Change allowBackup tests to use qlref test format

Due to some limitations of comments in XML, it is simpler to implement the `android:allowBackup` tests using the qlref/expectations test format.
2026-04-25 08:45:14 +02:00 · 2022-09-08 10:34:17 -04:00
parent e69a8269ad
commit 59909751ae
6 changed files with 7 additions and 20 deletions
--- a/java/ql/test/query-tests/security/CWE-312/android/backup/AllowBackupEnabledTest.expected
+++ b/java/ql/test/query-tests/security/CWE-312/android/backup/AllowBackupEnabledTest.expected
@@ -0,0 +1,2 @@
+| TestExplicitlyEnabled/AndroidManifest.xml:6:5:27:19 | application | The 'android:allowBackup' attribute is enabled. |
+| TestMissing/AndroidManifest.xml:6:5:27:19 | application | The 'android:allowBackup' attribute is enabled. |
--- a/java/ql/test/query-tests/security/CWE-312/android/backup/AllowBackupEnabledTest.ql
+++ b/java/ql/test/query-tests/security/CWE-312/android/backup/AllowBackupEnabledTest.ql
@@ -1,18 +0,0 @@
-import java
-import semmle.code.xml.AndroidManifest
-import TestUtilities.InlineExpectationsTest
-
-class AllowBackupEnabledTest extends InlineExpectationsTest {
-  AllowBackupEnabledTest() { this = "AllowBackupEnabledTest" }
-
-  override string getARelevantTag() { result = "hasAllowBackupEnabled" }
-
-  override predicate hasActualResult(Location location, string element, string tag, string value) {
-    tag = "hasAllowedBackupEnabled" and
-    exists(AndroidApplicationXmlElement androidAppElem | androidAppElem.allowsBackup() |
-      androidAppElem.getAttribute("allowBackup").getLocation() = location and
-      element = androidAppElem.getAttribute("debuggable").toString() and
-      value = ""
-    )
-  }
-}
--- a/java/ql/test/query-tests/security/CWE-312/android/backup/AllowBackupEnabledTest.qlref
+++ b/java/ql/test/query-tests/security/CWE-312/android/backup/AllowBackupEnabledTest.qlref
@@ -0,0 +1 @@
+Security/CWE/CWE-312/AllowBackupAttributeEnabled.ql
--- a/java/ql/test/query-tests/security/CWE-312/android/backup/TestExplicitlyEnabled/AndroidManifest.xml
+++ b/java/ql/test/query-tests/security/CWE-312/android/backup/TestExplicitlyEnabled/AndroidManifest.xml
@@ -3,7 +3,7 @@
    xmlns:tools="http://schemas.android.com/tools"
    package="com.example.myapplication">

-    <!-- $ hasAllowBackupEnabled --> <application
+    <application
        android:allowBackup="true"
        android:dataExtractionRules="@xml/data_extraction_rules"
        android:fullBackupContent="@xml/backup_rules"
--- a/java/ql/test/query-tests/security/CWE-312/android/backup/TestMissing/AndroidManifest.xml
+++ b/java/ql/test/query-tests/security/CWE-312/android/backup/TestMissing/AndroidManifest.xml
@@ -3,7 +3,7 @@
    xmlns:tools="http://schemas.android.com/tools"
    package="com.example.myapplication">

-    <!-- $ hasAllowBackupEnabled --> <application
+    <application
        android:dataExtractionRules="@xml/data_extraction_rules"
        android:fullBackupContent="@xml/backup_rules"
        android:icon="@mipmap/ic_launcher"
--- a/java/ql/test/query-tests/security/CWE-312/android/backup/options
+++ b/java/ql/test/query-tests/security/CWE-312/android/backup/options
@@ -0,0 +1,2 @@
+// semmle-extractor-options: --javac-args -cp ${testdir}/../../../../../stubs/google-android-9.0.0
+// codeql-extractor-kotlin-options: ${testdir}/../../../../../stubs/google-android-9.0.0
				`@@ -0,0 +1 @@`
				`Security/CWE/CWE-312/AllowBackupAttributeEnabled.ql`