From 382e5a5a7acde9e899419f6e192c8b40cf60d403 Mon Sep 17 00:00:00 2001
From: luchua-bc <shengxin.canada@gmail.com>
Date: Tue, 30 Jun 2020 00:55:05 +0000
Subject: [PATCH] Revert "Add remote source of Android intent extra"

This reverts commit 65e76ab18fffc1f999e98bacc37289da51e55e8b.
---
 .../semmle/code/java/dataflow/FlowSources.qll | 34 -------------------
 .../code/java/frameworks/android/Android.qll  | 21 ------------
 .../src/semmle/code/xml/AndroidManifest.qll   |  5 ---
 3 files changed, 60 deletions(-)

diff --git a/java/ql/src/semmle/code/java/dataflow/FlowSources.qll b/java/ql/src/semmle/code/java/dataflow/FlowSources.qll
index 6e9810c85e8..7996a6d3142 100644
--- a/java/ql/src/semmle/code/java/dataflow/FlowSources.qll
+++ b/java/ql/src/semmle/code/java/dataflow/FlowSources.qll
@@ -20,7 +20,6 @@ import semmle.code.java.frameworks.SpringWeb
 import semmle.code.java.frameworks.Guice
 import semmle.code.java.frameworks.struts.StrutsActions
 import semmle.code.java.frameworks.Thrift
-import semmle.code.java.frameworks.android.Android
 
 /** A data flow source of remote user input. */
 abstract class RemoteFlowSource extends DataFlow::Node {
@@ -271,36 +270,3 @@ class AndroidIntentInput extends DataFlow::Node {
     )
   }
 }
-
-/**
- * Method access to external inputs of `android.content.Intent` object
- */
-class IntentGetExtraMethodAccess extends MethodAccess {
-  IntentGetExtraMethodAccess() {
-    exists(AndroidComponent ac |
-      this.getEnclosingCallable().getDeclaringType() = ac and ac.isExported()
-    ) and
-    (
-      this.getMethod().getName().regexpMatch("get\\w+Extra") and
-      this.getMethod().getDeclaringType() instanceof TypeIntent
-      or
-      this.getMethod().getName().regexpMatch("get\\w+") and
-      this.getQualifier().(MethodAccess).getMethod().hasName("getExtras") and
-      this.getQualifier().(MethodAccess).getMethod().getDeclaringType() instanceof TypeIntent
-    )
-  }
-}
-
-/**
- * Android intent extra source
- */
-private class AndroidIntentExtraSource extends RemoteFlowSource {
-  AndroidIntentExtraSource() {
-    exists(MethodAccess ma |
-      ma instanceof IntentGetExtraMethodAccess and
-      this.asExpr().(VarAccess).getVariable().getAnAssignedValue() = ma
-    )
-  }
-
-  override string getSourceType() { result = "Android intent extra" }
-}
diff --git a/java/ql/src/semmle/code/java/frameworks/android/Android.qll b/java/ql/src/semmle/code/java/frameworks/android/Android.qll
index 21638c9783f..a16c43ddfc5 100644
--- a/java/ql/src/semmle/code/java/frameworks/android/Android.qll
+++ b/java/ql/src/semmle/code/java/frameworks/android/Android.qll
@@ -32,25 +32,11 @@ class AndroidComponent extends Class {
 /** An Android activity. */
 class AndroidActivity extends AndroidComponent {
   AndroidActivity() { this.getASupertype*().hasQualifiedName("android.app", "Activity") }
-
-  /** Holds if this Android component is configured as `exported` or has intent filters configured without `exported` explicitly disabled in an `AndroidManifest.xml` file. */
-  override predicate isExported() {
-    getAndroidComponentXmlElement().isExported()
-    or
-    not getAndroidComponentXmlElement().isNotExported() and hasIntentFilter()
-  }
 }
 
 /** An Android service. */
 class AndroidService extends AndroidComponent {
   AndroidService() { this.getASupertype*().hasQualifiedName("android.app", "Service") }
-
-  /** Holds if this Android component is configured as `exported` or has intent filters configured without `exported` explicitly disabled in an `AndroidManifest.xml` file. */
-  override predicate isExported() {
-    getAndroidComponentXmlElement().isExported()
-    or
-    not getAndroidComponentXmlElement().isNotExported() and hasIntentFilter()
-  }
 }
 
 /** An Android broadcast receiver. */
@@ -58,13 +44,6 @@ class AndroidBroadcastReceiver extends AndroidComponent {
   AndroidBroadcastReceiver() {
     this.getASupertype*().hasQualifiedName("android.content", "BroadcastReceiver")
   }
-
-  /** Holds if this Android component is configured as `exported` or has intent filters configured without `exported` explicitly disabled in an `AndroidManifest.xml` file. */
-  override predicate isExported() {
-    getAndroidComponentXmlElement().isExported()
-    or
-    not getAndroidComponentXmlElement().isNotExported() and hasIntentFilter()
-  }
 }
 
 /** An Android content provider. */
diff --git a/java/ql/src/semmle/code/xml/AndroidManifest.qll b/java/ql/src/semmle/code/xml/AndroidManifest.qll
index 7c6b2f3e569..70afabc8d3d 100644
--- a/java/ql/src/semmle/code/xml/AndroidManifest.qll
+++ b/java/ql/src/semmle/code/xml/AndroidManifest.qll
@@ -137,11 +137,6 @@ class AndroidComponentXmlElement extends XMLElement {
    * Holds if the `android:exported` attribute of this component element is `true`.
    */
   predicate isExported() { getExportedAttributeValue() = "true" }
-
-  /**
-   * Holds if the `android:exported` attribute of this component element is explicitly set to `false`.
-   */
-  predicate isNotExported() { getExportedAttributeValue() = "false" }
 }
 
 /**