From 24b34cd32f8230e33e71bb52069d47c85eaf74f3 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 22 Sep 2022 11:44:03 -0400 Subject: [PATCH] add a few more tests, and some clean-up --- .../code/java/frameworks/android/Intent.qll | 5 +- .../taintsources/IntentSourcesActivity.java | 1 - .../taintsources/IntentSourcesReceiver.java | 10 +++- .../taintsources/IntentSourcesService.java | 60 +++++++++++++++---- 4 files changed, 58 insertions(+), 18 deletions(-) diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll b/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll index 04cf7d742fd..a51348d5c34 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll @@ -65,9 +65,8 @@ class AndroidReceiveIntentMethod extends Method { } /** - * A method of type Service that receives an Intent. - * Namely, `Service.onStart`, `onStartCommand`, `onBind`, - * `onRebind`, `onUnbind`, or `onTaskRemoved` + * The method `Service.onStart`, `onStartCommand`, + * `onBind`, `onRebind`, `onUnbind`, or `onTaskRemoved` */ class AndroidServiceIntentMethod extends Method { AndroidServiceIntentMethod() { diff --git a/java/ql/test/library-tests/dataflow/taintsources/IntentSourcesActivity.java b/java/ql/test/library-tests/dataflow/taintsources/IntentSourcesActivity.java index 2709494f5a4..2c065c16821 100644 --- a/java/ql/test/library-tests/dataflow/taintsources/IntentSourcesActivity.java +++ b/java/ql/test/library-tests/dataflow/taintsources/IntentSourcesActivity.java @@ -1,7 +1,6 @@ package com.example.myapp; import android.app.Activity; -import android.content.Intent; public class IntentSourcesActivity extends Activity { diff --git a/java/ql/test/library-tests/dataflow/taintsources/IntentSourcesReceiver.java b/java/ql/test/library-tests/dataflow/taintsources/IntentSourcesReceiver.java index 956486df8d8..e7ca2ac6d73 100644 --- a/java/ql/test/library-tests/dataflow/taintsources/IntentSourcesReceiver.java +++ b/java/ql/test/library-tests/dataflow/taintsources/IntentSourcesReceiver.java @@ -11,7 +11,13 @@ public class IntentSourcesReceiver extends BroadcastReceiver { @Override public void onReceive(Context context, Intent intent) { - String trouble = intent.getStringExtra("data"); - sink(trouble); // $ hasRemoteTaintFlow + { + String trouble = intent.getStringExtra("data"); + sink(trouble); // $ hasRemoteTaintFlow + } + { + String trouble = intent.getExtras().getString("data"); + sink(trouble); // $ hasRemoteTaintFlow + } } } diff --git a/java/ql/test/library-tests/dataflow/taintsources/IntentSourcesService.java b/java/ql/test/library-tests/dataflow/taintsources/IntentSourcesService.java index 24dfc069991..0b7eabd3788 100644 --- a/java/ql/test/library-tests/dataflow/taintsources/IntentSourcesService.java +++ b/java/ql/test/library-tests/dataflow/taintsources/IntentSourcesService.java @@ -12,41 +12,77 @@ public class IntentSourcesService extends Service { @Override public void onStart(Intent intent, int startId) { - String trouble = intent.getStringExtra("data"); - sink(trouble); // $ hasRemoteTaintFlow + { + String trouble = intent.getStringExtra("data"); + sink(trouble); // $ hasRemoteTaintFlow + } + { + String trouble = intent.getExtras().getString("data"); + sink(trouble); // $ hasRemoteTaintFlow + } } @Override public int onStartCommand(Intent intent, int flags, int startId) { - String trouble = intent.getStringExtra("data"); - sink(trouble); // $ hasRemoteTaintFlow + { + String trouble = intent.getStringExtra("data"); + sink(trouble); // $ hasRemoteTaintFlow + } + { + String trouble = intent.getExtras().getString("data"); + sink(trouble); // $ hasRemoteTaintFlow + } return -1; } @Override public IBinder onBind(Intent intent) { - String trouble = intent.getStringExtra("data"); - sink(trouble); // $ hasRemoteTaintFlow + { + String trouble = intent.getStringExtra("data"); + sink(trouble); // $ hasRemoteTaintFlow + } + { + String trouble = intent.getExtras().getString("data"); + sink(trouble); // $ hasRemoteTaintFlow + } return null; } @Override public boolean onUnbind(Intent intent) { - String trouble = intent.getStringExtra("data"); - sink(trouble); // $ hasRemoteTaintFlow + { + String trouble = intent.getStringExtra("data"); + sink(trouble); // $ hasRemoteTaintFlow + } + { + String trouble = intent.getExtras().getString("data"); + sink(trouble); // $ hasRemoteTaintFlow + } return false; } @Override public void onRebind(Intent intent) { - String trouble = intent.getStringExtra("data"); - sink(trouble); // $ hasRemoteTaintFlow + { + String trouble = intent.getStringExtra("data"); + sink(trouble); // $ hasRemoteTaintFlow + } + { + String trouble = intent.getExtras().getString("data"); + sink(trouble); // $ hasRemoteTaintFlow + } } @Override public void onTaskRemoved(Intent intent) { - String trouble = intent.getStringExtra("data"); - sink(trouble); // $ hasRemoteTaintFlow + { + String trouble = intent.getStringExtra("data"); + sink(trouble); // $ hasRemoteTaintFlow + } + { + String trouble = intent.getExtras().getString("data"); + sink(trouble); // $ hasRemoteTaintFlow + } } }