hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-18 19:31:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

added predicates in the AndroidManifest library and adjusted tests

Browse Source
This commit is contained in:
Jami Cogswell
2022-08-03 08:58:16 -04:00
parent 229324fde0
commit 6e10fcf519
8 changed files with 94 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
java/ql/src/Security/CWE/CWE-489/DebuggableAttributeEnabled.ql
View File

@@ -13,9 +13,8 @@
import java
import semmle.code.xml.AndroidManifest
from AndroidXmlAttribute androidXmlAttr
from AndroidApplicationXmlElement androidAppElem
where
androidXmlAttr.getName() = "debuggable" and
androidXmlAttr.getValue() = "true" and
not androidXmlAttr.getLocation().getFile().getRelativePath().matches("%build%")
select androidXmlAttr, "The 'android:debuggable' attribute is enabled."
androidAppElem.isDebuggable() and
not androidAppElem.getFile().isInBuildDirectory()
select androidAppElem.getAttribute("debuggable"), "The 'android:debuggable' attribute is enabled."