Skip to content

Commit

Permalink
Rust: Never skip match scrutinee/patterns in data flow
Browse files Browse the repository at this point in the history
  • Loading branch information
@hvitved
hvitved committed Dec 16, 2024
1 parent 9f2b436 commit ddd05b5
Show file tree
Hide file tree
Showing 4 changed files with 53 additions and 16 deletions.
5 changes: 5 additions & 0 deletions rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -859,6 +859,11 @@ module RustDataFlow implements InputSig<Location> {
node.getCfgNode() = any(LetStmtCfgNode s).getPat()
or
node.getCfgNode() = any(AssignmentExprCfgNode a).getLhs()
or
exists(MatchExprCfgNode match |
node.asExpr() = match.getScrutinee() or
node.asExpr() = match.getArmPat(_)
)
}

class DataFlowExpr = ExprCfgNode;
Expand Down
4 changes: 3 additions & 1 deletion rust/ql/test/library-tests/dataflow/barrier/inline-flow.expected
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
models
edges
| main.rs:9:13:9:19 | ...: ... | main.rs:9:30:14:1 | { ... } | provenance | |
| main.rs:9:13:9:19 | ...: ... | main.rs:10:11:10:11 | s | provenance | |
| main.rs:10:11:10:11 | s | main.rs:9:30:14:1 | { ... } | provenance | |
| main.rs:21:9:21:9 | s | main.rs:22:10:22:10 | s | provenance | |
| main.rs:21:13:21:21 | source(...) | main.rs:21:9:21:9 | s | provenance | |
| main.rs:26:9:26:9 | s | main.rs:27:22:27:22 | s | provenance | |
Expand All @@ -14,6 +15,7 @@ edges
nodes
| main.rs:9:13:9:19 | ...: ... | semmle.label | ...: ... |
| main.rs:9:30:14:1 | { ... } | semmle.label | { ... } |
| main.rs:10:11:10:11 | s | semmle.label | s |
| main.rs:17:10:17:18 | source(...) | semmle.label | source(...) |
| main.rs:21:9:21:9 | s | semmle.label | s |
| main.rs:21:13:21:21 | source(...) | semmle.label | source(...) |
Expand Down
44 changes: 33 additions & 11 deletions rust/ql/test/library-tests/dataflow/local/inline-flow.expected
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,14 +38,16 @@ edges
| main.rs:148:12:148:21 | source(...) | main.rs:147:13:150:5 | Point {...} [Point.x] | provenance | |
| main.rs:151:9:151:28 | Point {...} [Point.x] | main.rs:151:20:151:20 | a | provenance | |
| main.rs:151:20:151:20 | a | main.rs:152:10:152:10 | a | provenance | |
| main.rs:198:9:198:10 | s1 [Some] | main.rs:201:9:201:23 | ...::Some(...) [Some] | provenance | |
| main.rs:198:9:198:10 | s1 [Some] | main.rs:200:11:200:12 | s1 [Some] | provenance | |
| main.rs:198:14:198:37 | ...::Some(...) [Some] | main.rs:198:9:198:10 | s1 [Some] | provenance | |
| main.rs:198:27:198:36 | source(...) | main.rs:198:14:198:37 | ...::Some(...) [Some] | provenance | |
| main.rs:200:11:200:12 | s1 [Some] | main.rs:201:9:201:23 | ...::Some(...) [Some] | provenance | |
| main.rs:201:9:201:23 | ...::Some(...) [Some] | main.rs:201:22:201:22 | n | provenance | |
| main.rs:201:22:201:22 | n | main.rs:201:33:201:33 | n | provenance | |
| main.rs:211:9:211:10 | s1 [Some] | main.rs:214:9:214:15 | Some(...) [Some] | provenance | |
| main.rs:211:9:211:10 | s1 [Some] | main.rs:213:11:213:12 | s1 [Some] | provenance | |
| main.rs:211:14:211:29 | Some(...) [Some] | main.rs:211:9:211:10 | s1 [Some] | provenance | |
| main.rs:211:19:211:28 | source(...) | main.rs:211:14:211:29 | Some(...) [Some] | provenance | |
| main.rs:213:11:213:12 | s1 [Some] | main.rs:214:9:214:15 | Some(...) [Some] | provenance | |
| main.rs:214:9:214:15 | Some(...) [Some] | main.rs:214:14:214:14 | n | provenance | |
| main.rs:214:14:214:14 | n | main.rs:214:25:214:25 | n | provenance | |
| main.rs:224:9:224:10 | s1 [Some] | main.rs:225:10:225:11 | s1 [Some] | provenance | |
Expand All @@ -64,36 +66,44 @@ edges
| main.rs:241:9:241:10 | i1 | main.rs:243:10:243:11 | i1 | provenance | |
| main.rs:241:14:241:15 | s1 [Ok] | main.rs:241:14:241:16 | TryExpr | provenance | |
| main.rs:241:14:241:16 | TryExpr | main.rs:241:9:241:10 | i1 | provenance | |
| main.rs:256:9:256:10 | s1 [A] | main.rs:259:9:259:25 | ...::A(...) [A] | provenance | |
| main.rs:256:9:256:10 | s1 [A] | main.rs:263:9:263:25 | ...::A(...) [A] | provenance | |
| main.rs:256:9:256:10 | s1 [A] | main.rs:258:11:258:12 | s1 [A] | provenance | |
| main.rs:256:14:256:39 | ...::A(...) [A] | main.rs:256:9:256:10 | s1 [A] | provenance | |
| main.rs:256:29:256:38 | source(...) | main.rs:256:14:256:39 | ...::A(...) [A] | provenance | |
| main.rs:258:11:258:12 | s1 [A] | main.rs:259:9:259:25 | ...::A(...) [A] | provenance | |
| main.rs:258:11:258:12 | s1 [A] | main.rs:262:11:262:12 | s1 [A] | provenance | |
| main.rs:259:9:259:25 | ...::A(...) [A] | main.rs:259:24:259:24 | n | provenance | |
| main.rs:259:24:259:24 | n | main.rs:259:35:259:35 | n | provenance | |
| main.rs:262:11:262:12 | s1 [A] | main.rs:263:9:263:25 | ...::A(...) [A] | provenance | |
| main.rs:263:9:263:25 | ...::A(...) [A] | main.rs:263:24:263:24 | n | provenance | |
| main.rs:263:24:263:24 | n | main.rs:263:55:263:55 | n | provenance | |
| main.rs:274:9:274:10 | s1 [A] | main.rs:277:9:277:12 | A(...) [A] | provenance | |
| main.rs:274:9:274:10 | s1 [A] | main.rs:281:9:281:12 | A(...) [A] | provenance | |
| main.rs:274:9:274:10 | s1 [A] | main.rs:276:11:276:12 | s1 [A] | provenance | |
| main.rs:274:14:274:26 | A(...) [A] | main.rs:274:9:274:10 | s1 [A] | provenance | |
| main.rs:274:16:274:25 | source(...) | main.rs:274:14:274:26 | A(...) [A] | provenance | |
| main.rs:276:11:276:12 | s1 [A] | main.rs:277:9:277:12 | A(...) [A] | provenance | |
| main.rs:276:11:276:12 | s1 [A] | main.rs:280:11:280:12 | s1 [A] | provenance | |
| main.rs:277:9:277:12 | A(...) [A] | main.rs:277:11:277:11 | n | provenance | |
| main.rs:277:11:277:11 | n | main.rs:277:22:277:22 | n | provenance | |
| main.rs:280:11:280:12 | s1 [A] | main.rs:281:9:281:12 | A(...) [A] | provenance | |
| main.rs:281:9:281:12 | A(...) [A] | main.rs:281:11:281:11 | n | provenance | |
| main.rs:281:11:281:11 | n | main.rs:281:29:281:29 | n | provenance | |
| main.rs:295:9:295:10 | s1 [C] | main.rs:300:9:300:38 | ...::C {...} [C] | provenance | |
| main.rs:295:9:295:10 | s1 [C] | main.rs:304:9:304:38 | ...::C {...} [C] | provenance | |
| main.rs:295:9:295:10 | s1 [C] | main.rs:299:11:299:12 | s1 [C] | provenance | |
| main.rs:295:14:297:5 | ...::C {...} [C] | main.rs:295:9:295:10 | s1 [C] | provenance | |
| main.rs:296:18:296:27 | source(...) | main.rs:295:14:297:5 | ...::C {...} [C] | provenance | |
| main.rs:299:11:299:12 | s1 [C] | main.rs:300:9:300:38 | ...::C {...} [C] | provenance | |
| main.rs:299:11:299:12 | s1 [C] | main.rs:303:11:303:12 | s1 [C] | provenance | |
| main.rs:300:9:300:38 | ...::C {...} [C] | main.rs:300:36:300:36 | n | provenance | |
| main.rs:300:36:300:36 | n | main.rs:300:48:300:48 | n | provenance | |
| main.rs:303:11:303:12 | s1 [C] | main.rs:304:9:304:38 | ...::C {...} [C] | provenance | |
| main.rs:304:9:304:38 | ...::C {...} [C] | main.rs:304:36:304:36 | n | provenance | |
| main.rs:304:36:304:36 | n | main.rs:304:81:304:81 | n | provenance | |
| main.rs:315:9:315:10 | s1 [C] | main.rs:320:9:320:24 | C {...} [C] | provenance | |
| main.rs:315:9:315:10 | s1 [C] | main.rs:324:9:324:24 | C {...} [C] | provenance | |
| main.rs:315:9:315:10 | s1 [C] | main.rs:319:11:319:12 | s1 [C] | provenance | |
| main.rs:315:14:317:5 | C {...} [C] | main.rs:315:9:315:10 | s1 [C] | provenance | |
| main.rs:316:18:316:27 | source(...) | main.rs:315:14:317:5 | C {...} [C] | provenance | |
| main.rs:319:11:319:12 | s1 [C] | main.rs:320:9:320:24 | C {...} [C] | provenance | |
| main.rs:319:11:319:12 | s1 [C] | main.rs:323:11:323:12 | s1 [C] | provenance | |
| main.rs:320:9:320:24 | C {...} [C] | main.rs:320:22:320:22 | n | provenance | |
| main.rs:320:22:320:22 | n | main.rs:320:34:320:34 | n | provenance | |
| main.rs:323:11:323:12 | s1 [C] | main.rs:324:9:324:24 | C {...} [C] | provenance | |
| main.rs:324:9:324:24 | C {...} [C] | main.rs:324:22:324:22 | n | provenance | |
| main.rs:324:22:324:22 | n | main.rs:324:53:324:53 | n | provenance | |
| main.rs:336:9:336:12 | arr1 [array[]] | main.rs:337:14:337:17 | arr1 [array[]] | provenance | |
Expand All @@ -113,9 +123,10 @@ edges
| main.rs:350:23:350:32 | source(...) | main.rs:350:16:350:33 | [...] [array[]] | provenance | |
| main.rs:351:9:351:10 | n1 | main.rs:352:14:352:15 | n1 | provenance | |
| main.rs:351:15:351:18 | arr1 [array[]] | main.rs:351:9:351:10 | n1 | provenance | |
| main.rs:362:9:362:12 | arr1 [array[]] | main.rs:364:9:364:17 | SlicePat [array[]] | provenance | |
| main.rs:362:9:362:12 | arr1 [array[]] | main.rs:363:11:363:14 | arr1 [array[]] | provenance | |
| main.rs:362:16:362:33 | [...] [array[]] | main.rs:362:9:362:12 | arr1 [array[]] | provenance | |
| main.rs:362:23:362:32 | source(...) | main.rs:362:16:362:33 | [...] [array[]] | provenance | |
| main.rs:363:11:363:14 | arr1 [array[]] | main.rs:364:9:364:17 | SlicePat [array[]] | provenance | |
| main.rs:364:9:364:17 | SlicePat [array[]] | main.rs:364:10:364:10 | a | provenance | |
| main.rs:364:9:364:17 | SlicePat [array[]] | main.rs:364:13:364:13 | b | provenance | |
| main.rs:364:9:364:17 | SlicePat [array[]] | main.rs:364:16:364:16 | c | provenance | |
Expand Down Expand Up @@ -181,12 +192,14 @@ nodes
| main.rs:198:9:198:10 | s1 [Some] | semmle.label | s1 [Some] |
| main.rs:198:14:198:37 | ...::Some(...) [Some] | semmle.label | ...::Some(...) [Some] |
| main.rs:198:27:198:36 | source(...) | semmle.label | source(...) |
| main.rs:200:11:200:12 | s1 [Some] | semmle.label | s1 [Some] |
| main.rs:201:9:201:23 | ...::Some(...) [Some] | semmle.label | ...::Some(...) [Some] |
| main.rs:201:22:201:22 | n | semmle.label | n |
| main.rs:201:33:201:33 | n | semmle.label | n |
| main.rs:211:9:211:10 | s1 [Some] | semmle.label | s1 [Some] |
| main.rs:211:14:211:29 | Some(...) [Some] | semmle.label | Some(...) [Some] |
| main.rs:211:19:211:28 | source(...) | semmle.label | source(...) |
| main.rs:213:11:213:12 | s1 [Some] | semmle.label | s1 [Some] |
| main.rs:214:9:214:15 | Some(...) [Some] | semmle.label | Some(...) [Some] |
| main.rs:214:14:214:14 | n | semmle.label | n |
| main.rs:214:25:214:25 | n | semmle.label | n |
Expand All @@ -212,36 +225,44 @@ nodes
| main.rs:256:9:256:10 | s1 [A] | semmle.label | s1 [A] |
| main.rs:256:14:256:39 | ...::A(...) [A] | semmle.label | ...::A(...) [A] |
| main.rs:256:29:256:38 | source(...) | semmle.label | source(...) |
| main.rs:258:11:258:12 | s1 [A] | semmle.label | s1 [A] |
| main.rs:259:9:259:25 | ...::A(...) [A] | semmle.label | ...::A(...) [A] |
| main.rs:259:24:259:24 | n | semmle.label | n |
| main.rs:259:35:259:35 | n | semmle.label | n |
| main.rs:262:11:262:12 | s1 [A] | semmle.label | s1 [A] |
| main.rs:263:9:263:25 | ...::A(...) [A] | semmle.label | ...::A(...) [A] |
| main.rs:263:24:263:24 | n | semmle.label | n |
| main.rs:263:55:263:55 | n | semmle.label | n |
| main.rs:274:9:274:10 | s1 [A] | semmle.label | s1 [A] |
| main.rs:274:14:274:26 | A(...) [A] | semmle.label | A(...) [A] |
| main.rs:274:16:274:25 | source(...) | semmle.label | source(...) |
| main.rs:276:11:276:12 | s1 [A] | semmle.label | s1 [A] |
| main.rs:277:9:277:12 | A(...) [A] | semmle.label | A(...) [A] |
| main.rs:277:11:277:11 | n | semmle.label | n |
| main.rs:277:22:277:22 | n | semmle.label | n |
| main.rs:280:11:280:12 | s1 [A] | semmle.label | s1 [A] |
| main.rs:281:9:281:12 | A(...) [A] | semmle.label | A(...) [A] |
| main.rs:281:11:281:11 | n | semmle.label | n |
| main.rs:281:29:281:29 | n | semmle.label | n |
| main.rs:295:9:295:10 | s1 [C] | semmle.label | s1 [C] |
| main.rs:295:14:297:5 | ...::C {...} [C] | semmle.label | ...::C {...} [C] |
| main.rs:296:18:296:27 | source(...) | semmle.label | source(...) |
| main.rs:299:11:299:12 | s1 [C] | semmle.label | s1 [C] |
| main.rs:300:9:300:38 | ...::C {...} [C] | semmle.label | ...::C {...} [C] |
| main.rs:300:36:300:36 | n | semmle.label | n |
| main.rs:300:48:300:48 | n | semmle.label | n |
| main.rs:303:11:303:12 | s1 [C] | semmle.label | s1 [C] |
| main.rs:304:9:304:38 | ...::C {...} [C] | semmle.label | ...::C {...} [C] |
| main.rs:304:36:304:36 | n | semmle.label | n |
| main.rs:304:81:304:81 | n | semmle.label | n |
| main.rs:315:9:315:10 | s1 [C] | semmle.label | s1 [C] |
| main.rs:315:14:317:5 | C {...} [C] | semmle.label | C {...} [C] |
| main.rs:316:18:316:27 | source(...) | semmle.label | source(...) |
| main.rs:319:11:319:12 | s1 [C] | semmle.label | s1 [C] |
| main.rs:320:9:320:24 | C {...} [C] | semmle.label | C {...} [C] |
| main.rs:320:22:320:22 | n | semmle.label | n |
| main.rs:320:34:320:34 | n | semmle.label | n |
| main.rs:323:11:323:12 | s1 [C] | semmle.label | s1 [C] |
| main.rs:324:9:324:24 | C {...} [C] | semmle.label | C {...} [C] |
| main.rs:324:22:324:22 | n | semmle.label | n |
| main.rs:324:53:324:53 | n | semmle.label | n |
Expand All @@ -268,6 +289,7 @@ nodes
| main.rs:362:9:362:12 | arr1 [array[]] | semmle.label | arr1 [array[]] |
| main.rs:362:16:362:33 | [...] [array[]] | semmle.label | [...] [array[]] |
| main.rs:362:23:362:32 | source(...) | semmle.label | source(...) |
| main.rs:363:11:363:14 | arr1 [array[]] | semmle.label | arr1 [array[]] |
| main.rs:364:9:364:17 | SlicePat [array[]] | semmle.label | SlicePat [array[]] |
| main.rs:364:10:364:10 | a | semmle.label | a |
| main.rs:364:13:364:13 | b | semmle.label | b |
Expand Down
16 changes: 12 additions & 4 deletions rust/ql/test/library-tests/dataflow/models/models.expected
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,12 +35,14 @@ edges
| main.rs:53:9:53:9 | s | main.rs:54:26:54:26 | s | provenance | |
| main.rs:53:13:53:21 | source(...) | main.rs:53:9:53:9 | s | provenance | |
| main.rs:53:13:53:21 | source(...) | main.rs:53:9:53:9 | s | provenance | |
| main.rs:54:9:54:10 | e1 [B] | main.rs:57:9:57:23 | ...::B(...) [B] | provenance | |
| main.rs:54:9:54:10 | e1 [B] | main.rs:57:9:57:23 | ...::B(...) [B] | provenance | |
| main.rs:54:9:54:10 | e1 [B] | main.rs:55:11:55:12 | e1 [B] | provenance | |
| main.rs:54:9:54:10 | e1 [B] | main.rs:55:11:55:12 | e1 [B] | provenance | |
| main.rs:54:14:54:27 | set_var_pos(...) [B] | main.rs:54:9:54:10 | e1 [B] | provenance | |
| main.rs:54:14:54:27 | set_var_pos(...) [B] | main.rs:54:9:54:10 | e1 [B] | provenance | |
| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:10 |
| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:10 |
| main.rs:55:11:55:12 | e1 [B] | main.rs:57:9:57:23 | ...::B(...) [B] | provenance | |
| main.rs:55:11:55:12 | e1 [B] | main.rs:57:9:57:23 | ...::B(...) [B] | provenance | |
| main.rs:57:9:57:23 | ...::B(...) [B] | main.rs:57:22:57:22 | i | provenance | |
| main.rs:57:9:57:23 | ...::B(...) [B] | main.rs:57:22:57:22 | i | provenance | |
| main.rs:57:22:57:22 | i | main.rs:57:33:57:33 | i | provenance | |
Expand All @@ -61,12 +63,14 @@ edges
| main.rs:85:9:85:9 | s | main.rs:86:28:86:28 | s | provenance | |
| main.rs:85:13:85:21 | source(...) | main.rs:85:9:85:9 | s | provenance | |
| main.rs:85:13:85:21 | source(...) | main.rs:85:9:85:9 | s | provenance | |
| main.rs:86:9:86:10 | e1 [D] | main.rs:89:9:89:37 | ...::D {...} [D] | provenance | |
| main.rs:86:9:86:10 | e1 [D] | main.rs:89:9:89:37 | ...::D {...} [D] | provenance | |
| main.rs:86:9:86:10 | e1 [D] | main.rs:87:11:87:12 | e1 [D] | provenance | |
| main.rs:86:9:86:10 | e1 [D] | main.rs:87:11:87:12 | e1 [D] | provenance | |
| main.rs:86:14:86:29 | set_var_field(...) [D] | main.rs:86:9:86:10 | e1 [D] | provenance | |
| main.rs:86:14:86:29 | set_var_field(...) [D] | main.rs:86:9:86:10 | e1 [D] | provenance | |
| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:9 |
| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:9 |
| main.rs:87:11:87:12 | e1 [D] | main.rs:89:9:89:37 | ...::D {...} [D] | provenance | |
| main.rs:87:11:87:12 | e1 [D] | main.rs:89:9:89:37 | ...::D {...} [D] | provenance | |
| main.rs:89:9:89:37 | ...::D {...} [D] | main.rs:89:35:89:35 | i | provenance | |
| main.rs:89:9:89:37 | ...::D {...} [D] | main.rs:89:35:89:35 | i | provenance | |
| main.rs:89:35:89:35 | i | main.rs:89:47:89:47 | i | provenance | |
Expand Down Expand Up @@ -164,6 +168,8 @@ nodes
| main.rs:54:14:54:27 | set_var_pos(...) [B] | semmle.label | set_var_pos(...) [B] |
| main.rs:54:26:54:26 | s | semmle.label | s |
| main.rs:54:26:54:26 | s | semmle.label | s |
| main.rs:55:11:55:12 | e1 [B] | semmle.label | e1 [B] |
| main.rs:55:11:55:12 | e1 [B] | semmle.label | e1 [B] |
| main.rs:57:9:57:23 | ...::B(...) [B] | semmle.label | ...::B(...) [B] |
| main.rs:57:9:57:23 | ...::B(...) [B] | semmle.label | ...::B(...) [B] |
| main.rs:57:22:57:22 | i | semmle.label | i |
Expand Down Expand Up @@ -194,6 +200,8 @@ nodes
| main.rs:86:14:86:29 | set_var_field(...) [D] | semmle.label | set_var_field(...) [D] |
| main.rs:86:28:86:28 | s | semmle.label | s |
| main.rs:86:28:86:28 | s | semmle.label | s |
| main.rs:87:11:87:12 | e1 [D] | semmle.label | e1 [D] |
| main.rs:87:11:87:12 | e1 [D] | semmle.label | e1 [D] |
| main.rs:89:9:89:37 | ...::D {...} [D] | semmle.label | ...::D {...} [D] |
| main.rs:89:9:89:37 | ...::D {...} [D] | semmle.label | ...::D {...} [D] |
| main.rs:89:35:89:35 | i | semmle.label | i |
Expand Down

0 comments on commit ddd05b5

Please sign in to comment.