remove simple query

2026-04-30 11:15:13 +02:00 · 2022-09-20 15:39:36 -04:00
parent af812cf407
commit 0f64361065
3 changed files with 0 additions and 108 deletions
--- a/java/ql/lib/semmle/code/xml/AndroidManifest.qll
+++ b/java/ql/lib/semmle/code/xml/AndroidManifest.qll
@@ -129,30 +129,6 @@ class AndroidApplicationXmlElement extends XmlElement {
 */
 class AndroidActivityXmlElement extends AndroidComponentXmlElement {
  AndroidActivityXmlElement() { this.getName() = "activity" }
-
-  // ! Consider moving this to its own .qll file under `security` like for Implicit Export Query.
-  // ! Double-check that the below actions and categories are REQUIRED for it to
-  // !   count as a deep link versus just recommended (e.g. should I just look at the
-  // !   data element instead?).
-  // ! Reference: https://developer.android.com/training/app-links/deep-linking#adding-filters
-  // ! Note: not excluding App Links since those are a subset of deep links that can still cause issues.
-  /**
-   * Holds if this `<activity>` element has a deep link.
-   */
-  predicate hasDeepLink() {
-    //exists(this.getAnIntentFilterElement()) and // has an intent filter - below all show that it has an intent-filter, duplicates work
-    this.getAnIntentFilterElement().getAnActionElement().getActionName() =
-      "android.intent.action.VIEW" and
-    this.getAnIntentFilterElement().getACategoryElement().getCategoryName() =
-      "android.intent.category.BROWSABLE" and
-    this.getAnIntentFilterElement().getACategoryElement().getCategoryName() =
-      "android.intent.category.DEFAULT" and
-    //this.getAnIntentFilterElement().getAChild("data").hasAttribute("scheme") // use below instead for 'android' prefix
-    exists(AndroidXmlAttribute attr |
-      this.getAnIntentFilterElement().getAChild("data").getAnAttribute() = attr and
-      attr.getName() = "scheme"
-    )
-  }
 }

 /**
--- a/java/ql/src/Security/CWE/CWE-939/AndroidDeeplinks_Experimental.ql
+++ b/java/ql/src/Security/CWE/CWE-939/AndroidDeeplinks_Experimental.ql
@@ -1,62 +0,0 @@
-/**
- * @name Android deep links
- * @description Android deep links
- * @problem.severity recommendation
- * @security-severity 0.1
- * @id java/android/deeplinks
- * @tags security
- *       external/cwe/cwe-939
- * @precision high
- */
-
-// ! REMOVE this file
-// * experiment with StartActivityIntentStep
-import java
-import semmle.code.xml.AndroidManifest
-
-// import semmle.code.java.dataflow.DataFlow
-// from StartServiceIntentStep startServiceIntStep, DataFlow::Node n1, DataFlow::Node n2
-// where startServiceIntStep.step(n1, n2)
-// select n2, "placeholder"
-// * experiment with Global Flow
-// import java
-// import semmle.code.java.dataflow.TaintTracking
-// import semmle.code.java.frameworks.android.Intent
-// import semmle.code.java.frameworks.android.Android
-// import semmle.code.java.dataflow.DataFlow
-// import semmle.code.java.dataflow.FlowSteps
-// import semmle.code.java.dataflow.FlowSources
-// import semmle.code.java.dataflow.ExternalFlow
-// import semmle.code.xml.AndroidManifest
-// import semmle.code.java.dataflow.TaintTracking
-// class StartComponentConfiguration extends DataFlow::Configuration {
-//   StartComponentConfiguration() { this = "StartComponentConfiguration" }
-//   // Override `isSource` and `isSink`.
-//   override predicate isSource(DataFlow::Node source) {
-//     exists(ClassInstanceExpr classInstanceExpr |
-//       classInstanceExpr.getConstructedType() instanceof TypeIntent and
-//       source.asExpr() = classInstanceExpr
-//     )
-//   }
-//   override predicate isSink(DataFlow::Node sink) {
-//     exists(MethodAccess startActivity |
-//       (
-//         startActivity.getMethod().overrides*(any(ContextStartActivityMethod m)) or
-//         startActivity.getMethod().overrides*(any(ActivityStartActivityMethod m))
-//       ) and
-//       sink.asExpr() = startActivity.getArgument(0)
-//     )
-//   }
-// }
-// from
-//   DataFlow::Node src, DataFlow::Node sink, StartComponentConfiguration config,
-// where
-//   config.hasFlow(src, sink) and
-//   sink.asExpr().getFile().getBaseName() = "MainActivity.java" // ! just for faster testing, remove when done
-// select src, "This source flows to this $@.", sink, "sink"
-// * simple query as placeholder
-from AndroidActivityXmlElement actXmlElement
-where
-  actXmlElement.hasDeepLink() and
-  not actXmlElement.getFile().(AndroidManifestXmlFile).isInBuildDirectory()
-select actXmlElement, "A deeplink is used here."
--- a/java/ql/src/Security/CWE/CWE-939/AndroidDeeplinks_SimpleQuery.ql
+++ b/java/ql/src/Security/CWE/CWE-939/AndroidDeeplinks_SimpleQuery.ql
@@ -1,22 +0,0 @@
-/**
- * @name Android deep links
- * @description Android deep links
- * @kind problem
- * @problem.severity recommendation
- * @security-severity 0.1
- * @id java/android/deeplinks
- * @tags security
- *       external/cwe/cwe-939
- * @precision high
- */
-
-import java
-import semmle.code.xml.AndroidManifest
-
-// simple query for testing and MRVA results
-// ! REMOVE this file
-from AndroidActivityXmlElement actXmlElement
-where
-  actXmlElement.hasDeepLink() and
-  not actXmlElement.getFile().(AndroidManifestXmlFile).isInBuildDirectory()
-select actXmlElement, "A deeplink is used here."