Add unit tests

java/ql/test/query-tests/security/CWE-287/InsecureLocalAuth.expected

@@ -0,0 +1,2 @@
+testFailures
+failures

java/ql/test/query-tests/security/CWE-287/InsecureLocalAuth.ql

@@ -0,0 +1,19 @@
+import java
+import TestUtilities.InlineExpectationsTest
+import semmle.code.java.dataflow.DataFlow
+import semmle.code.java.security.AndroidLocalAuthQuery
+
+module InsecureAuthTest implements TestSig {
+  string getARelevantTag() { result = "insecure-auth" }
+
+  predicate hasActualResult(Location location, string element, string tag, string value) {
+    tag = "insecure-auth" and
+    exists(AuthenticationSuccessCallback cb | not exists(cb.getAResultUse()) |
+      cb.getLocation() = location and
+      element = cb.toString() and
+      value = ""
+    )
+  }
+}
+
+import MakeTest<InsecureAuthTest>

java/ql/test/query-tests/security/CWE-287/Test.java

@@ -0,0 +1,94 @@
+import android.hardware.biometrics.BiometricPrompt;
+import android.hardware.fingerprint.FingerprintManager;
+
+class TestA {
+    public static void useKey(BiometricPrompt.CryptoObject key) {}
+
+
+    // GOOD: result is used
+    class Test1 extends BiometricPrompt.AuthenticationCallback {
+        @Override
+        public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) {
+            TestA.useKey(result.getCryptoObject());
+        }
+    }
+
+    // BAD: result is not used
+    class Test2 extends BiometricPrompt.AuthenticationCallback {
+        @Override
+        public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) { // $insecure-auth
+            
+        }
+    }
+
+    // BAD: result is only used in a super call
+    class Test3 extends BiometricPrompt.AuthenticationCallback {
+        @Override
+        public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) { // $insecure-auth
+            super.onAuthenticationSucceeded(result);
+        }
+    }
+
+    // GOOD: result is used
+    class Test4 extends BiometricPrompt.AuthenticationCallback {
+        @Override
+        public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) {
+            super.onAuthenticationSucceeded(result);
+            TestA.useKey(result.getCryptoObject());
+        }
+    }
+
+    // GOOD: result is used in a super call to a class other than the base class
+    class Test5 extends Test1 {
+        @Override
+        public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) {
+            super.onAuthenticationSucceeded(result);
+        }
+    }
+}
+
+class TestB {
+    public static void useKey(FingerprintManager.CryptoObject key) {}
+
+
+    // GOOD: result is used
+    class Test1 extends FingerprintManager.AuthenticationCallback {
+        @Override
+        public void onAuthenticationSucceeded(FingerprintManager.AuthenticationResult result) {
+            TestB.useKey(result.getCryptoObject());
+        }
+    }
+
+    // BAD: result is not used
+    class Test2 extends FingerprintManager.AuthenticationCallback {
+        @Override
+        public void onAuthenticationSucceeded(FingerprintManager.AuthenticationResult result) { // $insecure-auth
+            
+        }
+    }
+
+    // BAD: result is only used in a super call
+    class Test3 extends FingerprintManager.AuthenticationCallback {
+        @Override
+        public void onAuthenticationSucceeded(FingerprintManager.AuthenticationResult result) { // $insecure-auth
+            super.onAuthenticationSucceeded(result);
+        }
+    }
+
+    // GOOD: result is used
+    class Test4 extends FingerprintManager.AuthenticationCallback {
+        @Override
+        public void onAuthenticationSucceeded(FingerprintManager.AuthenticationResult result) {
+            super.onAuthenticationSucceeded(result);
+            TestB.useKey(result.getCryptoObject());
+        }
+    }
+
+    // GOOD: result is used in a super call to a class other than the base class
+    class Test5 extends Test1 {
+        @Override
+        public void onAuthenticationSucceeded(FingerprintManager.AuthenticationResult result) {
+            super.onAuthenticationSucceeded(result);
+        }
+    }
+}

java/ql/test/query-tests/security/CWE-287/options

@@ -0,0 +1 @@
+//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/google-android-9.0.0