Rust: Add tests and models for Warp #20398
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR adds test coverage and model definitions for the Warp web framework to support taint flow analysis. The changes include test cases demonstrating various Warp filter patterns and corresponding model definitions that mark closure parameters as remote sources.
- Adds comprehensive test cases for Warp web framework filtering patterns (
map,then,and_then) - Introduces model definitions for Warp filter trait methods to mark parameters as remote sources
- Updates test dependencies to include the Warp crate
Reviewed Changes
Copilot reviewed 4 out of 5 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| rust/ql/test/library-tests/dataflow/sources/web_frameworks.rs | Adds test module with various Warp filter usage patterns and taint flow expectations |
| rust/ql/test/library-tests/dataflow/sources/options.yml | Adds warp dependency for test compilation |
| rust/ql/test/library-tests/dataflow/sources/TaintSources.expected | Updates expected test results with new Warp-related taint sources |
| rust/ql/lib/codeql/rust/frameworks/warp.model.yml | Defines source models for Warp filter methods marking closure parameters as remote sources |
| - ["<_ as warp::filter::Filter>::then", "Argument[0].Parameter[1]", "remote", "manual"] | ||
| - ["<_ as warp::filter::Filter>::then", "Argument[0].Parameter[2]", "remote", "manual"] | ||
| - ["<_ as warp::filter::Filter>::then", "Argument[0].Parameter[3]", "remote", "manual"] | ||
| - ["<_ as warp::filter::Filter>::then", "Argument[0].Parameter[4]", "remote", "manual"] |
There was a problem hiding this comment.
Presumably Parameter[4] is an arbitrary cutoff, there could be any number of parameters built up in the chain. I'm not sure what actual numbers to expect in typical real world usage.
I believe the syntax Argument[0].Parameter[0,1,2,3,4] should work equally and would be easier to extend. I don't think you have a test case for arguments after 0 though.
There was a problem hiding this comment.
I've used the comma notation now and added up to two more arguments. The cutoff is still arbitrary, yes.
There was a problem hiding this comment.
One can also write Argument[0].Parameter[0..4].
There was a problem hiding this comment.
I wasn't sure if that latter was supported in Rust, I haven't had cause to use it yet. 👍
Add tests and models for the Warp web framework.
Note that the models currently doesn't actually work because using
Argument[0].Parameter[0]in a source model is not supported. However, per thread on Slack, the right course of action is to keep this model and improve MaD to support this.