Skip to content

Commit 5da296d

Browse files
geoffw0geoffw0
committed
Rust: Add tests for std::fs::OpenOptions and similar.
1 parent e6150e2 commit 5da296d

File tree

6 files changed

+589
-39
lines changed

6 files changed

+589
-39
lines changed

rust/ql/test/library-tests/dataflow/sources/TaintSources.expected

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -67,20 +67,20 @@
6767
| test.rs:457:31:457:39 | file_name | Flow source 'FileSource' of type file (DEFAULT). |
6868
| test.rs:463:22:463:41 | ...::read_link | Flow source 'FileSource' of type file (DEFAULT). |
6969
| test.rs:473:20:473:38 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
70-
| test.rs:507:21:507:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
71-
| test.rs:508:21:508:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
72-
| test.rs:516:21:516:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
73-
| test.rs:528:20:528:40 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
74-
| test.rs:575:21:575:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
75-
| test.rs:576:21:576:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
76-
| test.rs:584:21:584:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
77-
| test.rs:601:26:601:53 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
78-
| test.rs:620:26:620:61 | ...::connect_timeout | Flow source 'RemoteSource' of type remote (DEFAULT). |
79-
| test.rs:672:28:672:57 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
80-
| test.rs:754:22:754:49 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
81-
| test.rs:780:22:780:50 | ...::new | Flow source 'RemoteSource' of type remote (DEFAULT). |
82-
| test.rs:807:16:807:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
83-
| test.rs:807:16:807:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
70+
| test.rs:530:21:530:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
71+
| test.rs:531:21:531:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
72+
| test.rs:539:21:539:39 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
73+
| test.rs:551:20:551:40 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
74+
| test.rs:607:21:607:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
75+
| test.rs:608:21:608:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
76+
| test.rs:616:21:616:41 | ...::open | Flow source 'FileSource' of type file (DEFAULT). |
77+
| test.rs:648:26:648:53 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
78+
| test.rs:667:26:667:61 | ...::connect_timeout | Flow source 'RemoteSource' of type remote (DEFAULT). |
79+
| test.rs:719:28:719:57 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
80+
| test.rs:801:22:801:49 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
81+
| test.rs:827:22:827:50 | ...::new | Flow source 'RemoteSource' of type remote (DEFAULT). |
82+
| test.rs:854:16:854:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
83+
| test.rs:854:16:854:29 | ...::args | Flow source 'CommandLineArgs' of type commandargs (DEFAULT). |
8484
| test_futures_io.rs:19:15:19:32 | ...::connect | Flow source 'RemoteSource' of type remote (DEFAULT). |
8585
| web_frameworks.rs:11:31:11:31 | a | Flow source 'RemoteSource' of type remote (DEFAULT). |
8686
| web_frameworks.rs:11:31:11:31 | a | Flow source 'RemoteSource' of type remote (DEFAULT). |

rust/ql/test/library-tests/dataflow/sources/test.rs

Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -500,6 +500,29 @@ fn test_io_file() -> std::io::Result<()> {
500500
sink(byte); // $ hasTaintFlow="file.txt"
501501
}
502502

503+
// --- OpenOptions ---
504+
505+
{
506+
let mut f1 = std::fs::OpenOptions::new().open("f1.txt").unwrap(); // $ MISSING: Alert[rust/summary/taint-sources]
507+
let mut buffer = [0u8; 1024];
508+
let _bytes = f1.read(&mut buffer)?;
509+
sink(&buffer); // $ MISSING: hasTaintFlow="f1.txt"
510+
}
511+
512+
{
513+
let mut f2 = std::fs::OpenOptions::new().create_new(true).open("f2.txt").unwrap(); // $ MISSING: Alert[rust/summary/taint-sources]
514+
let mut buffer = [0u8; 1024];
515+
let _bytes = f2.read(&mut buffer)?;
516+
sink(&buffer); // $ MISSING: hasTaintFlow="f2.txt"
517+
}
518+
519+
{
520+
let mut f3 = std::fs::OpenOptions::new().read(true).write(true).truncate(true).create(true).open("f3.txt").unwrap(); // $ MISSING: Alert[rust/summary/taint-sources]
521+
let mut buffer = [0u8; 1024];
522+
let _bytes = f3.read(&mut buffer)?;
523+
sink(&buffer); // $ MISSING: hasTaintFlow="f3.txt"
524+
}
525+
503526
// --- misc operations ---
504527

505528
{
@@ -568,6 +591,15 @@ async fn test_tokio_file() -> std::io::Result<()> {
568591
sink(&buffer); // $ MISSING: hasTaintFlow="file.txt" -- we cannot resolve the `read_buf` call above, which comes from `impl<R: AsyncRead + ?Sized> AsyncReadExt for R {}` in `async_read_ext.rs`
569592
}
570593

594+
// --- OpenOptions ---
595+
596+
{
597+
let mut f1 = tokio::fs::OpenOptions::new().open("f1.txt").await?; // $ MISSING: Alert[rust/summary/taint-sources]
598+
let mut buffer = [0u8; 1024];
599+
let _bytes = f1.read(&mut buffer).await?;
600+
sink(&buffer); // $ MISSING: hasTaintFlow="f1.txt"
601+
}
602+
571603
// --- misc operations ---
572604

573605
{
@@ -590,6 +622,21 @@ async fn test_tokio_file() -> std::io::Result<()> {
590622
Ok(())
591623
}
592624

625+
use async_std::io::ReadExt;
626+
627+
async fn test_async_std_file() -> std::io::Result<()> {
628+
// --- OpenOptions ---
629+
630+
{
631+
let mut f1 = async_std::fs::OpenOptions::new().open("f1.txt").await?; // $ MISSING: Alert[rust/summary/taint-sources]
632+
let mut buffer = [0u8; 1024];
633+
let _bytes = f1.read(&mut buffer).await?;
634+
sink(&buffer); // $ MISSING: hasTaintFlow="f1.txt"
635+
}
636+
637+
Ok(())
638+
}
639+
593640
use std::net::ToSocketAddrs;
594641

595642
async fn test_std_tcpstream(case: i64) -> std::io::Result<()> {
@@ -863,6 +910,12 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
863910
Err(e) => println!("error: {}", e),
864911
}
865912

913+
println!("test_async_std_file...");
914+
match futures::executor::block_on(test_async_std_file()) {
915+
Ok(_) => println!("complete"),
916+
Err(e) => println!("error: {}", e),
917+
}
918+
866919
println!("test_std_tcpstream...");
867920
match futures::executor::block_on(test_std_tcpstream(case)) {
868921
Ok(_) => println!("complete"),

0 commit comments

Comments
 (0)