Rust: update docs #19280
Rust: update docs #19280
Conversation
redsun82
changed the title
There was a problem hiding this comment.
A few more libraries we model (partial support, but then I don't think we can claim to fully model any libraries). Sorry I probably missed a few of these in the list I sent you before.
We also have models for the standard io library coming in #19304 , I should update that PR once this is merged or vice-versa.
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
redsun82
changed the title
There was a problem hiding this comment.
The two docs + other changes look great to me!
Some minor suggestions below.
"CodeQL library for Rust" doesn't go into a lot of detail, I think that's OK at this stage, it would be nice to have more example code in future.
I haven't checked the links, references to notes, and generally that everything fits together correctly - we really need a full preview for that and/or to be ready to correct any problems quickly after this goes live.
You should probably get a review from the docs team next?
docs/codeql/codeql-language-guides/analyzing-data-flow-in-rust.rst
Outdated
Show resolved
Hide resolved
| exists(Function f, CallExpr call, int index | | ||
| call.getArg(index) = node.asExpr().getExpr() and | ||
| call.getStaticTarget() = f and | ||
| f.getParam(index).getPat().(IdentPat).getName().getText() = "password" |
There was a problem hiding this comment.
We should strongly consider adding helper predicates getParamName and getArgName to make code like this a bit cleaner?
There was a problem hiding this comment.
Good idea! I already cleaned up getting by index (it was f.getParamList().getParam(index)), but a getParamByName seems a good addition too!
| Data flow is particularly useful for security queries, where untrusted data flows to vulnerable parts of the program | ||
| to exploit it. Related to data flow, is the taint-tracking library, which finds how data can *influence* other values |
There was a problem hiding this comment.
I'm not clear what "it" is, and I think these few words are superfluous anyway.
| Data flow is particularly useful for security queries, where untrusted data flows to vulnerable parts of the program | |
| to exploit it. Related to data flow, is the taint-tracking library, which finds how data can *influence* other values | |
| Data flow is particularly useful for security queries, where untrusted data flows to vulnerable parts of the program. Related to data flow is the taint-tracking library, which finds how data can *influence* other values |
There was a problem hiding this comment.
This hasn't been addressed yet.
|
|
||
| ## Overview | ||
|
|
||
| <!-- autogenerated CWE coverage table will be added below --> |
There was a problem hiding this comment.
I'm appreciative of the automation here!
docs/codeql/codeql-language-guides/analyzing-data-flow-in-rust.rst
Outdated
Show resolved
Hide resolved
docs/codeql/codeql-language-guides/analyzing-data-flow-in-rust.rst
Outdated
Show resolved
Hide resolved
| ... | ||
| } | ||
|
|
||
| You can use the predicates ``exprNode`` and ``parameterNode`` to map from expressions and parameters to their data-flow node: |
There was a problem hiding this comment.
I actually don't think those predicates exist yet.
docs/codeql/codeql-language-guides/analyzing-data-flow-in-rust.rst
Outdated
Show resolved
Hide resolved
redsun82
added
the
ready-for-doc-review
docs/codeql/codeql-language-guides/analyzing-data-flow-in-rust.rst
Outdated
Show resolved
Hide resolved
This should be kept unmerged until we get to the public preview phase.