From 0eaad4136e1e80849dac78be8874ad07fcc3d1e7 Mon Sep 17 00:00:00 2001
From: Ed Minnix <egregius313@github.com>
Date: Mon, 6 Mar 2023 10:03:07 -0500
Subject: [PATCH] Add RemoteFlowSource as a valid source

---
 java/ql/src/Security/CWE/CWE-094/ArbitraryAPKInstallation.ql | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/java/ql/src/Security/CWE/CWE-094/ArbitraryAPKInstallation.ql b/java/ql/src/Security/CWE/CWE-094/ArbitraryAPKInstallation.ql
index 1b0765da8e2..027776a6082 100644
--- a/java/ql/src/Security/CWE/CWE-094/ArbitraryAPKInstallation.ql
+++ b/java/ql/src/Security/CWE/CWE-094/ArbitraryAPKInstallation.ql
@@ -15,6 +15,7 @@ import semmle.code.java.frameworks.android.Intent
 import semmle.code.java.dataflow.DataFlow
 import semmle.code.java.dataflow.TaintTracking2
 import semmle.code.java.dataflow.TaintTracking3
+import semmle.code.java.dataflow.FlowSources
 private import semmle.code.java.dataflow.ExternalFlow
 import DataFlow::PathGraph
 
@@ -85,7 +86,8 @@ class ExternalApkSource extends DataFlow::Node {
   ExternalApkSource() {
     sourceNode(this, "android-external-storage-dir") or
     this.asExpr().(MethodAccess).getMethod() instanceof UriConstructorMethod or
-    this.asExpr().(StringLiteral).getValue().matches("file://%")
+    this.asExpr().(StringLiteral).getValue().matches("file://%") or
+    this instanceof RemoteFlowSource
   }
 }