hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 02:35:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refactor java/android/webview-debugging-enabled

Browse Source
This commit is contained in:
Ed Minnix
2023-03-16 14:38:54 -04:00
parent 559f6a5f20
commit 768102ee92
3 changed files with 44 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
java/ql/test/query-tests/security/CWE-489/webview-debugging/WebviewDebuggingEnabled.ql
View File

@@ -1,15 +1,18 @@
import java
import TestUtilities.InlineFlowTest
import semmle.code.java.security.WebviewDubuggingEnabledQuery
import TestUtilities.InlineExpectationsTest
import semmle.code.java.security.WebviewDebuggingEnabledQuery
class EnableLegacy extends EnableLegacyConfiguration {
EnableLegacy() { exists(this) }
}
class HasFlowTest extends InlineExpectationsTest {
HasFlowTest() { this = "HasFlowTest" }
class HasFlowTest extends InlineFlowTest {
override DataFlow::Configuration getTaintFlowConfig() { none() }
override string getARelevantTag() { result = "hasValueFlow" }
override DataFlow::Configuration getValueFlowConfig() {
result = any(WebviewDebugEnabledConfig c)
override predicate hasActualResult(Location location, string element, string tag, string value) {
tag = "hasValueFlow" and
exists(DataFlow::Node sink | WebviewDebugEnabledFlow::hasFlowTo(sink) |
location = sink.getLocation() and
element = "sink" and
value = ""
)
}
}