Rust: Exclude sources in macro expansions.

geoffw0 · geoffw0 · commit 087e66665858 · 2025-06-11T18:48:23.000+01:00
diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql
@@ -40,7 +40,8 @@ where
   AccessAfterLifetimeFlow::flowPath(sourceNode, sinkNode) and
   // check that the dereference is outside the lifetime of the target
   AccessAfterLifetime::dereferenceAfterLifetime(sourceNode.getNode(), sinkNode.getNode(), target) and
-  // exclude sinks in macros, since these results are difficult to interpret
+  // exclude cases with sources / sinks in macros, since these results are difficult to interpret
+  not sourceNode.getNode().asExpr().getExpr().isFromMacroExpansion() and
   not sinkNode.getNode().asExpr().getExpr().isFromMacroExpansion()
 select sinkNode.getNode(), sourceNode, sinkNode,
   "Access of a pointer to $@ after its lifetime has ended.", target, target.toString()
diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected
@@ -22,7 +22,6 @@
 | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 |
 | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:651:7:651:10 | str2 | str2 |
 | lifetime.rs:734:12:734:13 | r1 | lifetime.rs:719:26:719:34 | &... | lifetime.rs:734:12:734:13 | r1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:719:19:719:20 | v2 | v2 |
-| lifetime.rs:771:12:771:14 | ptr | lifetime.rs:769:12:769:23 | &val | lifetime.rs:771:12:771:14 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:769:12:769:23 | val | val |
 | lifetime.rs:791:10:791:12 | ptr | lifetime.rs:781:9:781:12 | &val | lifetime.rs:791:10:791:12 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:779:6:779:8 | val | val |
 edges
 | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:151:14:151:15 | p1 | provenance |  |
diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs
@@ -766,9 +766,9 @@ pub fn test_macros() {
 	my_macro1!();
 	my_macro1!();
 
-	let ptr = my_macro2!(); // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=ptr
+	let ptr = my_macro2!();
 	unsafe {
-		let v = *ptr; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=ptr
+		let v = *ptr;
 		println!("	v = {v}");
 	}
 }

Original file line number	Diff line number	Diff line change
`@@ -766,9 +766,9 @@ pub fn test_macros() {`
`766`	`766`	`my_macro1!();`
`767`	`767`	`my_macro1!();`
`768`	`768`
`769`		`- let ptr = my_macro2!(); // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=ptr`
	`769`	`+ let ptr = my_macro2!();`
`770`	`770`	`unsafe {`
`771`		`- let v = *ptr; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=ptr`
	`771`	`+ let v = *ptr;`
`772`	`772`	`println!(" v = {v}");`
`773`	`773`	`}`
`774`	`774`	`}`