hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 19:55:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix qhelp and formatting

Browse Source
This commit is contained in:
Tony Torralba
2021-08-03 17:50:04 +02:00
parent 031fa2199c
commit 9eb4cda1af
2 changed files with 9 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.qhelp
View File

@@ -7,12 +7,12 @@
</overview>
<recommendation>
<p>Do not export compontents that start other components from a user-provided Intent.
They can be made private by setting the `android:exported` property to `false` in the app's Android Manifest.</p>
They can be made private by setting the <code>android:exported</code> property to <code>false</code> in the app's Android Manifest.</p>
<p>If this is not possible, restrict either which apps can send Intents to the affected component, or which components can be started from it.</p>
</recommendation>
<example>
<p>The following snippet contains two examples.
In the first example, an arbitrary component can be started from the externally provided `forward_intent` Intent.
In the first example, an arbitrary component can be started from the externally provided <code>forward_intent</code> Intent.
In the second example, the destination component of the Intent is first checked to make sure it is safe.</p>
<sample src="AndroidIntentRedirectionSample.java" />
</example>
@@ -27,7 +27,7 @@
</li>
<li>
Android Developers:
<a href="https://developer.android.com/guide/topics/manifest/activity-element#exported">The `android:exported` attribute</a>.
<a href="https://developer.android.com/guide/topics/manifest/activity-element#exported">The android:exported attribute</a>.
</li>
</references>
</qhelp>

15
java/ql/test/query-tests/security/CWE-940/AndroidIntentRedirectionTest.java
View File

@@ -8,6 +8,7 @@ import android.os.Bundle;
public class AndroidIntentRedirectionTest extends Activity {
public void onCreate(Bundle savedInstanceState) {
// @formatter:off
{
Intent intent = (Intent) getIntent().getParcelableExtra("forward_intent");
startActivities(new Intent[] {intent}); // $ hasAndroidIntentRedirection
@@ -17,13 +18,11 @@ public class AndroidIntentRedirectionTest extends Activity {
startActivityAsUser(intent, null); // $ hasAndroidIntentRedirection
startActivityAsUser(intent, null, null); // $ hasAndroidIntentRedirection
startActivityAsCaller(intent, null, false, 0); // $ hasAndroidIntentRedirection
startActivityAsUserFromFragment(null, intent, 0, null, null); // $
// hasAndroidIntentRedirection
startActivityAsUserFromFragment(null, intent, 0, null, null); // $ hasAndroidIntentRedirection
startActivityForResult(intent, 0); // $ hasAndroidIntentRedirection
startActivityForResult(intent, 0, null); // $ hasAndroidIntentRedirection
startActivityForResult(null, intent, 0, null); // $ hasAndroidIntentRedirection
startActivityForResultAsUser(intent, null, 0, null, null); // $
// hasAndroidIntentRedirection
startActivityForResultAsUser(intent, null, 0, null, null); // $ hasAndroidIntentRedirection
startActivityForResultAsUser(intent, 0, null, null); // $ hasAndroidIntentRedirection
startActivityForResultAsUser(intent, 0, null); // $ hasAndroidIntentRedirection
}
@@ -46,11 +45,9 @@ public class AndroidIntentRedirectionTest extends Activity {
sendStickyBroadcast(intent); // $ hasAndroidIntentRedirection
sendStickyBroadcastAsUser(intent, null); // $ hasAndroidIntentRedirection
sendStickyBroadcastAsUser(intent, null, null); // $ hasAndroidIntentRedirection
sendStickyOrderedBroadcast(intent, null, null, 0, null, null); // $
// hasAndroidIntentRedirection
sendStickyOrderedBroadcastAsUser(intent, null, null, null, 0, null, null); // $
// hasAndroidIntentRedirection
sendStickyOrderedBroadcast(intent, null, null, 0, null, null); // $ hasAndroidIntentRedirection
sendStickyOrderedBroadcastAsUser(intent, null, null, null, 0, null, null); // $ hasAndroidIntentRedirection
}
// @formatter:on
}
}