Merge branch 'main' into modelnoise

Author: geoffw0

rust/ql/lib/codeql/rust/Concepts.qll

@@ -102,6 +102,58 @@ class ModeledEnvironmentSource extends EnvironmentSource::Range {
   ModeledEnvironmentSource() { sourceNode(this, "environment-source") }
 }
 
+/**
+ * A data flow source corresponding to a file access.
+ */
+final class FileSource = FileSource::Range;
+
+/**
+ * An externally modeled source for data from a file access.
+ */
+class ModeledFileSource extends FileSource::Range {
+  ModeledFileSource() { sourceNode(this, "file") }
+}
+
+/**
+ * Provides a class for modeling new sources for file accesses.
+ */
+module FileSource {
+  /**
+   * A data flow source corresponding to a file access.
+   */
+  abstract class Range extends ThreatModelSource::Range {
+    override string getThreatModel() { result = "file" }
+
+    override string getSourceType() { result = "FileSource" }
+  }
+}
+
+/**
+ * A data flow source corresponding to standard input.
+ */
+final class StdInSource = StdInSource::Range;
+
+/**
+ * An externally modeled source for data from standard input.
+ */
+class ModeledStdInSourceSource extends StdInSource::Range {
+  ModeledStdInSourceSource() { sourceNode(this, "stdin") }
+}
+
+/**
+ * Provides a class for modeling new sources for standard input.
+ */
+module StdInSource {
+  /**
+   * A data flow source corresponding to standard input.
+   */
+  abstract class Range extends ThreatModelSource::Range {
+    override string getThreatModel() { result = "stdin" }
+
+    override string getSourceType() { result = "StdInSource" }
+  }
+}
+
 /**
  * A data flow source corresponding to the program's database reads.
  */

rust/ql/lib/codeql/rust/frameworks/stdlib/fs.model.yml

@@ -2,7 +2,14 @@ extensions:
   - addsTo:
       pack: codeql/rust-all
       extensible: sourceModel
-    data: []
+    data:
+      - ["lang:std", "crate::fs::read", "ReturnValue.Field[crate::result::Result::Ok(0)]", "file", "manual"]
+      - ["lang:std", "crate::fs::read_to_string", "ReturnValue.Field[crate::result::Result::Ok(0)]", "file", "manual"]
+      - ["lang:std", "crate::fs::read_link", "ReturnValue.Field[crate::result::Result::Ok(0)]", "file", "manual"]
+      - ["lang:std", "<crate::fs::DirEntry>::path", "ReturnValue", "file", "manual"]
+      - ["lang:std", "<crate::fs::DirEntry>::file_name", "ReturnValue", "file", "manual"]
+      - ["lang:std", "<crate::fs::File>::open", "ReturnValue.Field[crate::result::Result::Ok(0)]", "file", "manual"]
+      - ["lang:std", "<crate::fs::File>::open_buffered", "ReturnValue.Field[crate::result::Result::Ok(0)]", "file", "manual"]
   - addsTo:
       pack: codeql/rust-all
       extensible: sinkModel
@@ -34,7 +41,6 @@ extensions:
       - ["lang:std", "<crate::fs::File>::create_new", "Argument[0]", "path-injection", "manual"]
       - ["lang:std", "<crate::fs::File>::open", "Argument[0]", "path-injection", "manual"]
       - ["lang:std", "<crate::fs::File>::open_buffered", "Argument[0]", "path-injection", "manual"]
-
   - addsTo:
       pack: codeql/rust-all
       extensible: summaryModel

rust/ql/lib/codeql/rust/frameworks/stdlib/io.model.yml

@@ -0,0 +1,38 @@
+extensions:
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: sourceModel
+    data:
+      - ["lang:std", "crate::io::stdio::stdin", "ReturnValue", "stdin", "manual"]
+  - addsTo:
+      pack: codeql/rust-all
+      extensible: summaryModel
+    data:
+      - ["lang:std", "<crate::io::buffered::bufreader::BufReader>::new", "Argument[0]", "ReturnValue", "taint", "manual"]
+      - ["lang:std", "<crate::io::buffered::bufreader::BufReader as crate::io::BufRead>::fill_buf", "Argument[self]", "ReturnValue.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["lang:std", "<crate::io::buffered::bufreader::BufReader>::buffer", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["lang:std", "<crate::io::stdio::Stdin as crate::io::Read>::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "<crate::io::stdio::StdinLock as crate::io::Read>::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "<crate::fs::File as crate::io::Read>::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "crate::io::Read::read", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "<crate::io::stdio::Stdin as crate::io::Read>::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "<crate::io::stdio::StdinLock as crate::io::Read>::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "<crate::fs::File as crate::io::Read>::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "crate::io::Read::read_to_string", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", ":<crate::io::stdio::Stdin as crate::io::Read>::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", ":<crate::io::stdio::StdinLock as crate::io::Read>::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "<crate::fs::File as crate::io::Read>::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "crate::io::Read::read_to_end", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "<crate::io::stdio::Stdin as crate::io::Read>::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "<crate::io::stdio::StdinLock as crate::io::Read>::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "<crate::fs::File as crate::io::Read>::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "crate::io::Read::read_exact", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "crate::io::BufRead::read_line", "Argument[self]", "Argument[0].Reference", "taint", "manual"]
+      - ["lang:std", "crate::io::BufRead::read_until", "Argument[self]", "Argument[1].Reference", "taint", "manual"]
+      - ["lang:std", "crate::io::BufRead::split", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["lang:std", "crate::io::BufRead::lines", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["lang:std", "crate::io::Read::bytes", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["lang:std", "crate::io::Read::chain", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["lang:std", "crate::io::Read::chain", "Argument[0]", "ReturnValue", "taint", "manual"]
+      - ["lang:std", "crate::io::Read::take", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["lang:std", "<crate::io::stdio::Stdin>::lock", "Argument[self]", "ReturnValue", "taint", "manual"]

rust/ql/lib/codeql/rust/frameworks/stdlib/lang-alloc.model.yml

@@ -32,6 +32,8 @@ extensions:
       # Fmt
       - ["lang:alloc", "crate::fmt::format", "Argument[0]", "ReturnValue", "taint", "manual"]
       # String
-      - ["lang:alloc", "<crate::string::String>::as_str", "Argument[self]", "ReturnValue", "taint", "manual"]
-      - ["lang:alloc", "<crate::string::String>::as_bytes", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["lang:alloc", "<crate::string::String>::as_str", "Argument[self]", "ReturnValue", "value", "manual"]
+      - ["lang:alloc", "<crate::string::String>::as_bytes", "Argument[self]", "ReturnValue", "value", "manual"]
       - ["lang:alloc", "<_ as crate::string::ToString>::to_string", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["lang:alloc", "<crate::string::String>::parse", "Argument[self]", "ReturnValue.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["lang:alloc", "<crate::string::String>::trim", "Argument[self]", "ReturnValue.Reference", "taint", "manual"]

rust/ql/lib/codeql/rust/frameworks/stdlib/lang-core.model.yml

@@ -40,7 +40,11 @@ extensions:
       - ["lang:core", "crate::ptr::write_unaligned", "Argument[1]", "Argument[0].Reference", "value", "manual"]
       - ["lang:core", "crate::ptr::write_volatile", "Argument[1]", "Argument[0].Reference", "value", "manual"]
       # Str
+      - ["lang:core", "<str>::as_str", "Argument[self]", "ReturnValue", "taint", "value"]
+      - ["lang:core", "<str>::as_bytes", "Argument[self]", "ReturnValue", "taint", "value"]
+      - ["lang:core", "<str>::to_string", "Argument[self]", "ReturnValue", "taint", "manual"]
       - ["lang:core", "<str>::parse", "Argument[self]", "ReturnValue.Field[crate::result::Result::Ok(0)]", "taint", "manual"]
+      - ["lang:core", "<str>::trim", "Argument[self]", "ReturnValue.Reference", "taint", "manual"]
   - addsTo:
       pack: codeql/rust-all
       extensible: sourceModel