docs-bot
@@ -28,5 +28,6 @@ children:
|
||||
- /javascript-typescript-built-in-queries
|
||||
- /python-built-in-queries
|
||||
- /ruby-built-in-queries
|
||||
- /rust-built-in-queries
|
||||
- /swift-built-in-queries
|
||||
---
|
||||
|
||||
@@ -0,0 +1,23 @@
|
||||
---
|
||||
title: Rust queries for CodeQL analysis
|
||||
shortTitle: Rust CodeQL queries
|
||||
intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Rust when you select the `default` or the `security-extended` query suite.'
|
||||
product: '{% data reusables.gated-features.codeql %}'
|
||||
allowTitleToDifferFromFilename: true
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
type: reference
|
||||
topics:
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
---
|
||||
|
||||
{% data variables.product.prodname_codeql %} includes many queries for analyzing Rust code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}
|
||||
|
||||
## Built-in queries for Rust analysis
|
||||
|
||||
{% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}
|
||||
|
||||
{% data reusables.code-scanning.codeql-query-tables.rust %}
|
||||
@@ -102,7 +102,7 @@ all queries. It loads query help for /path/to/query.ql from the
|
||||
/path/to/query.md file. If this flag is not supplied the default
|
||||
behavior is to include help only for custom queries i.e. those in query
|
||||
packs which are not of the form \`codeql/\<lang\&rt;-queries\`. This
|
||||
option has no effect when passed to [codeql bqrs interpret](/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret).
|
||||
option has no effect when passed to codeql bqrs interpret.
|
||||
|
||||
#### `--sarif-include-query-help=<mode>`
|
||||
|
||||
@@ -117,7 +117,7 @@ queries i.e. those in query packs which are not of the form
|
||||
|
||||
`never`: Do not include query help for any queries.
|
||||
|
||||
This option has no effect when passed to [codeql bqrs interpret](/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret).
|
||||
This option has no effect when passed to codeql bqrs interpret.
|
||||
|
||||
Available since `v2.15.2`.
|
||||
|
||||
@@ -132,7 +132,7 @@ Available since `v2.18.1`.
|
||||
|
||||
\[SARIF formats only] Place the rule object for each query under its
|
||||
corresponding QL pack in the `<run>.tool.extensions` property. This
|
||||
option has no effect when passed to [codeql bqrs interpret](/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret).
|
||||
option has no effect when passed to codeql bqrs interpret.
|
||||
|
||||
#### `--[no-]sarif-multicause-markdown`
|
||||
|
||||
|
||||
@@ -122,6 +122,9 @@ predicates.
|
||||
`fit`: Simply make sure the defined size limits for the disk cache are
|
||||
observed, deleting as many intermediates as necessary.
|
||||
|
||||
`overlay`: Trim to just the data that will be useful when evaluating
|
||||
against an overlay.
|
||||
|
||||
#### `--cleanup-upgrade-backups`
|
||||
|
||||
Delete any backup directories resulting from database upgrades.
|
||||
|
||||
@@ -84,6 +84,9 @@ predicates.
|
||||
`fit`: Simply make sure the defined size limits for the disk cache are
|
||||
observed, deleting as many intermediates as necessary.
|
||||
|
||||
`overlay`: Trim to just the data that will be useful when evaluating
|
||||
against an overlay.
|
||||
|
||||
#### `--cleanup-upgrade-backups`
|
||||
|
||||
Delete any backup directories resulting from database upgrades.
|
||||
|
||||
@@ -286,6 +286,9 @@ predicates.
|
||||
`fit`: Simply make sure the defined size limits for the disk cache are
|
||||
observed, deleting as many intermediates as necessary.
|
||||
|
||||
`overlay`: Trim to just the data that will be useful when evaluating
|
||||
against an overlay.
|
||||
|
||||
#### `--cleanup-upgrade-backups`
|
||||
|
||||
Delete any backup directories resulting from database upgrades.
|
||||
@@ -311,7 +314,7 @@ configuration files that should work in most situations.
|
||||
|
||||
\[Advanced] The directory in which the specified command should be
|
||||
executed. If this argument is not provided, the command is executed in
|
||||
the value of `--source-root` passed to [codeql database create](/code-security/codeql-cli/codeql-cli-manual/database-create), if one exists. If no `--source-root` argument is provided, the command is executed in the
|
||||
the value of `--source-root` passed to codeql database create, if one exists. If no `--source-root` argument is provided, the command is executed in the
|
||||
current working directory.
|
||||
|
||||
#### `--no-run-unnecessary-builds`
|
||||
|
||||
@@ -143,6 +143,9 @@ predicates.
|
||||
`fit`: Simply make sure the defined size limits for the disk cache are
|
||||
observed, deleting as many intermediates as necessary.
|
||||
|
||||
`overlay`: Trim to just the data that will be useful when evaluating
|
||||
against an overlay.
|
||||
|
||||
#### `--cleanup-upgrade-backups`
|
||||
|
||||
Delete any backup directories resulting from database upgrades.
|
||||
|
||||
@@ -264,7 +264,7 @@ will use all the values provided, in order. Extractor options specified
|
||||
using this command-line option are processed after extractor options
|
||||
given via `--extractor-options-file`.
|
||||
|
||||
When passed to [codeql database init](/code-security/codeql-cli/codeql-cli-manual/database-init) or `codeql database begin-tracing`, the options will only be
|
||||
When passed to codeql database init or `codeql database begin-tracing`, the options will only be
|
||||
applied to the indirect tracing environment. If your workflow also makes
|
||||
calls to
|
||||
[codeql database trace-command](/code-security/codeql-cli/codeql-cli-manual/database-trace-command) then the options also need to be passed there if desired.
|
||||
@@ -290,7 +290,7 @@ will use all the values provided, in order. Extractor options specified
|
||||
using this command-line option are processed before extractor options
|
||||
given via `--extractor-option`.
|
||||
|
||||
When passed to [codeql database init](/code-security/codeql-cli/codeql-cli-manual/database-init) or `codeql database begin-tracing`, the options will only be
|
||||
When passed to codeql database init or `codeql database begin-tracing`, the options will only be
|
||||
applied to the indirect tracing environment. If your workflow also makes
|
||||
calls to
|
||||
[codeql database trace-command](/code-security/codeql-cli/codeql-cli-manual/database-trace-command) then the options also need to be passed there if desired.
|
||||
|
||||
@@ -37,7 +37,7 @@ the results subdirectory of the database directory.
|
||||
The results can later be converted to readable formats by [codeql database interpret-results](/code-security/codeql-cli/codeql-cli-manual/database-interpret-results), or query-for-query by with [codeql bqrs decode](/code-security/codeql-cli/codeql-cli-manual/bqrs-decode) or [codeql bqrs interpret](/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret).
|
||||
|
||||
If your queries produce results in a form that can be interpreted as
|
||||
source-code alerts, you may find [codeql database analyze](/code-security/codeql-cli/codeql-cli-manual/database-analyze) a more convenient way to run them. [codeql database analyze](/code-security/codeql-cli/codeql-cli-manual/database-analyze) combines [codeql database run-queries](/code-security/codeql-cli/codeql-cli-manual/database-run-queries) with [codeql database interpret-results](/code-security/codeql-cli/codeql-cli-manual/database-interpret-results) in a single step. In particular, [codeql database analyze](/code-security/codeql-cli/codeql-cli-manual/database-analyze) can produce output in the SARIF format, which can be used with an variety of alert viewers.
|
||||
source-code alerts, you may find [codeql database analyze](/code-security/codeql-cli/codeql-cli-manual/database-analyze) a more convenient way to run them. [codeql database analyze](/code-security/codeql-cli/codeql-cli-manual/database-analyze) combines codeql database run-queries with [codeql database interpret-results](/code-security/codeql-cli/codeql-cli-manual/database-interpret-results) in a single step. In particular, [codeql database analyze](/code-security/codeql-cli/codeql-cli-manual/database-analyze) can produce output in the SARIF format, which can be used with an variety of alert viewers.
|
||||
|
||||
Alternatively, if you have only a single query to run, you might prefer
|
||||
[codeql query run](/code-security/codeql-cli/codeql-cli-manual/query-run), which can display human-readable output for quick inspection of results while you're debugging.
|
||||
|
||||
@@ -99,7 +99,7 @@ configuration files that should work in most situations.
|
||||
In addition to the specified command, run the main script for extractors
|
||||
that don't depend on tracing a build process. If you're constructing
|
||||
databases for several languages with `--db-cluster`, this option should
|
||||
be given to exactly one invocation of [codeql database trace-command](/code-security/codeql-cli/codeql-cli-manual/database-trace-command).
|
||||
be given to exactly one invocation of codeql database trace-command.
|
||||
|
||||
#### `--[no-]use-build-mode`
|
||||
|
||||
@@ -144,7 +144,7 @@ given via `--extractor-options-file`.
|
||||
When passed to [codeql database init](/code-security/codeql-cli/codeql-cli-manual/database-init) or `codeql database begin-tracing`, the options will only be
|
||||
applied to the indirect tracing environment. If your workflow also makes
|
||||
calls to
|
||||
[codeql database trace-command](/code-security/codeql-cli/codeql-cli-manual/database-trace-command) then the options also need to be passed there if desired.
|
||||
codeql database trace-command then the options also need to be passed there if desired.
|
||||
|
||||
See <https://codeql.github.com/docs/codeql-cli/extractor-options> for
|
||||
more information on CodeQL extractor options, including how to list the
|
||||
@@ -170,7 +170,7 @@ given via `--extractor-option`.
|
||||
When passed to [codeql database init](/code-security/codeql-cli/codeql-cli-manual/database-init) or `codeql database begin-tracing`, the options will only be
|
||||
applied to the indirect tracing environment. If your workflow also makes
|
||||
calls to
|
||||
[codeql database trace-command](/code-security/codeql-cli/codeql-cli-manual/database-trace-command) then the options also need to be passed there if desired.
|
||||
codeql database trace-command then the options also need to be passed there if desired.
|
||||
|
||||
See <https://codeql.github.com/docs/codeql-cli/extractor-options> for
|
||||
more information on CodeQL extractor options, including how to list the
|
||||
|
||||
@@ -82,6 +82,9 @@ predicates.
|
||||
`fit`: Simply make sure the defined size limits for the disk cache are
|
||||
observed, deleting as many intermediates as necessary.
|
||||
|
||||
`overlay`: Trim to just the data that will be useful when evaluating
|
||||
against an overlay.
|
||||
|
||||
#### `--cleanup-upgrade-backups`
|
||||
|
||||
Delete any backup directories resulting from database upgrades.
|
||||
|
||||
@@ -96,7 +96,7 @@ takes up a lot of space in the dataset.
|
||||
|
||||
#### `--[no-]linkage-aware-import`
|
||||
|
||||
\[Advanced] Controls whether [codeql dataset import](/code-security/codeql-cli/codeql-cli-manual/dataset-import) is linkage-aware _(default)_ or not. On projects where this part of database creation
|
||||
\[Advanced] Controls whether codeql dataset import is linkage-aware _(default)_ or not. On projects where this part of database creation
|
||||
consumes too much memory, disabling this option may help them progress
|
||||
at the expense of database completeness.
|
||||
|
||||
|
||||
@@ -32,7 +32,7 @@ codeql execute queries [--output=<dir|file.bqrs>] [--threads=<num>] <options>...
|
||||
\[Plumbing] Run one or more queries against a dataset.
|
||||
|
||||
This command should not normally be invoked directly. Instead use either
|
||||
[codeql database run-queries](/code-security/codeql-cli/codeql-cli-manual/database-run-queries) or [codeql query run](/code-security/codeql-cli/codeql-cli-manual/query-run), which will start [codeql execute queries](/code-security/codeql-cli/codeql-cli-manual/execute-queries) with specific JVM options to tune the performance of the QL evaluator.
|
||||
[codeql database run-queries](/code-security/codeql-cli/codeql-cli-manual/database-run-queries) or [codeql query run](/code-security/codeql-cli/codeql-cli-manual/query-run), which will start codeql execute queries with specific JVM options to tune the performance of the QL evaluator.
|
||||
|
||||
## Options
|
||||
|
||||
|
||||
@@ -32,7 +32,7 @@ codeql execute query-server <options>...
|
||||
\[Deprecated] \[Plumbing] Support for running queries from IDEs.
|
||||
|
||||
The
|
||||
[codeql execute query-server](/code-security/codeql-cli/codeql-cli-manual/execute-query-server) subcommand is unsupported and no longer works. If you are using the official CodeQL extension for Visual Studio Code, please upgrade the extension to 1.7.6 or a later version. Otherwise please migrate your CodeQL IDE integration to the `codeql execute query-server2` subcommand.
|
||||
codeql execute query-server subcommand is unsupported and no longer works. If you are using the official CodeQL extension for Visual Studio Code, please upgrade the extension to 1.7.6 or a later version. Otherwise please migrate your CodeQL IDE integration to the `codeql execute query-server2` subcommand.
|
||||
|
||||
## Options
|
||||
|
||||
|
||||
@@ -275,7 +275,7 @@ timed parts are "RA layers" of the optimized query, but that might
|
||||
change in the future.
|
||||
|
||||
If no timeout is specified, or is given as 0, no timeout will be set
|
||||
(except for [codeql test run](/code-security/codeql-cli/codeql-cli-manual/test-run), where the default timeout is 5 minutes).
|
||||
(except for codeql test run, where the default timeout is 5 minutes).
|
||||
|
||||
#### `-j, --threads=<num>`
|
||||
|
||||
|
||||
17
data/reusables/code-scanning/codeql-query-tables/rust.md
Normal file
17
data/reusables/code-scanning/codeql-query-tables/rust.md
Normal file
@@ -0,0 +1,17 @@
|
||||
{% rowheaders %}
|
||||
|
||||
| Query name | Related CWEs | Default | Extended | {% data variables.copilot.copilot_autofix_short %} |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| [Access of invalid pointer](https://codeql.github.com/codeql-query-help/rust/rust-access-invalid-pointer/) | 476, 825 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
|
||||
| [Cleartext logging of sensitive information](https://codeql.github.com/codeql-query-help/rust/rust-cleartext-logging/) | 312, 359, 532 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
|
||||
| [Cleartext transmission of sensitive information](https://codeql.github.com/codeql-query-help/rust/rust-cleartext-transmission/) | 319 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
|
||||
| [Database query built from user-controlled sources](https://codeql.github.com/codeql-query-help/rust/rust-sql-injection/) | 089 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
|
||||
| [Hard-coded cryptographic value](https://codeql.github.com/codeql-query-help/rust/rust-hard-coded-cryptographic-value/) | 259, 321, 798, 1204 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
|
||||
| [Regular expression injection](https://codeql.github.com/codeql-query-help/rust/rust-regex-injection/) | 020, 074 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
|
||||
| [Uncontrolled allocation size](https://codeql.github.com/codeql-query-help/rust/rust-uncontrolled-allocation-size/) | 770, 789 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
|
||||
| [Uncontrolled data used in path expression](https://codeql.github.com/codeql-query-help/rust/rust-path-injection/) | 022, 023, 036, 073, 099 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
|
||||
| [Use of a broken or weak cryptographic algorithm](https://codeql.github.com/codeql-query-help/rust/rust-weak-cryptographic-algorithm/) | 327 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
|
||||
| [Use of a broken or weak cryptographic hashing algorithm on sensitive data](https://codeql.github.com/codeql-query-help/rust/rust-weak-sensitive-data-hashing/) | 327, 328, 916 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
|
||||
| [Access of a pointer after its lifetime has ended](https://codeql.github.com/codeql-query-help/rust/rust-access-after-lifetime-ended/) | 825 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
|
||||
|
||||
{% endrowheaders %}
|
||||
Reference in New Issue
Block a user