Skip to content

Commit 7b04cf1

Browse files
geoffw0geoffw0
committed
Rust: Fix up the test annotations.
1 parent e630bf8 commit 7b04cf1

File tree

2 files changed

+15
-25
lines changed

2 files changed

+15
-25
lines changed

rust/ql/test/query-tests/security/CWE-319/UseOfHttp.expected

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -66,13 +66,3 @@ nodes
6666
| main.rs:60:21:60:42 | ...::get | semmle.label | ...::get |
6767
| main.rs:60:44:60:46 | url | semmle.label | url |
6868
subpaths
69-
testFailures
70-
| main.rs:22:20:22:39 | "http://example.com" | Unexpected result: Source |
71-
| main.rs:22:42:22:71 | //... | Missing result: Alert[rust/non-https-url] |
72-
| main.rs:25:21:25:42 | ...::get | Unexpected result: Alert |
73-
| main.rs:33:20:33:28 | "http://" | Unexpected result: Source |
74-
| main.rs:33:31:33:60 | //... | Missing result: Alert[rust/non-https-url] |
75-
| main.rs:36:30:36:51 | ...::get | Unexpected result: Alert |
76-
| main.rs:59:15:59:49 | "http://example.com/sensitive-... | Unexpected result: Source |
77-
| main.rs:59:52:59:81 | //... | Missing result: Alert[rust/non-https-url] |
78-
| main.rs:60:21:60:42 | ...::get | Unexpected result: Alert |

rust/ql/test/query-tests/security/CWE-319/main.rs

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -11,30 +11,30 @@ fn test_direct_literals() {
1111
// BAD: Direct HTTP URLs that should be flagged
1212
let _response1 = reqwest::blocking::get("http://example.com/api").unwrap(); // $ Alert[rust/non-https-url]
1313
let _response2 = reqwest::blocking::get("http://api.example.com/data").unwrap(); // $ Alert[rust/non-https-url]
14-
15-
// GOOD: HTTPS URLs that should not be flagged
14+
15+
// GOOD: HTTPS URLs that should not be flagged
1616
let _response3 = reqwest::blocking::get("https://example.com/api").unwrap();
1717
let _response4 = reqwest::blocking::get("https://api.example.com/data").unwrap();
1818
}
1919

2020
fn test_dynamic_urls() {
2121
// BAD: HTTP URLs constructed dynamically
22-
let base_url = "http://example.com"; // $ Alert[rust/non-https-url]
22+
let base_url = "http://example.com"; // $ Source
2323
let endpoint = "/api/users";
2424
let full_url = format!("{}{}", base_url, endpoint);
25-
let _response = reqwest::blocking::get(&full_url).unwrap();
26-
25+
let _response = reqwest::blocking::get(&full_url).unwrap(); // $ Alert[rust/non-https-url]
26+
2727
// GOOD: HTTPS URLs constructed dynamically
2828
let secure_base = "https://example.com";
2929
let secure_full = format!("{}{}", secure_base, endpoint);
3030
let _secure_response = reqwest::blocking::get(&secure_full).unwrap();
31-
31+
3232
// BAD: HTTP protocol string
33-
let protocol = "http://"; // $ Alert[rust/non-https-url]
33+
let protocol = "http://"; // $ Source
3434
let host = "api.example.com";
3535
let insecure_url = format!("{}{}", protocol, host);
36-
let _insecure_response = reqwest::blocking::get(&insecure_url).unwrap();
37-
36+
let _insecure_response = reqwest::blocking::get(&insecure_url).unwrap(); // $ Alert[rust/non-https-url]
37+
3838
// GOOD: HTTPS protocol string
3939
let secure_protocol = "https://";
4040
let secure_url = format!("{}{}", secure_protocol, host);
@@ -47,7 +47,7 @@ fn test_localhost_exemptions() {
4747
let _local2 = reqwest::blocking::get("http://127.0.0.1:3000/test").unwrap();
4848
let _local3 = reqwest::blocking::get("http://192.168.1.100/internal").unwrap();
4949
let _local4 = reqwest::blocking::get("http://10.0.0.1/admin").unwrap();
50-
50+
5151
// Test IPv6 localhost variants
5252
let _local5 = reqwest::blocking::get("http://[::1]:8080/api").unwrap();
5353
let _local6 = reqwest::blocking::get("http://[0:0:0:0:0:0:0:1]/test").unwrap();
@@ -56,10 +56,10 @@ fn test_localhost_exemptions() {
5656
// Additional test cases that mirror the Bad/Good examples
5757
fn test_examples() {
5858
// From UseOfHttpBad.rs - BAD case
59-
let url = "http://example.com/sensitive-data"; // $ Alert[rust/non-https-url]
60-
let _response = reqwest::blocking::get(url).unwrap();
61-
62-
// From UseOfHttpGood.rs - GOOD case
59+
let url = "http://example.com/sensitive-data"; // $ Source
60+
let _response = reqwest::blocking::get(url).unwrap(); // $ Alert[rust/non-https-url]
61+
62+
// From UseOfHttpGood.rs - GOOD case
6363
let secure_url = "https://example.com/sensitive-data";
6464
let _secure_response = reqwest::blocking::get(secure_url).unwrap();
65-
}
65+
}

0 commit comments

Comments
 (0)