hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-27 23:57:08 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Fix more broken performance.

Browse Source
This commit is contained in:
Anders Schack-Mulligen
2025-09-08 14:08:00 +02:00
parent 66379deadd
commit 4c1fa58367
6 changed files with 34 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
java/ql/lib/semmle/code/java/frameworks/android/ExternalStorage.qll
View File

@@ -20,8 +20,10 @@ private predicate externalStorageFlowStep(DataFlow::Node node1, DataFlow::Node n
node2.asExpr().(FieldRead).getField().getInitializer() = node1.asExpr()
}
private predicate externalStorageFlow(DataFlow::Node node1, DataFlow::Node node2) {
externalStorageFlowStep*(node1, node2)
private predicate externalStorageDirFlowsTo(DataFlow::Node n) {
sourceNode(n, "android-external-storage-dir")
or
exists(DataFlow::Node mid | externalStorageDirFlowsTo(mid) and externalStorageFlowStep(mid, n))
}
/**
@@ -29,9 +31,8 @@ private predicate externalStorageFlow(DataFlow::Node node1, DataFlow::Node node2
* This is controllable by third-party applications, so is treated as a remote flow source.
*/
predicate androidExternalStorageSource(DataFlow::Node n) {
exists(DataFlow::Node externalDir, DirectFileReadExpr read |
sourceNode(externalDir, "android-external-storage-dir") and
exists(DirectFileReadExpr read |
n.asExpr() = read and
externalStorageFlow(externalDir, DataFlow::exprNode(read.getFileExpr()))
externalStorageDirFlowsTo(DataFlow::exprNode(read.getFileExpr()))
)
}