CodeQL includes many queries for analyzing Rust code. All queries in the default query suite are run by default. If you choose to use the security-extended query suite, additional queries are run. For more information, see CodeQL query suites.
Built-in queries for Rust analysis
This table lists the queries available with the latest release of the CodeQL action and CodeQL CLI. For more information, see CodeQL change logs in the CodeQL documentation site.
| Query name | Related CWEs | Default | Extended | Copilot Autofix |
|---|---|---|---|---|
| 'Secure' attribute is not set to true | 319, 614 | |||
| Access of invalid pointer | 476, 825 | |||
| Cleartext logging of sensitive information | 312, 359, 532 | |||
| Cleartext storage of sensitive information in a database | 312 | |||
| Cleartext transmission of sensitive information | 319 | |||
| Cross-site scripting | 079, 116 | |||
| Database query built from user-controlled sources | 089 | |||
| Disabled TLS certificate check | 295 | |||
| Failure to use HTTPS URLs | 319, 345 | |||
| Hard-coded cryptographic value | 259, 321, 798, 1204 | |||
| Regular expression injection | 020, 074 | |||
| Server-side request forgery | 918 | |||
| Uncontrolled allocation size | 770, 789 | |||
| Uncontrolled data used in path expression | 022, 023, 036, 073, 099 | |||
| Use of a broken or weak cryptographic algorithm | 327 | |||
| Use of a broken or weak cryptographic hashing algorithm on sensitive data | 327, 328, 916 | |||
| Access of a pointer after its lifetime has ended | 825 | |||
| Log injection | 117 |