hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 12:45:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

draft android debug query

Browse Source
This commit is contained in:
Jami Cogswell
2022-07-27 08:31:36 -04:00
parent 79bae0caeb
commit 6720dba8e7
9 changed files with 152 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/test/query-tests/security/CWE-489/DebuggableAttributeTrue.expected Normal file
View File

@@ -0,0 +1 @@
| TestTrue.xml:7:5:17:30 | debuggable=true | Warning: 'android:debuggable=true' set |

1
java/ql/test/query-tests/security/CWE-489/DebuggableAttributeTrue.qlref Normal file
View File

@@ -0,0 +1 @@
Security/CWE/CWE-489/DebuggableAttributeTrue.ql

2
java/ql/test/query-tests/security/CWE-489/Test.java Normal file
View File

@@ -0,0 +1,2 @@
// No need for Java code since only testing XML files
public class Test { }

29
java/ql/test/query-tests/security/CWE-489/TestFalse.xml Normal file
View File

@@ -0,0 +1,29 @@
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
package="com.example.happybirthday">
<!-- Safe: 'debuggable' set to false -->
<application
android:debuggable="false"
android:allowBackup="true"
android:dataExtractionRules="@xml/data_extraction_rules"
android:fullBackupContent="@xml/backup_rules"
android:icon="@mipmap/ic_launcher"
android:label="@string/app_name"
android:roundIcon="@mipmap/ic_launcher_round"
android:supportsRtl="true"
android:theme="@style/Theme.HappyBirthday"
tools:targetApi="31">
<activity
android:name=".MainActivity"
android:exported="true">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application> <!-- test -->
</manifest>

28
java/ql/test/query-tests/security/CWE-489/TestNotSet.xml Normal file
View File

@@ -0,0 +1,28 @@
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
package="com.example.happybirthday">
<!-- Safe: 'debuggable' not set at all -->
<application
android:allowBackup="true"
android:dataExtractionRules="@xml/data_extraction_rules"
android:fullBackupContent="@xml/backup_rules"
android:icon="@mipmap/ic_launcher"
android:label="@string/app_name"
android:roundIcon="@mipmap/ic_launcher_round"
android:supportsRtl="true"
android:theme="@style/Theme.HappyBirthday"
tools:targetApi="31">
<activity
android:name=".MainActivity"
android:exported="true">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application> <!-- test -->
</manifest>

29
java/ql/test/query-tests/security/CWE-489/TestTrue.xml Normal file
View File

@@ -0,0 +1,29 @@
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
package="com.example.happybirthday">
<!-- Not Safe: 'debuggable' set to true -->
<application
android:debuggable="true"
android:allowBackup="true"
android:dataExtractionRules="@xml/data_extraction_rules"
android:fullBackupContent="@xml/backup_rules"
android:icon="@mipmap/ic_launcher"
android:label="@string/app_name"
android:roundIcon="@mipmap/ic_launcher_round"
android:supportsRtl="true"
android:theme="@style/Theme.HappyBirthday"
tools:targetApi="31">
<activity
android:name=".MainActivity"
android:exported="true">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application> <!-- test -->
</manifest>

1
java/ql/test/query-tests/security/CWE-489/options Normal file
View File

@@ -0,0 +1 @@
//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/google-android-9.0.0