CodeQL includes many queries for analyzing Rust code. All queries in the default query suite are run by default. If you choose to use the security-extended query suite, additional queries are run. For more information, see CodeQL query suites.
Built-in queries for Rust analysis
This table lists the queries available with the latest release of the CodeQL action and CodeQL CLI. For more information, see CodeQL change logs in the CodeQL documentation site.
| Query name | Related CWEs | Default | Extended | Copilot Autofix |
|---|---|---|---|---|
| Access of invalid pointer | 476, 825 | |||
| Cleartext logging of sensitive information | 312, 359, 532 | |||
| Cleartext transmission of sensitive information | 319 | |||
| Database query built from user-controlled sources | 089 | |||
| Hard-coded cryptographic value | 259, 321, 798, 1204 | |||
| Regular expression injection | 020, 074 | |||
| Uncontrolled allocation size | 770, 789 | |||
| Uncontrolled data used in path expression | 022, 023, 036, 073, 099 | |||
| Use of a broken or weak cryptographic algorithm | 327 | |||
| Use of a broken or weak cryptographic hashing algorithm on sensitive data | 327, 328, 916 | |||
| Access of a pointer after its lifetime has ended | 825 |