hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Clean up query and test files

Browse Source
This commit is contained in:
luchua-bc
2020-10-31 13:37:36 +00:00
parent b1d6bc5ba9
commit 7ac3fb41d5
9 changed files with 27 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/src/semmle/code/java/dataflow/FlowSteps.qll
View File

@@ -4,7 +4,6 @@
private import java
private import semmle.code.java.dataflow.DataFlow
private import semmle.code.java.dataflow.FlowSources
/**
* A module importing the frameworks that implement additional flow steps,

9
java/ql/src/semmle/code/java/frameworks/android/Android.qll
View File

@@ -34,11 +34,16 @@ class AndroidComponent extends Class {
* An Android component that can be explicitly or implicitly exported.
*/
class ExportableAndroidComponent extends AndroidComponent {
/** Holds if this Android component is configured as `exported` or has intent filters configured without `exported` explicitly disabled in an `AndroidManifest.xml` file. */
/**
* Holds if this Android component is configured as `exported` or has intent
* filters configured without `exported` explicitly disabled in an
* `AndroidManifest.xml` file.
*/
override predicate isExported() {
getAndroidComponentXmlElement().isExported()
or
not getAndroidComponentXmlElement().isNotExported() and hasIntentFilter()
hasIntentFilter() and
not getAndroidComponentXmlElement().isNotExported()
}
}

2
java/ql/src/semmle/code/java/frameworks/android/Intent.qll
View File

@@ -50,4 +50,4 @@ class BundleGetterMethods extends Method, TaintPreservingCallable {
}
override predicate returnsTaintFrom(int arg) { arg = -1 }
}
}

1
java/ql/test/experimental/query-tests/security/CWE-927/ExecTainted.qlref
View File

@@ -1 +0,0 @@
Security/CWE/CWE-078/ExecTainted.ql

1
java/ql/test/experimental/query-tests/security/CWE-927/options
View File

@@ -1 +0,0 @@
// semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/google-android-9.0.0

0
java/ql/test/experimental/query-tests/security/CWE-927/AndroidManifest.xml → java/ql/test/library-tests/dataflow/taintsources/AndroidManifest.xml
View File

0
java/ql/test/experimental/query-tests/security/CWE-927/IntentSources.java → java/ql/test/library-tests/dataflow/taintsources/IntentSources.java
View File

2
java/ql/test/library-tests/dataflow/taintsources/options
View File

@@ -1 +1 @@
//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/servlet-api-2.4:${testdir}/../../../stubs/springframework-5.2.3
//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/servlet-api-2.4:${testdir}/../../../stubs/springframework-5.2.3:${testdir}/../../../stubs/google-android-9.0.0

18
java/ql/test/library-tests/dataflow/taintsources/remote.expected
View File

@@ -5,6 +5,24 @@
| A.java:41:5:41:53 | getInputStream(...) | A.java:41:5:41:53 | getInputStream(...) |
| A.java:42:5:42:45 | getInputStream(...) | A.java:42:5:42:45 | getInputStream(...) |
| A.java:43:5:43:47 | getHostName(...) | A.java:43:5:43:47 | getHostName(...) |
| IntentSources.java:9:20:9:35 | getIntent(...) | ../../../stubs/google-android-9.0.0/android/content/Intent.java:1057:19:1057:32 | parameter this |
| IntentSources.java:9:20:9:35 | getIntent(...) | IntentSources.java:9:20:9:35 | getIntent(...) |
| IntentSources.java:9:20:9:35 | getIntent(...) | IntentSources.java:9:20:9:57 | getStringExtra(...) |
| IntentSources.java:9:20:9:35 | getIntent(...) | IntentSources.java:10:29:10:35 | trouble |
| IntentSources.java:16:20:16:30 | getIntent(...) | ../../../stubs/google-android-9.0.0/android/content/Intent.java:1057:19:1057:32 | parameter this |
| IntentSources.java:16:20:16:30 | getIntent(...) | IntentSources.java:16:20:16:30 | getIntent(...) |
| IntentSources.java:16:20:16:30 | getIntent(...) | IntentSources.java:16:20:16:52 | getStringExtra(...) |
| IntentSources.java:16:20:16:30 | getIntent(...) | IntentSources.java:17:29:17:35 | trouble |
| IntentSources.java:23:20:23:30 | getIntent(...) | ../../../stubs/google-android-9.0.0/android/content/Intent.java:1356:19:1356:27 | parameter this |
| IntentSources.java:23:20:23:30 | getIntent(...) | ../../../stubs/google-android-9.0.0/android/os/BaseBundle.java:599:19:599:27 | parameter this |
| IntentSources.java:23:20:23:30 | getIntent(...) | IntentSources.java:23:20:23:30 | getIntent(...) |
| IntentSources.java:23:20:23:30 | getIntent(...) | IntentSources.java:23:20:23:42 | getExtras(...) |
| IntentSources.java:23:20:23:30 | getIntent(...) | IntentSources.java:23:20:23:59 | getString(...) |
| IntentSources.java:23:20:23:30 | getIntent(...) | IntentSources.java:24:29:24:35 | trouble |
| IntentSources.java:33:20:33:33 | getIntent(...) | ../../../stubs/google-android-9.0.0/android/content/Intent.java:1057:19:1057:32 | parameter this |
| IntentSources.java:33:20:33:33 | getIntent(...) | IntentSources.java:33:20:33:33 | getIntent(...) |
| IntentSources.java:33:20:33:33 | getIntent(...) | IntentSources.java:33:20:33:55 | getStringExtra(...) |
| IntentSources.java:33:20:33:33 | getIntent(...) | IntentSources.java:34:29:34:35 | trouble |
| RmiFlowImpl.java:4:30:4:40 | path | RmiFlowImpl.java:4:30:4:40 | path |
| RmiFlowImpl.java:4:30:4:40 | path | RmiFlowImpl.java:5:20:5:31 | ... + ... |
| RmiFlowImpl.java:4:30:4:40 | path | RmiFlowImpl.java:5:28:5:31 | path |