updated predicates

2025-12-23 20:26:32 +01:00 · 2022-08-10 23:06:13 -04:00
parent 115f76ac5a
commit 9968d5d816
3 changed files with 17 additions and 3 deletions
--- a/java/ql/lib/semmle/code/java/security/ImplicitlyExportedAndroidComponent.qll
+++ b/java/ql/lib/semmle/code/java/security/ImplicitlyExportedAndroidComponent.qll
@@ -1,9 +1,20 @@
-/** Provides a class to reason about Android implicitly exported components. */
+/** Provides a class to identify implicitly exported Android components. */

 private import semmle.code.xml.AndroidManifest

+/** Represents an implicitly exported Android component */
 class ImplicitlyExportedAndroidComponent extends AndroidComponentXmlElement {
-  //ImplicitlyExportedAndroidComponent() {  }
+  //   ImplicitlyExportedAndroidComponent() {
+  //     not this.hasExportedAttribute() and
+  //     this.hasAnIntentFilterElement() and
+  //     not this.requiresPermissions() and
+  //     not this.getParent().(AndroidApplicationXmlElement).hasAttribute("permission") and
+  //     not this.getAnIntentFilterElement().hasLauncherCategoryElement() and
+  //     not this.getFile().(AndroidManifestXmlFile).isInBuildDirectory()
+  //   }
+  /**
+   * Holds if this Android component is implicitly exported.
+   */
  predicate isImplicitlyExported() {
    not this.hasExportedAttribute() and
    this.hasAnIntentFilterElement() and
--- a/java/ql/lib/semmle/code/xml/AndroidManifest.qll
+++ b/java/ql/lib/semmle/code/xml/AndroidManifest.qll
@@ -178,7 +178,7 @@ class AndroidComponentXmlElement extends XmlElement {
  /**
   * Holds if this component element has an `<intent-filter>` child element.
   */
-  predicate hasAnIntentFilterElement() { this.getAChild().hasName("intent-filter") }
+  predicate hasAnIntentFilterElement() { exists(this.getAnIntentFilterElement()) }

  /**
   * Gets the value of the `android:name` attribute of this component element.
--- a/java/ql/src/Security/CWE/CWE-926/ImplicitlyExportedAndroidComponent.ql
+++ b/java/ql/src/Security/CWE/CWE-926/ImplicitlyExportedAndroidComponent.ql
@@ -16,3 +16,6 @@ import semmle.code.java.security.ImplicitlyExportedAndroidComponent
 from ImplicitlyExportedAndroidComponent impExpAndroidComp
 where impExpAndroidComp.isImplicitlyExported()
 select impExpAndroidComp, "This component is implicitly exported."
+// from ImplicitlyExportedAndroidComponent impExpAndroidComp
+// where exists(impExpAndroidComp)
+// select impExpAndroidComp, "This component is implicitly exported."