Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rust: Fix default source and sink in inline flow test #17995

Merged
merged 2 commits into from
Nov 18, 2024
Merged

Rust: Fix default source and sink in inline flow test #17995

merged 2 commits into from
Nov 18, 2024

Conversation

paldepind
Copy link
Contributor

Before toString was called on a PathExpr and we want to call it on the Path. This fixes a test failure in the very simple sink(source("taint")) case.

@github-actions github-actions bot added the Rust Pull requests that update Rust code label Nov 15, 2024
hvitved
hvitved previously approved these changes Nov 15, 2024
View reviewed changes
aibaars
aibaars reviewed Nov 15, 2024
View reviewed changes
rust/ql/test/utils/InlineFlowTest.qll Outdated
@@ -10,15 +10,16 @@ private import codeql.rust.dataflow.internal.DataFlowImpl
private import codeql.rust.dataflow.internal.TaintTrackingImpl
private import internal.InlineExpectationsTestImpl as InlineExpectationsTestImpl

// Holds if the target expression of `call` is a path and the string representation of the path is `name`.
private predicate callTargetName(CallExpr call, string name) {
call.getExpr().(PathExpr).getPath().toString() = name
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should define the toString of PathExpr to be result = this.getPath().toString() .

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That sounds good to me. I'll update the PR to do that instead :)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In general, we ought to implement a lot of more sensible toStrings, but that is of course not for this PR...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added the suggested toString on PathExpr. Note that this added two inconsistencies here because the Path nodes on the last two lines in gen_path_expr.rs doesn't have a string representation. I don't know if this is a bug in the extractor? When I explore the AST for that file I also see that the last two let statements doesn't have an initializer which seems odd?

Copy link
Contributor

@aibaars aibaars Nov 15, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's not an extractor error. The qualifier of a path like <TypeRef as Trait>::foo does not have a nameRef so the toString() fails. See also:

codeql/rust/ql/lib/codeql/rust/elements/internal/PathSegmentImpl.qll

Lines 23 to 26 in e081b9a

// TODO: this does not cover everything
if this.hasGenericArgList()
then result = this.getNameRef().toString() + "::<...>"
else result = this.getNameRef().toString()

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If it's too much hassle to address this in the current PR, then we can also accept the inconsistencies and fix them in a follow-up.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, that makes sense. I've accepted the inconsistencies for now.

@paldepind paldepind force-pushed the rust-df-source-sink-fix branch 2 times, most recently from 4b4080e to a71f730 Compare November 18, 2024 08:00
hvitved
hvitved previously approved these changes Nov 18, 2024
View reviewed changes
@paldepind paldepind merged commit d178d84 into github:main Nov 18, 2024
14 checks passed
@paldepind paldepind deleted the rust-df-source-sink-fix branch November 18, 2024 08:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aibaars aibaars aibaars left review comments

@hvitved hvitved hvitved approved these changes

Assignees
No one assigned
Labels
Rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@paldepind @hvitved @aibaars