hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 00:35:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

The query should only report cases when the method is not empty.

Browse Source
This commit is contained in:
Lukas Abfalterer
2025-03-03 10:20:46 +01:00
parent ee08e8b1fb
commit a3749530d6
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/Security/CWE/CWE-925/ImproperIntentVerification.ql
View File

@@ -14,6 +14,6 @@ import java
import semmle.code.java.security.ImproperIntentVerificationQuery
from AndroidReceiverXmlElement reg, Method orm, SystemActionName sa
where unverifiedSystemReceiver(reg, orm, sa)
where unverifiedSystemReceiver(reg, orm, sa) and orm.getBody().getBlock().getNumStmt() > 0
select orm, "This reciever doesn't verify intents it receives, and $@ to receive $@.", reg,
"it is registered", sa, "the system action " + sa.getName()