt", "Argument[0]", "sql-injection", "manual"]
+      - ["repo:https://github.com/sfackler/rust-postgres:postgres", "<crate::client::Client>::query_raw", "Argument[0]", "sql-injection", "manual"]
+      - ["repo:https://github.com/sfackler/rust-postgres:postgres", "<crate::client::Client>::query_typed", "Argument[0]", "sql-injection", "manual"]
+      - ["repo:https://github.com/sfackler/rust-postgres:postgres", "<crate::client::Client>::query_typed_raw", "Argument[0]", "sql-injection", "manual"]
diff --git a/rust/ql/test/library-tests/frameworks/postgres/Postgres.expected b/rust/ql/test/library-tests/frameworks/postgres/Postgres.expected
diff --git a/rust/ql/test/library-tests/frameworks/postgres/Postgres.ql b/rust/ql/test/library-tests/frameworks/postgres/Postgres.ql
@@ -0,0 +1,19 @@
+import rust
+import codeql.rust.security.SqlInjectionExtensions
+import utils.test.InlineExpectationsTest
+
+module PostgresTest implements TestSig {
+  string getARelevantTag() { result = "sql-sink" }
+
+  predicate hasActualResult(Location location, string element, string tag, string value) {
+    exists(SqlInjection::Sink sink |
+      location = sink.getLocation() and
+      location.getFile().getBaseName() != "" and
+      element = sink.toString() and
+      tag = "sql-sink" and
+      value = ""
+    )
+  }
+}
+
+import MakeTest<PostgresTest>
