Query to detect exposure of sensitive information from android file intent

2026-05-05 21:55:19 +02:00 · 2021-08-29 18:52:33 +00:00
parent d0b307ecfb
commit 0621e65827
20 changed files with 2173 additions and 2 deletions
--- a/java/ql/test/experimental/query-tests/security/CWE-200/LeakFileActivity2.java
+++ b/java/ql/test/experimental/query-tests/security/CWE-200/LeakFileActivity2.java
@@ -0,0 +1,19 @@
+import android.app.Activity;
+import android.content.Intent;
+import android.net.Uri;
+import android.os.Bundle;
+
+public class LeakFileActivity2 extends Activity {
+    @Override
+    // BAD: Load file in a service without validation
+    protected void onActivityResult(int requestCode, int resultCode, Intent data) {
+        Uri localPath = data.getData();
+
+        if (requestCode == GetFileActivity.REQUEST_CODE__SELECT_CONTENT_FROM_APPS &&
+                resultCode == RESULT_OK) {
+            Intent intent = new Intent(this, FileService.class);
+            intent.putExtra(FileService.KEY_LOCAL_FILE, localPath);
+            startService(intent);
+        }
+    }
+}