whartondylan
diff --git a/‎rust/ql/lib/codeql/rust/frameworks/sqlx.model.yml
Lines changed: 8 additions & 8 deletions b/‎rust/ql/lib/codeql/rust/frameworks/sqlx.model.yml
Lines changed: 8 additions & 8 deletions
diff --git a/‎rust/ql/lib/codeql/rust/security/CleartextStorageDatabaseExtensions.qll
Lines changed: 3 additions & 1 deletion b/‎rust/ql/lib/codeql/rust/security/CleartextStorageDatabaseExtensions.qll
Lines changed: 3 additions & 1 deletion
@@ -3,11 +3,11 @@ extensions:
       pack: codeql/rust-all
       extensible: sinkModel
     data:
-      - ["sqlx_core::query::query", "Argument[0]", "database-store", "manual"]
-      - ["sqlx_core::query_as::query_as", "Argument[0]", "database-store", "manual"]
-      - ["sqlx_core::query_with::query_with", "Argument[0]", "database-store", "manual"]
-      - ["sqlx_core::query_as_with::query_as_with", "Argument[0]", "database-store", "manual"]
-      - ["sqlx_core::query_scalar::query_scalar", "Argument[0]", "database-store", "manual"]
-      - ["sqlx_core::query_scalar_with::query_scalar_with", "Argument[0]", "database-store", "manual"]
-      - ["sqlx_core::raw_sql::raw_sql", "Argument[0]", "database-store", "manual"]
-      - ["<_ as sqlx_core::executor::Executor>::execute", "Argument[0]", "database-store", "manual"]
+      - ["sqlx_core::query::query", "Argument[0]", "sql-injection", "manual"]
+      - ["sqlx_core::query_as::query_as", "Argument[0]", "sql-injection", "manual"]
+      - ["sqlx_core::query_with::query_with", "Argument[0]", "sql-injection", "manual"]
+      - ["sqlx_core::query_as_with::query_as_with", "Argument[0]", "sql-injection", "manual"]
+      - ["sqlx_core::query_scalar::query_scalar", "Argument[0]", "sql-injection", "manual"]
+      - ["sqlx_core::query_scalar_with::query_scalar_with", "Argument[0]", "sql-injection", "manual"]
+      - ["sqlx_core::raw_sql::raw_sql", "Argument[0]", "sql-injection", "manual"]
+      - ["<_ as sqlx_core::executor::Executor>::execute", "Argument[0]", "sql-injection", "manual"]
@@ -39,8 +39,10 @@ module CleartextStorageDatabase {
 
   /**
    * A sink for cleartext storage vulnerabilities from model data.
+   *  - SQL commands
+   *  - other database storage operations
    */
   private class ModelsAsDataSink extends Sink {
-    ModelsAsDataSink() { exists(string s | sinkNode(this, s) and s.matches("database-store")) }
+    ModelsAsDataSink() { sinkNode(this, ["sql-injection", "database-store"]) }
   }
 }
Original file line number	Diff line number	Diff line change
`@@ -39,8 +39,10 @@ module CleartextStorageDatabase {`
`39`	`39`
`40`	`40`	`/**`
`41`	`41`	`* A sink for cleartext storage vulnerabilities from model data.`
	`42`	`+ * - SQL commands`
	`43`	`+ * - other database storage operations`
`42`	`44`	`*/`
`43`	`45`	`private class ModelsAsDataSink extends Sink {`
`44`		`- ModelsAsDataSink() { exists(string s \| sinkNode(this, s) and s.matches("database-store")) }`
	`46`	`+ ModelsAsDataSink() { sinkNode(this, ["sql-injection", "database-store"]) }`
`45`	`47`	`}`
`46`	`48`	`}`