Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Rust: Adopt shared flow summaries library
- Loading branch information
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| /** Provides classes and predicates for defining flow summaries. */ | ||
|
|
||
| private import rust | ||
| // private import DataFlow | ||
| private import internal.FlowSummaryImpl as Impl | ||
| private import internal.DataFlowImpl | ||
|
|
||
| // import all instances below | ||
| private module Summaries { | ||
| private import codeql.rust.Frameworks | ||
| // private import codeql.ruby.frameworks.data.ModelsAsData | ||
| } | ||
|
|
||
| module LibraryCallable { | ||
| /** A callable defined in library code, identified by a unique string. */ | ||
| abstract class Range extends string { | ||
| bindingset[this] | ||
| Range() { any() } | ||
|
|
||
| /** Gets a call to this library callable. */ | ||
| CallExprBase getACall() { | ||
| exists(Resolvable r, string crate | | ||
| r = getCallResolvable(result) and | ||
| this = crate + r.getResolvedPath() | ||
| | | ||
| crate = r.getResolvedCrateOrigin() + "::_::" | ||
| or | ||
| not r.hasResolvedCrateOrigin() and | ||
| crate = "" | ||
| ) | ||
| } | ||
| } | ||
| } | ||
|
|
||
| /** Gets a call to this library callable. */ | ||
| CallExprBase gesftACall(string s) { | ||
| exists(Resolvable r, string crate | | ||
| r = getCallResolvable(result) and | ||
| s = crate + r.getResolvedPath() | ||
| | | ||
| crate = r.getResolvedCrateOrigin() + "::" | ||
| or | ||
| not r.hasResolvedCrateOrigin() and | ||
| crate = "" | ||
| ) | ||
| } | ||
|
|
||
| final class LibraryCallable = LibraryCallable::Range; | ||
|
|
||
| /** A callable with a flow summary, identified by a unique string. */ | ||
| abstract class SummarizedCallable extends LibraryCallable::Range, Impl::Public::SummarizedCallable { | ||
| bindingset[this] | ||
| SummarizedCallable() { any() } | ||
|
|
||
| override predicate propagatesFlow( | ||
| string input, string output, boolean preservesValue, string model | ||
| ) { | ||
| this.propagatesFlow(input, output, preservesValue) and model = "" | ||
| } | ||
|
|
||
| /** | ||
| * Holds if data may flow from `input` to `output` through this callable. | ||
| * | ||
| * `preservesValue` indicates whether this is a value-preserving step or a taint-step. | ||
| */ | ||
| abstract predicate propagatesFlow(string input, string output, boolean preservesValue); | ||
| } | ||
Oops, something went wrong.