Rust: Make the tests of the example code closer to the actual example code.

geoffw0 · geoffw0 · commit 0924dec545a0 · 2025-09-16T12:28:52.000+01:00
diff --git a/rust/ql/test/query-tests/security/CWE-319/UseOfHttp.expected b/rust/ql/test/query-tests/security/CWE-319/UseOfHttp.expected
@@ -3,7 +3,7 @@
 | main.rs:13:22:13:43 | ...::get | main.rs:13:45:13:73 | "http://api.example.com/data" | main.rs:13:22:13:43 | ...::get | This URL may be constructed with the HTTP protocol, from $@. | main.rs:13:45:13:73 | "http://api.example.com/data" | this HTTP URL |
 | main.rs:25:21:25:42 | ...::get | main.rs:22:20:22:39 | "http://example.com" | main.rs:25:21:25:42 | ...::get | This URL may be constructed with the HTTP protocol, from $@. | main.rs:22:20:22:39 | "http://example.com" | this HTTP URL |
 | main.rs:36:30:36:51 | ...::get | main.rs:33:20:33:28 | "http://" | main.rs:36:30:36:51 | ...::get | This URL may be constructed with the HTTP protocol, from $@. | main.rs:33:20:33:28 | "http://" | this HTTP URL |
-| main.rs:60:21:60:42 | ...::get | main.rs:59:15:59:49 | "http://example.com/sensitive-... | main.rs:60:21:60:42 | ...::get | This URL may be constructed with the HTTP protocol, from $@. | main.rs:59:15:59:49 | "http://example.com/sensitive-... | this HTTP URL |
+| main.rs:63:24:63:45 | ...::get | main.rs:60:19:60:53 | "http://example.com/sensitive-... | main.rs:63:24:63:45 | ...::get | This URL may be constructed with the HTTP protocol, from $@. | main.rs:60:19:60:53 | "http://example.com/sensitive-... | this HTTP URL |
 edges
 | main.rs:12:45:12:68 | "http://example.com/api" | main.rs:12:22:12:43 | ...::get | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:13:45:13:73 | "http://api.example.com/data" | main.rs:13:22:13:43 | ...::get | provenance | MaD:1 Sink:MaD:1 |
@@ -27,9 +27,9 @@ edges
 | main.rs:35:32:35:53 | { ... } | main.rs:35:32:35:53 | ...::must_use(...) | provenance | MaD:3 |
 | main.rs:36:53:36:65 | &insecure_url [&ref] | main.rs:36:30:36:51 | ...::get | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:36:54:36:65 | insecure_url | main.rs:36:53:36:65 | &insecure_url [&ref] | provenance |  |
-| main.rs:59:9:59:11 | url | main.rs:60:44:60:46 | url | provenance |  |
-| main.rs:59:15:59:49 | "http://example.com/sensitive-... | main.rs:59:9:59:11 | url | provenance |  |
-| main.rs:60:44:60:46 | url | main.rs:60:21:60:42 | ...::get | provenance | MaD:1 Sink:MaD:1 |
+| main.rs:60:13:60:15 | url | main.rs:63:47:63:49 | url | provenance |  |
+| main.rs:60:19:60:53 | "http://example.com/sensitive-... | main.rs:60:13:60:15 | url | provenance |  |
+| main.rs:63:47:63:49 | url | main.rs:63:24:63:45 | ...::get | provenance | MaD:1 Sink:MaD:1 |
 models
 | 1 | Sink: reqwest::blocking::get; Argument[0]; request-url |
 | 2 | Summary: alloc::fmt::format; Argument[0]; ReturnValue; taint |
@@ -61,8 +61,8 @@ nodes
 | main.rs:36:30:36:51 | ...::get | semmle.label | ...::get |
 | main.rs:36:53:36:65 | &insecure_url [&ref] | semmle.label | &insecure_url [&ref] |
 | main.rs:36:54:36:65 | insecure_url | semmle.label | insecure_url |
-| main.rs:59:9:59:11 | url | semmle.label | url |
-| main.rs:59:15:59:49 | "http://example.com/sensitive-... | semmle.label | "http://example.com/sensitive-... |
-| main.rs:60:21:60:42 | ...::get | semmle.label | ...::get |
-| main.rs:60:44:60:46 | url | semmle.label | url |
+| main.rs:60:13:60:15 | url | semmle.label | url |
+| main.rs:60:19:60:53 | "http://example.com/sensitive-... | semmle.label | "http://example.com/sensitive-... |
+| main.rs:63:24:63:45 | ...::get | semmle.label | ...::get |
+| main.rs:63:47:63:49 | url | semmle.label | url |
 subpaths
diff --git a/rust/ql/test/query-tests/security/CWE-319/main.rs b/rust/ql/test/query-tests/security/CWE-319/main.rs
@@ -56,10 +56,20 @@ fn test_localhost_exemptions() {
 // Additional test cases that mirror the Bad/Good examples
 fn test_examples() {
     // From UseOfHttpBad.rs - BAD case
-    let url = "http://example.com/sensitive-data"; // $ Source
-    let _response = reqwest::blocking::get(url).unwrap(); // $ Alert[rust/non-https-url]
+    {
+        let url = "http://example.com/sensitive-data"; // $ Source
+
+        // This makes an insecure HTTP request that can be intercepted
+        let response = reqwest::blocking::get(url).unwrap(); // $ Alert[rust/non-https-url]
+        println!("Response: {}", response.text().unwrap());
+    }
 
     // From UseOfHttpGood.rs - GOOD case
-    let secure_url = "https://example.com/sensitive-data";
-    let _secure_response = reqwest::blocking::get(secure_url).unwrap();
+    {
+        let url = "https://example.com/sensitive-data";
+
+        // This makes a secure HTTPS request that is encrypted
+        let response = reqwest::blocking::get(url).unwrap();
+        println!("Response: {}", response.text().unwrap());
+    }
 }
