github · paldepind · Nov 27, 2025 · Nov 26, 2025 · Nov 26, 2025 · Nov 26, 2025
@@ -140,6 +140,9 @@ class EnumType extends Type, TEnum {
 
   EnumType() { this = TEnum(enum) }
 
+  /** Gets the enum that this enum type represents. */
+  Enum getEnum() { result = enum }
+
   override TypeParameter getPositionalTypeParameter(int i) {
     result = TTypeParamTypeParameter(enum.getGenericParamList().getTypeParam(i))
   }

@@ -1,5 +1,5 @@
 /**
- * Classes to represent barriers commonly used in dataflow and taint tracking
+ * Classes to represent barriers commonly used in data flow and taint tracking
  * configurations.
  */
 
@@ -11,35 +11,33 @@ private import codeql.rust.controlflow.ControlFlowGraph as Cfg
 private import codeql.rust.controlflow.CfgNodes as CfgNodes
 private import codeql.rust.frameworks.stdlib.Builtins as Builtins
 
-/**
- * A node whose type is a numeric or boolean type, which may be an appropriate
- * taint flow barrier for some queries.
- */
+/** A node whose type is a numeric type. */
 class NumericTypeBarrier extends DataFlow::Node {
   NumericTypeBarrier() {
-    exists(StructType t, Struct s |
-      t = TypeInference::inferType(this.asExpr()) and
-      s = t.getStruct()
-    |
-      s instanceof Builtins::NumericType or
-      s instanceof Builtins::Bool
-    )
+    TypeInference::inferType(this.asExpr()).(StructType).getStruct() instanceof
+      Builtins::NumericType
   }
 }
 
-/**
- * A node whose type is an integral (integer) or boolean type, which may be an
- * appropriate taint flow barrier for some queries.
- */
-class IntegralOrBooleanTypeBarrier extends DataFlow::Node {
-  IntegralOrBooleanTypeBarrier() {
-    exists(StructType t, Struct s |
-      t = TypeInference::inferType(this.asExpr()) and
-      s = t.getStruct()
-    |
-      s instanceof Builtins::IntegralType or
-      s instanceof Builtins::Bool
-    )
+/** A node whose type is `bool`. */
+class BooleanTypeBarrier extends DataFlow::Node {
+  BooleanTypeBarrier() {
+    TypeInference::inferType(this.asExpr()).(StructType).getStruct() instanceof Builtins::Bool
+  }
+}
+
+/** A node whose type is an integral (integer). */
+class IntegralTypeBarrier extends DataFlow::Node {
+  IntegralTypeBarrier() {
+    TypeInference::inferType(this.asExpr()).(StructType).getStruct() instanceof
+      Builtins::IntegralType
+  }
+}
+
+/** A node whose type is a fieldless enum. */
+class FieldlessEnumTypeBarrier extends DataFlow::Node {
+  FieldlessEnumTypeBarrier() {
+    TypeInference::inferType(this.asExpr()).(EnumType).getEnum().isFieldless()
   }
 }
 

@@ -8,6 +8,7 @@ private import codeql.rust.dataflow.DataFlow
 private import codeql.rust.dataflow.FlowSink
 private import codeql.rust.security.SensitiveData
 private import codeql.rust.Concepts
+private import codeql.rust.security.Barriers as Barriers
 
 /**
  * Provides default sources, sinks and barriers for detecting cleartext logging
@@ -42,4 +43,9 @@ module CleartextLogging {
   private class ModelsAsDataSink extends Sink {
     ModelsAsDataSink() { sinkNode(this, "log-injection") }
   }
+
+  private class BooleanTypeBarrier extends Barrier instanceof Barriers::BooleanTypeBarrier { }
+
+  private class FieldlessEnumTypeBarrier extends Barrier instanceof Barriers::FieldlessEnumTypeBarrier
+  { }
 }
@@ -49,4 +49,9 @@ module LogInjection {
    * numeric or boolean type, which is unlikely to expose any vulnerability.
    */
   private class NumericTypeBarrier extends Barrier instanceof Barriers::NumericTypeBarrier { }
+
+  private class BooleanTypeBarrier extends Barrier instanceof Barriers::BooleanTypeBarrier { }
+
+  private class FieldlessEnumTypeBarrier extends Barrier instanceof Barriers::FieldlessEnumTypeBarrier
+  { }
 }
@@ -64,4 +64,9 @@ module SqlInjection {
    * boolean type, which is unlikely to expose any vulnerability.
    */
   private class NumericTypeBarrier extends Barrier instanceof Barriers::NumericTypeBarrier { }
+
+  private class BooleanTypeBarrier extends Barrier instanceof Barriers::BooleanTypeBarrier { }
+
+  private class FieldlessEnumTypeBarrier extends Barrier instanceof Barriers::FieldlessEnumTypeBarrier
+  { }
 }
@@ -94,6 +94,7 @@ module RegexInjection {
    * We don't include floating point types in this barrier, as `.` is a special character
    * in regular expressions.
    */
-  private class IntegralOrBooleanTypeBarrier extends Barrier instanceof Barriers::IntegralOrBooleanTypeBarrier
-  { }
+  private class IntegralTypeBarrier extends Barrier instanceof Barriers::IntegralTypeBarrier { }
+
+  private class BooleanTypeBarrier extends Barrier instanceof Barriers::BooleanTypeBarrier { }
 }