Decouple from #10177

2025-12-23 04:06:37 +01:00 · 2022-09-29 10:01:46 +02:00
parent 1bf1349167
commit 7b34b10cee
2 changed files with 6 additions and 10 deletions
--- a/java/ql/lib/semmle/code/java/security/UnsafeContentUriResolution.qll
+++ b/java/ql/lib/semmle/code/java/security/UnsafeContentUriResolution.qll
@@ -3,7 +3,6 @@
 import java
 private import semmle.code.java.dataflow.TaintTracking
 private import semmle.code.java.frameworks.android.Android
-private import semmle.code.java.security.PathSanitizer

 /** A URI that gets resolved by a `ContentResolver`. */
 abstract class ContentUriResolutionSink extends DataFlow::Node { }
@@ -50,9 +49,6 @@ private class UninterestingTypeSanitizer extends ContentUriResolutionSanitizer {
  }
 }

-private class PathSanitizer extends ContentUriResolutionSanitizer instanceof PathInjectionSanitizer {
-}
-
 private class FilenameOnlySanitizer extends ContentUriResolutionSanitizer {
  FilenameOnlySanitizer() {
    exists(Method m | this.asExpr().(MethodAccess).getMethod() = m |
--- a/java/ql/test/query-tests/security/CWE-441/Test.java
+++ b/java/ql/test/query-tests/security/CWE-441/Test.java
@@ -53,13 +53,13 @@ public class Test extends Activity {
            Uri uri = (Uri) getIntent().getParcelableExtra("URI_EXTRA");
            if (!uri.equals(Uri.parse("content://safe/uri")))
                throw new SecurityException();
-            contentResolver.openInputStream(uri); // Safe
+            contentResolver.openInputStream(uri); // $ SPURIOUS: hasTaintFlow
        }
        {
            ContentResolver contentResolver = getContentResolver();
            Uri uri = (Uri) getIntent().getParcelableExtra("URI_EXTRA");
            validateWithEquals(uri);
-            contentResolver.openInputStream(uri); // Safe
+            contentResolver.openInputStream(uri); // $ SPURIOUS: hasTaintFlow
        }
        // Allow list checks
        {
@@ -78,13 +78,13 @@ public class Test extends Activity {
                    java.nio.file.FileSystems.getDefault().getPath(path).normalize();
            if (!normalized.startsWith("/safe/path"))
                throw new SecurityException();
-            contentResolver.openInputStream(uri); // Safe
+            contentResolver.openInputStream(uri); // $ SPURIOUS: hasTaintFlow
        }
        {
            ContentResolver contentResolver = getContentResolver();
            Uri uri = (Uri) getIntent().getParcelableExtra("URI_EXTRA");
            validateWithAllowList(uri);
-            contentResolver.openInputStream(uri); // Safe
+            contentResolver.openInputStream(uri);// $ SPURIOUS: hasTaintFlow
        }
        // Block list checks
        {
@@ -103,13 +103,13 @@ public class Test extends Activity {
                    java.nio.file.FileSystems.getDefault().getPath(path).normalize();
            if (normalized.startsWith("/data"))
                throw new SecurityException();
-            contentResolver.openInputStream(uri); // Safe
+            contentResolver.openInputStream(uri); // $ SPURIOUS: hasTaintFlow
        }
        {
            ContentResolver contentResolver = getContentResolver();
            Uri uri = (Uri) getIntent().getParcelableExtra("URI_EXTRA");
            validateWithBlockList(uri);
-            contentResolver.openInputStream(uri); // Safe
+            contentResolver.openInputStream(uri); // $ SPURIOUS: hasTaintFlow
        }
    }
 }