Rust: Extend tests based on cases found in DCA.

geoffw0 · geoffw0 · commit 168246005cc6 · 2025-06-11T18:33:59.000+01:00
diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected
@@ -22,7 +22,8 @@
 | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 |
 | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:651:7:651:10 | str2 | str2 |
 | lifetime.rs:734:12:734:13 | r1 | lifetime.rs:719:26:719:34 | &... | lifetime.rs:734:12:734:13 | r1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:719:19:719:20 | v2 | v2 |
-| lifetime.rs:775:10:775:12 | ptr | lifetime.rs:765:9:765:12 | &val | lifetime.rs:775:10:775:12 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:763:6:763:8 | val | val |
+| lifetime.rs:771:12:771:14 | ptr | lifetime.rs:769:12:769:23 | &val | lifetime.rs:771:12:771:14 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:769:12:769:23 | val | val |
+| lifetime.rs:791:10:791:12 | ptr | lifetime.rs:781:9:781:12 | &val | lifetime.rs:791:10:791:12 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:779:6:779:8 | val | val |
 edges
 | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:151:14:151:15 | p1 | provenance |  |
 | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:158:14:158:15 | p1 | provenance |  |
@@ -190,12 +191,15 @@ edges
 | lifetime.rs:719:26:719:34 | &... | lifetime.rs:718:7:718:8 | r1 | provenance |  |
 | lifetime.rs:730:6:730:7 | r1 | lifetime.rs:734:12:734:13 | r1 | provenance |  |
 | lifetime.rs:730:11:730:25 | e1.test_match() | lifetime.rs:730:6:730:7 | r1 | provenance |  |
-| lifetime.rs:756:2:756:12 | &val | lifetime.rs:756:2:756:12 | ptr | provenance |  |
-| lifetime.rs:756:2:756:12 | ptr | lifetime.rs:757:2:757:12 | ptr | provenance |  |
-| lifetime.rs:765:2:765:12 | return ... | lifetime.rs:769:12:769:24 | get_pointer(...) | provenance |  |
-| lifetime.rs:765:9:765:12 | &val | lifetime.rs:765:2:765:12 | return ... | provenance |  |
-| lifetime.rs:769:6:769:8 | ptr | lifetime.rs:775:10:775:12 | ptr | provenance |  |
-| lifetime.rs:769:12:769:24 | get_pointer(...) | lifetime.rs:769:6:769:8 | ptr | provenance |  |
+| lifetime.rs:766:2:766:13 | &val | lifetime.rs:766:2:766:13 | ptr | provenance |  |
+| lifetime.rs:766:2:766:13 | ptr | lifetime.rs:767:2:767:13 | ptr | provenance |  |
+| lifetime.rs:769:6:769:8 | ptr | lifetime.rs:771:12:771:14 | ptr | provenance |  |
+| lifetime.rs:769:12:769:23 | &val | lifetime.rs:769:12:769:23 | ptr | provenance |  |
+| lifetime.rs:769:12:769:23 | ptr | lifetime.rs:769:6:769:8 | ptr | provenance |  |
+| lifetime.rs:781:2:781:12 | return ... | lifetime.rs:785:12:785:24 | get_pointer(...) | provenance |  |
+| lifetime.rs:781:9:781:12 | &val | lifetime.rs:781:2:781:12 | return ... | provenance |  |
+| lifetime.rs:785:6:785:8 | ptr | lifetime.rs:791:10:791:12 | ptr | provenance |  |
+| lifetime.rs:785:12:785:24 | get_pointer(...) | lifetime.rs:785:6:785:8 | ptr | provenance |  |
 models
 | 1 | Summary: lang:core; crate::ptr::from_ref; Argument[0]; ReturnValue; value |
 nodes
@@ -395,12 +399,16 @@ nodes
 | lifetime.rs:730:6:730:7 | r1 | semmle.label | r1 |
 | lifetime.rs:730:11:730:25 | e1.test_match() | semmle.label | e1.test_match() |
 | lifetime.rs:734:12:734:13 | r1 | semmle.label | r1 |
-| lifetime.rs:756:2:756:12 | &val | semmle.label | &val |
-| lifetime.rs:756:2:756:12 | ptr | semmle.label | ptr |
-| lifetime.rs:757:2:757:12 | ptr | semmle.label | ptr |
-| lifetime.rs:765:2:765:12 | return ... | semmle.label | return ... |
-| lifetime.rs:765:9:765:12 | &val | semmle.label | &val |
+| lifetime.rs:766:2:766:13 | &val | semmle.label | &val |
+| lifetime.rs:766:2:766:13 | ptr | semmle.label | ptr |
+| lifetime.rs:767:2:767:13 | ptr | semmle.label | ptr |
 | lifetime.rs:769:6:769:8 | ptr | semmle.label | ptr |
-| lifetime.rs:769:12:769:24 | get_pointer(...) | semmle.label | get_pointer(...) |
-| lifetime.rs:775:10:775:12 | ptr | semmle.label | ptr |
+| lifetime.rs:769:12:769:23 | &val | semmle.label | &val |
+| lifetime.rs:769:12:769:23 | ptr | semmle.label | ptr |
+| lifetime.rs:771:12:771:14 | ptr | semmle.label | ptr |
+| lifetime.rs:781:2:781:12 | return ... | semmle.label | return ... |
+| lifetime.rs:781:9:781:12 | &val | semmle.label | &val |
+| lifetime.rs:785:6:785:8 | ptr | semmle.label | ptr |
+| lifetime.rs:785:12:785:24 | get_pointer(...) | semmle.label | get_pointer(...) |
+| lifetime.rs:791:10:791:12 | ptr | semmle.label | ptr |
 subpaths
diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs
@@ -737,7 +737,7 @@ pub fn test_enum_members() {
 
 // --- macros ---
 
-macro_rules! my_macro {
+macro_rules! my_macro1 {
 	() => {
 		let ptr: *const i64;
 		{
@@ -752,9 +752,25 @@ macro_rules! my_macro {
 	}
 }
 
+macro_rules! my_macro2 {
+	() => {
+		{
+			let val: i64 = 1;
+			let ptr: *const i64 = &val;
+			ptr
+		}
+	}
+}
+
 pub fn test_macros() {
-	my_macro!();
-	my_macro!();
+	my_macro1!();
+	my_macro1!();
+
+	let ptr = my_macro2!(); // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=ptr
+	unsafe {
+		let v = *ptr; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=ptr
+		println!("	v = {v}");
+	}
 }
 
 // --- examples from qhelp ---
