Shared, rust: Add option to disable reads steps as taint steps in model generator

Author: paldepind

rust/ql/src/utils/modelgenerator/internal/CaptureModels.qll

@@ -113,6 +113,8 @@ module ModelGeneratorCommonInput implements
     c.(SingletonContentSet).getContent() instanceof ElementContent
   }
 
+  predicate applyReadStepsAsTaintSteps() { none() }
+
   string partialModelRow(Callable api, int i) { i = 0 and result = api.getCanonicalPath() }
 
   string partialNeutralModelRow(Callable api, int i) { result = partialModelRow(api, i) }

shared/mad/codeql/mad/modelgenerator/internal/ModelGeneratorImpl.qll

@@ -115,6 +115,9 @@ signature module ModelGeneratorCommonInputSig<LocationSig Location, InputSig<Loc
    */
   predicate containerContent(Lang::ContentSet c);
 
+  /** Holds if read steps should heuristically be applied as taint steps. */
+  default predicate applyReadStepsAsTaintSteps() { any() }
+
   /**
    * Gets the parameter position of the return kind, if any.
    */
@@ -1061,6 +1064,7 @@ module MakeModelGeneratorFactory<
   private predicate isRelevantTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
     exists(DataFlow::ContentSet f |
       DataFlow::readStep(node1, f, node2) and
+      applyReadStepsAsTaintSteps() and
       // Partially restrict the content types used for intermediate steps.
       (not exists(getUnderlyingContentType(f)) or isRelevantTypeInContent(f))
     )