Rust: Improve models for environment sources, expect and unwrap

[geoffw0]

Modelling work aimed at getting more results on tests.

• make existing environment sources more accurate by modelling that they return a Result or Option.
• add models for .expect and more variants of .unwrap.
• allow implicit reads at taint sinks in the tests, since some of the existing test cases are written with that assumption.

[Copilot]

Copilot reviewed 7 out of 7 changed files in this pull request and generated no comments.

Comments suppressed due to low confidence (5)

rust/ql/test/library-tests/dataflow/local/main.rs:241

• This new test code is missing a hasValueFlow check, indicating incomplete coverage for the value flow from 48. Please add or update the test annotation.

    sink(s2.unwrap_or_else(|| source(48))); // $ MISSING: hasValueFlow=48

rust/ql/test/library-tests/dataflow/local/main.rs:268

• An empty string is an uninformative error message; consider providing a descriptive message.

    sink(s1.expect("")); // $ hasValueFlow=78

rust/ql/test/library-tests/dataflow/local/main.rs:269

• An empty string is an uninformative error message; consider providing a descriptive message.

    sink(s1.expect_err(""));

rust/ql/test/library-tests/dataflow/local/main.rs:272

• An empty string is an uninformative error message; consider providing a descriptive message.

    sink(s2.expect(""));

rust/ql/test/library-tests/dataflow/local/main.rs:273

• An empty string is an uninformative error message; consider providing a descriptive message.

    sink(s2.expect_err("")); // $ hasValueFlow=79

Tip: Copilot code review supports C#, Go, Java, JavaScript, Markdown, Python, Ruby and TypeScript, with more languages coming soon. Learn more

[geoffw0]

The DCA run was uneventful.

[geoffw0]

Second DCA run also LGTM.