hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-19 03:41:07 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refactor to actually build the full flows from src to sink

Browse Source 
Add more tests for edge cases
This commit is contained in:
Tony Torralba
2021-08-26 12:21:57 +02:00
parent 4dd9e7d6a0
commit bc6c13be69
4 changed files with 84 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.ql
View File

@@ -17,8 +17,8 @@ import java
import semmle.code.java.security.AndroidIntentRedirectionQuery
import DataFlow::PathGraph
from DataFlow::PathNode source, DataFlow::PathNode sink
where hasIntentRedirectionFlowPath(source, sink)
from DataFlow::PathNode source, DataFlow::PathNode sink, IntentRedirectionConfiguration conf
where conf.hasFlowPath(source, sink)
select sink.getNode(), source, sink,
"Arbitrary Android activities or services can be started from $@.", source.getNode(),
"this user input"