diff --git a/rust/ql/lib/codeql/rust/internal/PathResolution.qll b/rust/ql/lib/codeql/rust/internal/PathResolution.qll index ca05b0fba7d1..7d9370ebb350 100644 --- a/rust/ql/lib/codeql/rust/internal/PathResolution.qll +++ b/rust/ql/lib/codeql/rust/internal/PathResolution.qll @@ -1404,18 +1404,20 @@ private predicate useImportEdge(Use use, string name, ItemNode item) { } /** - * Holds if `i` is available inside `f` because it is reexported in [the prelude][1]. + * Holds if `i` is available inside `f` because it is reexported in + * [the `core` prelude][1] or [the `std` prelude][2]. * * We don't yet have access to prelude information from the extractor, so for now * we include all the preludes for Rust: 2015, 2018, 2021, and 2024. * * [1]: https://doc.rust-lang.org/core/prelude/index.html + * [2]: https://doc.rust-lang.org/std/prelude/index.html */ private predicate preludeEdge(SourceFile f, string name, ItemNode i) { - exists(Crate core, ModuleLikeNode mod, ModuleItemNode prelude, ModuleItemNode rust | - f = any(Crate c0 | core = c0.getDependency(_) or core = c0).getASourceFile() and - core.getName() = "core" and - mod = core.getSourceFile() and + exists(Crate stdOrCore, ModuleLikeNode mod, ModuleItemNode prelude, ModuleItemNode rust | + f = any(Crate c0 | stdOrCore = c0.getDependency(_) or stdOrCore = c0).getASourceFile() and + stdOrCore.getName() = ["std", "core"] and + mod = stdOrCore.getSourceFile() and prelude = mod.getASuccessorRec("prelude") and rust = prelude.getASuccessorRec(["rust_2015", "rust_2018", "rust_2021", "rust_2024"]) and i = rust.getASuccessorRec(name) and diff --git a/rust/ql/test/query-tests/security/CWE-770/CONSISTENCY/PathResolutionConsistency.expected b/rust/ql/test/query-tests/security/CWE-770/CONSISTENCY/PathResolutionConsistency.expected new file mode 100644 index 000000000000..d3d59980e32f --- /dev/null +++ b/rust/ql/test/query-tests/security/CWE-770/CONSISTENCY/PathResolutionConsistency.expected @@ -0,0 +1,15 @@ +multiplePathResolutions +| main.rs:218:14:218:17 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:218:14:218:17 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:219:13:219:16 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:219:13:219:16 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:220:13:220:16 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:220:13:220:16 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:221:13:221:16 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:221:13:221:16 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:222:13:222:16 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:222:13:222:16 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:223:13:223:16 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:223:13:223:16 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:224:13:224:16 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| main.rs:224:13:224:16 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | diff --git a/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/PathResolutionConsistency.expected b/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/PathResolutionConsistency.expected new file mode 100644 index 000000000000..804c13f6434b --- /dev/null +++ b/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/PathResolutionConsistency.expected @@ -0,0 +1,11 @@ +multiplePathResolutions +| deallocation.rs:106:16:106:19 | libc | file://:0:0:0:0 | Crate(libc@0.2.171) | +| deallocation.rs:106:16:106:19 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| deallocation.rs:106:16:106:27 | ...::malloc | file://:0:0:0:0 | fn malloc | +| deallocation.rs:106:16:106:27 | ...::malloc | file://:0:0:0:0 | fn malloc | +| deallocation.rs:112:3:112:6 | libc | file://:0:0:0:0 | Crate(libc@0.2.171) | +| deallocation.rs:112:3:112:6 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| deallocation.rs:112:3:112:12 | ...::free | file://:0:0:0:0 | fn free | +| deallocation.rs:112:3:112:12 | ...::free | file://:0:0:0:0 | fn free | +| deallocation.rs:112:29:112:32 | libc | file://:0:0:0:0 | Crate(libc@0.2.171) | +| deallocation.rs:112:29:112:32 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) |