hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 09:15:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add missing qldoc

Browse Source
This commit is contained in:
Joe Farebrother
2022-06-22 14:26:49 +01:00
parent 0d09484efc
commit 03c2a0e818
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
java/ql/lib/semmle/code/java/security/AndroidWebViewCertificateValidationQuery.qll
View File

@@ -1,5 +1,8 @@
/** Defintions for the web view certificate validation query */
import java
/** A method that overrides `WebViewClient.onReceivedSslError` */
class OnReceivedSslErrorMethod extends Method {
OnReceivedSslErrorMethod() {
this.overrides*(any(Method m |
@@ -7,21 +10,25 @@ class OnReceivedSslErrorMethod extends Method {
))
}
/** Gets the `SslErrorHandler` argument to this method. */
Parameter handlerArg() { result = this.getParameter(1) }
}
/** A call to `SslErrorHandler.cancel` */
private class SslCancelCall extends MethodAccess {
SslCancelCall() {
this.getMethod().hasQualifiedName("android.webkit", "SslErrorHandler", "cancel")
}
}
/** A call to `SslErrorHandler.proceed` */
private class SslProceedCall extends MethodAccess {
SslProceedCall() {
this.getMethod().hasQualifiedName("android.webkit", "SslErrorHandler", "proceed")
}
}
/** Holds if `m` trusts all certifiates by calling `SslErrorHandler.proceed` unconditionally. */
predicate trustsAllCerts(OnReceivedSslErrorMethod m) {
exists(SslProceedCall pr | pr.getQualifier().(VarAccess).getVariable() = m.handlerArg()) and
not exists(SslCancelCall ca | ca.getQualifier().(VarAccess).getVariable() = m.handlerArg())