Rust: Add tests and models for Warp#20398
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR adds test coverage and model definitions for the Warp web framework to support taint flow analysis. The changes include test cases demonstrating various Warp filter patterns and corresponding model definitions that mark closure parameters as remote sources.
- Adds comprehensive test cases for Warp web framework filtering patterns (
map,then,and_then) - Introduces model definitions for Warp filter trait methods to mark parameters as remote sources
- Updates test dependencies to include the Warp crate
Reviewed Changes
Copilot reviewed 4 out of 5 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| rust/ql/test/library-tests/dataflow/sources/web_frameworks.rs | Adds test module with various Warp filter usage patterns and taint flow expectations |
| rust/ql/test/library-tests/dataflow/sources/options.yml | Adds warp dependency for test compilation |
| rust/ql/test/library-tests/dataflow/sources/TaintSources.expected | Updates expected test results with new Warp-related taint sources |
| rust/ql/lib/codeql/rust/frameworks/warp.model.yml | Defines source models for Warp filter methods marking closure parameters as remote sources |
geoffw0
left a comment
geoffw0
left a comment
There was a problem hiding this comment.
LGTM, aside from an admittedly nit-picky question about the parameter cutoff. It will be good when we support these sources. 👍
| - ["<_ as warp::filter::Filter>::then", "Argument[0].Parameter[1]", "remote", "manual"] | ||
| - ["<_ as warp::filter::Filter>::then", "Argument[0].Parameter[2]", "remote", "manual"] | ||
| - ["<_ as warp::filter::Filter>::then", "Argument[0].Parameter[3]", "remote", "manual"] | ||
| - ["<_ as warp::filter::Filter>::then", "Argument[0].Parameter[4]", "remote", "manual"] |
There was a problem hiding this comment.
Presumably Parameter[4] is an arbitrary cutoff, there could be any number of parameters built up in the chain. I'm not sure what actual numbers to expect in typical real world usage.
I believe the syntax Argument[0].Parameter[0,1,2,3,4] should work equally and would be easier to extend. I don't think you have a test case for arguments after 0 though.
There was a problem hiding this comment.
I've used the comma notation now and added up to two more arguments. The cutoff is still arbitrary, yes.
There was a problem hiding this comment.
One can also write Argument[0].Parameter[0..4].
There was a problem hiding this comment.
I wasn't sure if that latter was supported in Rust, I haven't had cause to use it yet. 👍
paldepind
force-pushed
the
rust/warp-model
branch
from
764e039 to
46cd62b
Compare
paldepind
force-pushed
the
rust/warp-model
branch
from
e2d0877 to
c1ebe92
Compare
|
I've
|
3 participants
Add tests and models for the Warp web framework.
Note that the models currently doesn't actually work because using
Argument[0].Parameter[0]in a source model is not supported. However, per thread on Slack, the right course of action is to keep this model and improve MaD to support this.