Merge pull request #20002 from geoffw0/moresensitive1

geoffw0 · web-flow · commit 2cd4d984ccb2 · 2025-07-10T13:54:20.000+01:00
Rust: Add more test cases for sensitive data
diff --git a/rust/ql/test/library-tests/sensitivedata/CONSISTENCY/PathResolutionConsistency.expected b/rust/ql/test/library-tests/sensitivedata/CONSISTENCY/PathResolutionConsistency.expected
@@ -5,23 +5,23 @@ multipleCallTargets
 | test.rs:73:7:73:36 | ... .as_str() |
 | test.rs:74:7:74:34 | ... .as_str() |
 | test.rs:75:7:75:27 | ... .as_str() |
-| test.rs:254:7:254:36 | ... .as_str() |
-| test.rs:256:7:256:33 | ... .as_str() |
-| test.rs:257:7:257:36 | ... .as_str() |
-| test.rs:258:7:258:26 | ... .as_str() |
-| test.rs:262:7:262:28 | ... .as_str() |
-| test.rs:263:7:263:37 | ... .as_str() |
-| test.rs:264:7:264:36 | ... .as_str() |
-| test.rs:267:7:267:32 | ... .as_str() |
-| test.rs:277:7:277:34 | ... .as_str() |
-| test.rs:280:7:280:36 | ... .as_str() |
-| test.rs:284:7:284:39 | ... .as_str() |
-| test.rs:291:7:291:53 | ... .as_str() |
-| test.rs:292:7:292:45 | ... .as_str() |
-| test.rs:294:7:294:39 | ... .as_str() |
-| test.rs:295:7:295:34 | ... .as_str() |
-| test.rs:296:7:296:42 | ... .as_str() |
-| test.rs:298:7:298:48 | ... .as_str() |
-| test.rs:299:7:299:35 | ... .as_str() |
-| test.rs:300:7:300:35 | ... .as_str() |
-| test.rs:339:7:339:39 | ... .as_str() |
+| test.rs:258:7:258:36 | ... .as_str() |
+| test.rs:260:7:260:33 | ... .as_str() |
+| test.rs:261:7:261:36 | ... .as_str() |
+| test.rs:262:7:262:26 | ... .as_str() |
+| test.rs:266:7:266:28 | ... .as_str() |
+| test.rs:267:7:267:37 | ... .as_str() |
+| test.rs:268:7:268:36 | ... .as_str() |
+| test.rs:271:7:271:32 | ... .as_str() |
+| test.rs:281:7:281:34 | ... .as_str() |
+| test.rs:284:7:284:36 | ... .as_str() |
+| test.rs:288:7:288:39 | ... .as_str() |
+| test.rs:295:7:295:53 | ... .as_str() |
+| test.rs:296:7:296:45 | ... .as_str() |
+| test.rs:298:7:298:39 | ... .as_str() |
+| test.rs:299:7:299:34 | ... .as_str() |
+| test.rs:300:7:300:42 | ... .as_str() |
+| test.rs:302:7:302:48 | ... .as_str() |
+| test.rs:303:7:303:35 | ... .as_str() |
+| test.rs:304:7:304:35 | ... .as_str() |
+| test.rs:343:7:343:39 | ... .as_str() |
diff --git a/rust/ql/test/library-tests/sensitivedata/test.rs b/rust/ql/test/library-tests/sensitivedata/test.rs
@@ -88,7 +88,7 @@ fn get_next_token() -> String { get_string() }
 
 fn test_credentials(
 	account_key: &str, accnt_key: &str, license_key: &str, secret_key: &str, is_secret: bool, num_accounts: i64,
-	username: String, user_name: String, userid: i64, user_id: i64, my_user_id_64: i64, unique_id: i64, uid: i64,
+	username: String, user_name: String, userid: i64, user_id: i64, my_user_id_64: i64, id: i64, uid: i64, uuid: i64, guid: i64, unique_id: i64,
 	sessionkey: &[u64; 4], session_key: &[u64; 4], hashkey: &[u64; 4], hash_key: &[u64; 4], sessionkeypath: &[u64; 4], account_key_path: &[u64; 4],
 	ms: &MyStruct
 ) {
@@ -119,8 +119,12 @@ fn test_credentials(
 
 	sink(is_secret);
 	sink(num_accounts); // $ SPURIOUS: sensitive=id
-	sink(unique_id);
+	sink(id);
 	sink(uid); // $ SPURIOUS: sensitive=id
+	sink(uuid); // $ SPURIOUS: sensitive=id
+	sink(guid);
+	sink(unique_id);
+
 	sink(hashkey);
 	sink(hash_key);
 	sink(sessionkeypath); // $ SPURIOUS: sensitive=id
@@ -345,3 +349,18 @@ fn test_private_info(
 
 	sink(ContactDetails::FavouriteColor("blue".to_string()));
 }
+
+struct MyArray {
+	data: [i32; 10],
+}
+
+impl MyArray {
+	fn from_trusted_iterator(iter: impl Iterator<Item = i32>) -> Self {
+		MyArray { data: [0; 10] }
+	}
+}
+
+fn test_iterator() {
+	let iter = std::iter::repeat(1).take(10);
+	sink(MyArray::from_trusted_iterator(iter)); // $ SPURIOUS: sensitive=secret
+}
