Rust: Models-as-data for flow summaries #18231
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
hvitved
force-pushed
the
rust/models-as-data-summaries
branch
from
7d0e44d to
789abc3
Compare
| } | ||
|
|
||
| // has a flow model | ||
| fn get_struct_field(s: MyStruct) -> i64 { |
Check notice
Code scanning / CodeQL
Unused variable Note test
| } | ||
|
|
||
| // has a flow model | ||
| fn set_struct_field(i: i64) -> MyStruct { |
Check notice
Code scanning / CodeQL
Unused variable Note test
| } | ||
|
|
||
| // has a flow model | ||
| fn get_array_element(a: [i64; 1]) -> i64 { |
Check notice
Code scanning / CodeQL
Unused variable Note test
| } | ||
|
|
||
| // has a flow model | ||
| fn set_array_element(i: i64) -> [i64; 1] { |
Check notice
Code scanning / CodeQL
Unused variable Note test
| } | ||
|
|
||
| // has a flow model | ||
| fn get_tuple_element(a: (i64, i64)) -> i64 { |
Check notice
Code scanning / CodeQL
Unused variable Note test
| } | ||
|
|
||
| // has a flow model | ||
| fn set_tuple_element(i: i64) -> (i64, i64) { |
Check notice
Code scanning / CodeQL
Unused variable Note test
hvitved
force-pushed
the
rust/models-as-data-summaries
branch
from
789abc3 to
2f8b04b
Compare
| * `"taint"` indicates a default additional taint step and `"value"` indicates a | ||
| * globally applicable value-preserving step. | ||
| * 5. The `provenance` column is mainly used internally, and should be set to `"manual"` for | ||
| * all custom models. |
There was a problem hiding this comment.
This is great, thanks for writing it up!
Adds support for writing model-as-data flow summaries for Rust. This includes flow through variants, records, arrays, and tuples. The format is as follows
For example, the flow summary for
unwrapisAlthough this PR also adds the extensible predicates for sources and sinks, they are not yet working.