hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Switch to inline expectations tests

Browse Source
This commit is contained in:
Joe Farebrother
2021-08-31 16:28:52 +01:00
parent 4012866c6f
commit ae461bcfe4
4 changed files with 30 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
java/ql/test/query-tests/security/CWE-927/SensitiveBroadcast.expected
View File

@@ -1,37 +0,0 @@
edges
| SensitiveBroadcast.java:12:34:12:38 | token : String | SensitiveBroadcast.java:14:31:14:36 | intent |
| SensitiveBroadcast.java:13:41:13:52 | refreshToken : String | SensitiveBroadcast.java:14:31:14:36 | intent |
| SensitiveBroadcast.java:25:32:25:39 | password : String | SensitiveBroadcast.java:26:31:26:36 | intent |
| SensitiveBroadcast.java:36:35:36:39 | email : String | SensitiveBroadcast.java:38:31:38:36 | intent |
| SensitiveBroadcast.java:50:9:50:16 | userinfo [post update] [<element>] : String | SensitiveBroadcast.java:52:31:52:36 | intent |
| SensitiveBroadcast.java:50:22:50:29 | password : String | SensitiveBroadcast.java:50:9:50:16 | userinfo [post update] [<element>] : String |
| SensitiveBroadcast.java:97:35:97:40 | ticket : String | SensitiveBroadcast.java:98:54:98:59 | intent |
| SensitiveBroadcast.java:109:32:109:39 | passcode : String | SensitiveBroadcast.java:111:54:111:59 | intent |
| SensitiveBroadcast.java:136:33:136:38 | passwd : String | SensitiveBroadcast.java:140:54:140:59 | intent |
nodes
| SensitiveBroadcast.java:12:34:12:38 | token : String | semmle.label | token : String |
| SensitiveBroadcast.java:13:41:13:52 | refreshToken : String | semmle.label | refreshToken : String |
| SensitiveBroadcast.java:14:31:14:36 | intent | semmle.label | intent |
| SensitiveBroadcast.java:25:32:25:39 | password : String | semmle.label | password : String |
| SensitiveBroadcast.java:26:31:26:36 | intent | semmle.label | intent |
| SensitiveBroadcast.java:36:35:36:39 | email : String | semmle.label | email : String |
| SensitiveBroadcast.java:38:31:38:36 | intent | semmle.label | intent |
| SensitiveBroadcast.java:50:9:50:16 | userinfo [post update] [<element>] : String | semmle.label | userinfo [post update] [<element>] : String |
| SensitiveBroadcast.java:50:22:50:29 | password : String | semmle.label | password : String |
| SensitiveBroadcast.java:52:31:52:36 | intent | semmle.label | intent |
| SensitiveBroadcast.java:97:35:97:40 | ticket : String | semmle.label | ticket : String |
| SensitiveBroadcast.java:98:54:98:59 | intent | semmle.label | intent |
| SensitiveBroadcast.java:109:32:109:39 | passcode : String | semmle.label | passcode : String |
| SensitiveBroadcast.java:111:54:111:59 | intent | semmle.label | intent |
| SensitiveBroadcast.java:136:33:136:38 | passwd : String | semmle.label | passwd : String |
| SensitiveBroadcast.java:140:54:140:59 | intent | semmle.label | intent |
subpaths
#select
| SensitiveBroadcast.java:14:31:14:36 | intent | SensitiveBroadcast.java:12:34:12:38 | token : String | SensitiveBroadcast.java:14:31:14:36 | intent | Sending $@ to broadcast. | SensitiveBroadcast.java:12:34:12:38 | token | sensitive information |
| SensitiveBroadcast.java:14:31:14:36 | intent | SensitiveBroadcast.java:13:41:13:52 | refreshToken : String | SensitiveBroadcast.java:14:31:14:36 | intent | Sending $@ to broadcast. | SensitiveBroadcast.java:13:41:13:52 | refreshToken | sensitive information |
| SensitiveBroadcast.java:26:31:26:36 | intent | SensitiveBroadcast.java:25:32:25:39 | password : String | SensitiveBroadcast.java:26:31:26:36 | intent | Sending $@ to broadcast. | SensitiveBroadcast.java:25:32:25:39 | password | sensitive information |
| SensitiveBroadcast.java:38:31:38:36 | intent | SensitiveBroadcast.java:36:35:36:39 | email : String | SensitiveBroadcast.java:38:31:38:36 | intent | Sending $@ to broadcast. | SensitiveBroadcast.java:36:35:36:39 | email | sensitive information |
| SensitiveBroadcast.java:52:31:52:36 | intent | SensitiveBroadcast.java:50:22:50:29 | password : String | SensitiveBroadcast.java:52:31:52:36 | intent | Sending $@ to broadcast. | SensitiveBroadcast.java:50:22:50:29 | password | sensitive information |
| SensitiveBroadcast.java:98:54:98:59 | intent | SensitiveBroadcast.java:97:35:97:40 | ticket : String | SensitiveBroadcast.java:98:54:98:59 | intent | Sending $@ to broadcast. | SensitiveBroadcast.java:97:35:97:40 | ticket | sensitive information |
| SensitiveBroadcast.java:111:54:111:59 | intent | SensitiveBroadcast.java:109:32:109:39 | passcode : String | SensitiveBroadcast.java:111:54:111:59 | intent | Sending $@ to broadcast. | SensitiveBroadcast.java:109:32:109:39 | passcode | sensitive information |
| SensitiveBroadcast.java:140:54:140:59 | intent | SensitiveBroadcast.java:136:33:136:38 | passwd : String | SensitiveBroadcast.java:140:54:140:59 | intent | Sending $@ to broadcast. | SensitiveBroadcast.java:136:33:136:38 | passwd | sensitive information |

20
java/ql/test/query-tests/security/CWE-927/SensitiveBroadcast.java
View File

@@ -11,7 +11,7 @@ class SensitiveBroadcast {
intent.setAction("com.example.custom_action");
intent.putExtra("token", token);
intent.putExtra("refreshToken", refreshToken);
context.sendBroadcast(intent);
context.sendBroadcast(intent); // $ hasTaintFlow
}
// BAD - Tests broadcast of sensitive user information with intent extra.
@@ -23,7 +23,7 @@ class SensitiveBroadcast {
intent.setAction("com.example.custom_action");
intent.putExtra("name", userName);
intent.putExtra("pwd", password);
context.sendBroadcast(intent);
context.sendBroadcast(intent); // $ hasTaintFlow
}
// BAD - Tests broadcast of email information with extra bundle.
@@ -35,7 +35,7 @@ class SensitiveBroadcast {
Bundle bundle = new Bundle();
bundle.putString("email", email);
intent.putExtras(bundle);
context.sendBroadcast(intent);
context.sendBroadcast(intent); // $ hasTaintFlow
}
// BAD - Tests broadcast of sensitive user information with null permission.
@@ -49,7 +49,7 @@ class SensitiveBroadcast {
userinfo.add(username);
userinfo.add(password);
intent.putStringArrayListExtra("userinfo", userinfo);
context.sendBroadcast(intent, null);
context.sendBroadcast(intent, null); // $ hasTaintFlow
}
// GOOD - Tests broadcast of sensitive user information with permission using string literal.
@@ -72,7 +72,7 @@ class SensitiveBroadcast {
intent.setAction("com.example.custom_action");
intent.putExtra("ticket", ticket);
String perm = "com.example.user_permission";
context.sendBroadcast(intent, perm);
context.sendBroadcast(intent, perm); // $ hasTaintFlow
}
// GOOD - Tests broadcast of sensitive user information to a specific application.
@@ -95,7 +95,7 @@ class SensitiveBroadcast {
Intent intent = new Intent();
intent.setAction("com.example.custom_action");
intent.putExtra("ticket", ticket);
context.sendBroadcastWithMultiplePermissions(intent, new String[]{});
context.sendBroadcastWithMultiplePermissions(intent, new String[]{}); // $ hasTaintFlow
}
// BAD - Tests broadcast of sensitive user information with multiple permissions using empty array initialization through a variable.
@@ -108,7 +108,7 @@ class SensitiveBroadcast {
intent.putExtra("name", username);
intent.putExtra("pwd", passcode);
String[] perms = new String[0];
context.sendBroadcastWithMultiplePermissions(intent, perms);
context.sendBroadcastWithMultiplePermissions(intent, perms); // $ hasTaintFlow
}
// GOOD - Tests broadcast of sensitive user information with multiple permissions.
@@ -133,11 +133,11 @@ class SensitiveBroadcast {
intent.setAction("com.example.custom_action");
Bundle bundle = new Bundle();
bundle.putString("name", username);
bundle.putString("pwd", passwd);
bundle.putString("pwd", passwd);
intent.putExtras(bundle);
String[] perms = new String[0];
String[] perms2 = perms;
context.sendBroadcastWithMultiplePermissions(intent, perms2);
context.sendBroadcastWithMultiplePermissions(intent, perms2); // $ hasTaintFlow
}
/**
@@ -156,7 +156,7 @@ class SensitiveBroadcast {
intent.getExtras().putString("pwd", password);
String[] perms = new String[0];
String[] perms2 = perms;
context.sendBroadcastWithMultiplePermissions(intent, perms2);
context.sendBroadcastWithMultiplePermissions(intent, perms2); // $ hasTaintFlow
}
// GOOD - Tests broadcast of sensitive user information with ordered broadcast.

20
java/ql/test/query-tests/security/CWE-927/SensitiveBroadcast.ql Normal file
View File

@@ -0,0 +1,20 @@
import java
import semmle.code.java.security.AndroidSensitiveBroadcastQuery
import TestUtilities.InlineExpectationsTest
class HasFlowTest extends InlineExpectationsTest {
HasFlowTest() { this = "HasFlowTest" }
override string getARelevantTag() { result = "hasTaintFlow" }
override predicate hasActualResult(Location location, string element, string tag, string value) {
tag = "hasTaintFlow" and
exists(DataFlow::Node src, DataFlow::Node sink, SensitiveBroadcastConfig conf |
conf.hasFlow(src, sink)
|
sink.getLocation() = location and
element = sink.toString() and
value = ""
)
}
}

1
java/ql/test/query-tests/security/CWE-927/SensitiveBroadcast.qlref
View File

@@ -1 +0,0 @@
Security/CWE/CWE-927/SensitiveBroadcast.ql