Merge branch 'main' into basicquery

Author: subatoi

docs/codeql/reusables/extractors.rst

@@ -20,7 +20,7 @@
      - ``python``
    * - Ruby
      - ``ruby``
-     - Rust
+   * - Rust
      - ``rust``
    * - Swift
      - ``swift``

docs/codeql/reusables/supported-frameworks.rst

@@ -324,12 +324,15 @@ All support is experimental.
    Name, Category
    `actix-web <https://crates.io/crates/actix-web>`__, Web framework
    alloc, Standard library
+   `async-std <https://crates.io/crates/async-std>`__, Asynchronous programming library
+   `biscotti <https://crates.io/crates/biscotti>`__, Cookie management
    `clap <http://crates.io/crates/clap>`__, Utility library
+   `cookie <https://crates.io/crates/cookie>`__, Cookie management
    core, Standard library
    `digest <https://crates.io/crates/digest>`__, Cryptography library
-   `futures-executor <https://crates.io/crates/futures-executor>`__, Utility library
+   `futures <https://crates.io/crates/futures>`__, Asynchronous programming library
+   `futures-rustls <https://crates.io/crates/futures-rustls>`__, Network communicator
    `hyper <https://crates.io/crates/hyper>`__, HTTP library
-   `hyper-util <https://crates.io/crates/hyper-util>`__, HTTP library
    `libc <https://crates.io/crates/libc>`__, Utility library
    `log <https://crates.io/crates/log>`__, Logging library
    `md5 <https://crates.io/crates/md5>`__, Utility library
@@ -345,12 +348,14 @@ All support is experimental.
    `rusqlite <https://crates.io/crates/rusqlite>`__, Database
    std, Standard library
    `rust-crypto <https://crates.io/crates/rust-crypto>`__, Cryptography library
+   `rustls <https://crates.io/crates/rustls>`__, Network communicator
    `serde <https://crates.io/crates/serde>`__, Serialization
    `smallvec <https://crates.io/crates/smallvec>`__, Utility library
    `sqlx <https://crates.io/crates/sqlx>`__, Database
    `tokio <https://crates.io/crates/tokio>`__, Asynchronous IO
    `tokio-postgres <https://crates.io/crates/tokio-postgres>`__, Database
    `url <https://crates.io/crates/url>`__, Utility library
+   `warp <https://crates.io/crates/warp>`__, Web framework
 
 Swift built-in support
 ================================

java/ql/integration-tests/java/evaluation-to-constant-errortype/ConstantExpAppearsNonConstant.expected

@@ -0,0 +1,2 @@
+query: Likely Bugs/Arithmetic/ConstantExpAppearsNonConstant.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql

java/ql/integration-tests/java/evaluation-to-constant-errortype/ConstantExpAppearsNonConstant.qlref

@@ -0,0 +1,7 @@
+class Test {
+  public static void updateFlashlights(Minecraft mc){
+    if(mc.world != null){
+
+    }
+   }
+}

java/ql/integration-tests/java/evaluation-to-constant-errortype/Test.java

@@ -0,0 +1,2 @@
+def test(codeql, java):
+    codeql.database.create(build_mode="none")

java/ql/integration-tests/java/evaluation-to-constant-errortype/test.py

@@ -19,7 +19,7 @@ predicate isConstantExp(Expr e) {
   // A literal is constant.
   e instanceof Literal
   or
-  e instanceof TypeAccess
+  e instanceof TypeAccess and not e.(TypeAccess).getType() instanceof ErrorType
   or
   e instanceof ArrayTypeAccess
   or

java/ql/src/Likely Bugs/Arithmetic/ConstantExpAppearsNonConstant.ql

@@ -17,6 +17,7 @@ ql/rust/ql/src/queries/security/CWE-312/CleartextStorageDatabase.ql
 ql/rust/ql/src/queries/security/CWE-319/UseOfHttp.ql
 ql/rust/ql/src/queries/security/CWE-327/BrokenCryptoAlgorithm.ql
 ql/rust/ql/src/queries/security/CWE-328/WeakSensitiveDataHashing.ql
+ql/rust/ql/src/queries/security/CWE-614/InsecureCookie.ql
 ql/rust/ql/src/queries/security/CWE-770/UncontrolledAllocationSize.ql
 ql/rust/ql/src/queries/security/CWE-798/HardcodedCryptographicValue.ql
 ql/rust/ql/src/queries/security/CWE-825/AccessInvalidPointer.ql

rust/ql/integration-tests/query-suite/rust-code-scanning.qls.expected

@@ -18,6 +18,7 @@ ql/rust/ql/src/queries/security/CWE-312/CleartextStorageDatabase.ql
 ql/rust/ql/src/queries/security/CWE-319/UseOfHttp.ql
 ql/rust/ql/src/queries/security/CWE-327/BrokenCryptoAlgorithm.ql
 ql/rust/ql/src/queries/security/CWE-328/WeakSensitiveDataHashing.ql
+ql/rust/ql/src/queries/security/CWE-614/InsecureCookie.ql
 ql/rust/ql/src/queries/security/CWE-696/BadCtorInitialization.ql
 ql/rust/ql/src/queries/security/CWE-770/UncontrolledAllocationSize.ql
 ql/rust/ql/src/queries/security/CWE-798/HardcodedCryptographicValue.ql

rust/ql/integration-tests/query-suite/rust-security-and-quality.qls.expected

@@ -18,6 +18,7 @@ ql/rust/ql/src/queries/security/CWE-312/CleartextStorageDatabase.ql
 ql/rust/ql/src/queries/security/CWE-319/UseOfHttp.ql
 ql/rust/ql/src/queries/security/CWE-327/BrokenCryptoAlgorithm.ql
 ql/rust/ql/src/queries/security/CWE-328/WeakSensitiveDataHashing.ql
+ql/rust/ql/src/queries/security/CWE-614/InsecureCookie.ql
 ql/rust/ql/src/queries/security/CWE-770/UncontrolledAllocationSize.ql
 ql/rust/ql/src/queries/security/CWE-798/HardcodedCryptographicValue.ql
 ql/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql