Skip to content

Rust: Remove sourceModelDeprecated, summaryModelDeprecated and sinkModelDeprecated #20109

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Jul 23, 2025
Merged

Rust: Remove sourceModelDeprecated, summaryModelDeprecated and sinkModelDeprecated #20109

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
69d50e1
Initial plan
Copilot Jul 23, 2025
0245cd8
Remove deprecated Rust dataflow predicates and associated classes
Copilot Jul 23, 2025
2cc732e
Apply QL autoformatter to ModelsAsData.qll
Copilot Jul 23, 2025
f1df636
Add CodeQL autoformatter instructions to copilot-instructions.md
Copilot Jul 23, 2025
defd4a1
Add change note for removal of deprecated dataflow predicates
Copilot Jul 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .github/copilot-instructions.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,10 @@ When reviewing code:
* do not review changes in files with `.expected` extension (they are automatically ensured to be correct).
* in `.ql` and `.qll` files, do not try to review the code itself as you don't understand the programming language
well enough to make comments in these languages. You can still check for typos or comment improvements.

When editing `.ql` and `.qll` files:
* All edited `.ql` and `.qll` files should be autoformatted afterwards using the CodeQL CLI.
* To install and use the CodeQL CLI autoformatter:
1. Download and extract CodeQL CLI: `cd /tmp && curl -L -o codeql-linux64.zip https://github.com/github/codeql-cli-binaries/releases/latest/download/codeql-linux64.zip && unzip -q codeql-linux64.zip`
2. Add to PATH: `export PATH="/tmp/codeql:$PATH"`
3. Run autoformatter: `codeql query format [file] --in-place`
4 changes: 4 additions & 0 deletions rust/ql/lib/change-notes/2025-07-23-remove-deprecated-dataflow-predicates.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Removed deprecated dataflow extensible predicates `sourceModelDeprecated`, `sinkModelDeprecated`, and `summaryModelDeprecated`, along with their associated classes.
129 changes: 0 additions & 129 deletions rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,23 +49,6 @@ private import codeql.rust.dataflow.FlowSource
private import codeql.rust.dataflow.FlowSink
private import codeql.rust.elements.internal.CallExprBaseImpl::Impl as CallExprBaseImpl

/**
* DEPRECATED: Do not use.
*
* Holds if in a call to the function with canonical path `path`, defined in the
* crate `crate`, the value referred to by `output` is a flow source of the given
* `kind`.
*
* `output = "ReturnValue"` simply means the result of the call itself.
*
* For more information on the `kind` parameter, see
* https://github.com/github/codeql/blob/main/docs/codeql/reusables/threat-model-description.rst.
*/
extensible predicate sourceModelDeprecated(
string crate, string path, string output, string kind, string provenance,
QlBuiltins::ExtensionId madId
);

/**
* Holds if in a call to the function with canonical path `path`, the value referred
* to by `output` is a flow source of the given `kind`.
Expand All @@ -79,24 +62,6 @@ extensible predicate sourceModel(
string path, string output, string kind, string provenance, QlBuiltins::ExtensionId madId
);

/**
* DEPRECATED: Do not use.
*
* Holds if in a call to the function with canonical path `path`, defined in the
* crate `crate`, the value referred to by `input` is a flow sink of the given
* `kind`.
*
* For example, `input = Argument[0]` means the first argument of the call.
*
* The following kinds are supported:
*
* - `sql-injection`: a flow sink for SQL injection.
*/
extensible predicate sinkModelDeprecated(
string crate, string path, string input, string kind, string provenance,
QlBuiltins::ExtensionId madId
);

/**
* Holds if in a call to the function with canonical path `path`, the value referred
* to by `input` is a flow sink of the given `kind`.
Expand All @@ -111,21 +76,6 @@ extensible predicate sinkModel(
string path, string input, string kind, string provenance, QlBuiltins::ExtensionId madId
);

/**
* DEPRECATED: Do not use.
*
* Holds if in a call to the function with canonical path `path`, defined in the
* crate `crate`, the value referred to by `input` can flow to the value referred
* to by `output`.
*
* `kind` should be either `value` or `taint`, for value-preserving or taint-preserving
* steps, respectively.
*/
extensible predicate summaryModelDeprecated(
string crate, string path, string input, string output, string kind, string provenance,
QlBuiltins::ExtensionId madId
);

/**
* Holds if in a call to the function with canonical path `path`, the value referred
* to by `input` can flow to the value referred to by `output`.
Expand All @@ -144,67 +94,22 @@ extensible predicate summaryModel(
* This predicate should only be used in tests.
*/
predicate interpretModelForTest(QlBuiltins::ExtensionId madId, string model) {
exists(string crate, string path, string output, string kind |
sourceModelDeprecated(crate, path, output, kind, _, madId) and
model = "Source: " + crate + "; " + path + "; " + output + "; " + kind
)
or
exists(string path, string output, string kind |
sourceModel(path, output, kind, _, madId) and
model = "Source: " + path + "; " + output + "; " + kind
)
or
exists(string crate, string path, string input, string kind |
sinkModelDeprecated(crate, path, input, kind, _, madId) and
model = "Sink: " + crate + "; " + path + "; " + input + "; " + kind
)
or
exists(string path, string input, string kind |
sinkModel(path, input, kind, _, madId) and
model = "Sink: " + path + "; " + input + "; " + kind
)
or
exists(string type, string path, string input, string output, string kind |
summaryModelDeprecated(type, path, input, output, kind, _, madId) and
model = "Summary: " + type + "; " + path + "; " + input + "; " + output + "; " + kind
)
or
exists(string path, string input, string output, string kind |
summaryModel(path, input, output, kind, _, madId) and
model = "Summary: " + path + "; " + input + "; " + output + "; " + kind
)
}

private class SummarizedCallableFromModelDeprecated extends SummarizedCallable::Range {
private string crate;
private string path;

SummarizedCallableFromModelDeprecated() {
summaryModelDeprecated(crate, path, _, _, _, _, _) and
exists(CallExprBase call, Resolvable r |
call.getStaticTarget() = this and
r = CallExprBaseImpl::getCallResolvable(call) and
r.getResolvedPath() = path and
r.getResolvedCrateOrigin() = crate
)
}

override predicate propagatesFlow(
string input, string output, boolean preservesValue, string model
) {
exists(string kind, QlBuiltins::ExtensionId madId |
summaryModelDeprecated(crate, path, input, output, kind, _, madId) and
model = "MaD:" + madId.toString()
|
kind = "value" and
preservesValue = true
or
kind = "taint" and
preservesValue = false
)
}
}

private class SummarizedCallableFromModel extends SummarizedCallable::Range {
private string path;

Expand Down Expand Up @@ -233,23 +138,6 @@ private class SummarizedCallableFromModel extends SummarizedCallable::Range {
}
}

private class FlowSourceFromModelDeprecated extends FlowSource::Range {
private string crate;
private string path;

FlowSourceFromModelDeprecated() {
sourceModelDeprecated(crate, path, _, _, _, _) and
this.callResolvesTo(crate, path)
}

override predicate isSource(string output, string kind, Provenance provenance, string model) {
exists(QlBuiltins::ExtensionId madId |
sourceModelDeprecated(crate, path, output, kind, provenance, madId) and
model = "MaD:" + madId.toString()
)
}
}

private class FlowSourceFromModel extends FlowSource::Range {
private string path;

Expand All @@ -266,23 +154,6 @@ private class FlowSourceFromModel extends FlowSource::Range {
}
}

private class FlowSinkFromModelDeprecated extends FlowSink::Range {
private string crate;
private string path;

FlowSinkFromModelDeprecated() {
sinkModelDeprecated(crate, path, _, _, _, _) and
this.callResolvesTo(crate, path)
}

override predicate isSink(string input, string kind, Provenance provenance, string model) {
exists(QlBuiltins::ExtensionId madId |
sinkModelDeprecated(crate, path, input, kind, provenance, madId) and
model = "MaD:" + madId.toString()
)
}
}

private class FlowSinkFromModel extends FlowSink::Range {
private string path;

Expand Down
12 changes: 0 additions & 12 deletions rust/ql/lib/codeql/rust/dataflow/internal/empty.model.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,28 +1,16 @@
extensions:
# Make sure that the extensible model predicates have at least one definition
# to avoid errors about undefined extensionals.
- addsTo:
pack: codeql/rust-all
extensible: sourceModelDeprecated
data: []
- addsTo:
pack: codeql/rust-all
extensible: sourceModel
data: []

- addsTo:
pack: codeql/rust-all
extensible: sinkModelDeprecated
data: []
- addsTo:
pack: codeql/rust-all
extensible: sinkModel
data: []

- addsTo:
pack: codeql/rust-all
extensible: summaryModelDeprecated
data: []
- addsTo:
pack: codeql/rust-all
extensible: summaryModel
Expand Down
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy