CodeQL query help for Rust¶
Visit the articles below to see the documentation for the queries included in the following query suites:
default: queries run by default in CodeQL code scanning on GitHub.security-extended: queries fromdefault, plus extra security queries with slightly lower precision and severity.security-and-quality: queries fromdefault,security-extended, plus extra maintainability and reliability queries.
These queries are published in the CodeQL query packcodeql/rust-queries (changelog,source).
- ‘Secure’ attribute is not set to true
- Access of a pointer after its lifetime has ended
- Access of invalid pointer
- Bad ‘ctor’ initialization
- Cleartext logging of sensitive information
- Cleartext storage of sensitive information in a database
- Cleartext transmission of sensitive information
- Database query built from user-controlled sources
- Failure to use HTTPS URLs
- Hard-coded cryptographic value
- Log injection
- Regular expression injection
- Server-side request forgery
- Uncontrolled allocation size
- Uncontrolled data used in path expression
- Unused variable
- Use of a broken or weak cryptographic algorithm
- Use of a broken or weak cryptographic hashing algorithm on sensitive data