Add tests

2026-04-22 07:15:15 +02:00 · 2022-06-20 14:54:21 +01:00
parent 16e16f08dc
commit c4de158e0d
4 changed files with 74 additions and 0 deletions
--- a/java/ql/test/query-tests/security/CWE-295/ImproperWebVeiwCertificateValidation/Test.java
+++ b/java/ql/test/query-tests/security/CWE-295/ImproperWebVeiwCertificateValidation/Test.java
@@ -0,0 +1,54 @@
+import android.webkit.WebViewClient;
+import android.webkit.WebView;
+import android.webkit.SslErrorHandler;
+import android.net.http.SslError;
+import android.net.http.SslCertificate;
+import android.app.AlertDialog;
+import android.content.DialogInterface;
+import android.app.Activity;
+
+class Test {
+    class A extends WebViewClient {
+        public void onReceivedSslError (WebView view, SslErrorHandler handler, SslError error) {
+            handler.proceed(); // $hasResult
+        }
+    }
+
+    interface Validator {
+        boolean isValid(SslCertificate cert);
+    }
+
+    class B extends WebViewClient {
+        Validator v;
+
+        public void onReceivedSslError (WebView view, SslErrorHandler handler, SslError error) {
+            if (this.v.isValid(error.getCertificate())) {
+                handler.proceed();
+            }
+            else {
+                handler.cancel();
+            }
+        } 
+    }
+
+    class C extends WebViewClient {
+        Activity activity;
+
+        public void onReceivedSslError (WebView view, SslErrorHandler handler, SslError error) {
+            new AlertDialog.Builder(activity).
+                        setTitle("SSL error").
+                        setMessage("SSL error. Connect anyway?").
+                        setPositiveButton("Yes", new DialogInterface.OnClickListener() {
+                            @Override
+                            public void onClick(DialogInterface dialog, int which) {
+                                handler.proceed();
+                            }
+                        }).setNegativeButton("No", new DialogInterface.OnClickListener() {
+                            @Override
+                            public void onClick(DialogInterface dialog, int which) {
+                                handler.cancel();
+                            }
+                        }).show();
+        }
+    }
+}
--- a/java/ql/test/query-tests/security/CWE-295/ImproperWebVeiwCertificateValidation/options
+++ b/java/ql/test/query-tests/security/CWE-295/ImproperWebVeiwCertificateValidation/options
@@ -0,0 +1 @@
+// semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/google-android-9.0.0
--- a/java/ql/test/query-tests/security/CWE-295/ImproperWebVeiwCertificateValidation/test.expected
+++ b/java/ql/test/query-tests/security/CWE-295/ImproperWebVeiwCertificateValidation/test.expected
--- a/java/ql/test/query-tests/security/CWE-295/ImproperWebVeiwCertificateValidation/test.ql
+++ b/java/ql/test/query-tests/security/CWE-295/ImproperWebVeiwCertificateValidation/test.ql
@@ -0,0 +1,19 @@
+import java
+import semmle.code.java.security.AndroidWebViewCertificateValidationQuery
+import TestUtilities.InlineExpectationsTest
+
+class WebViewTest extends InlineExpectationsTest {
+  WebViewTest() { this = "WebViewTest" }
+
+  override string getARelevantTag() { result = "hasResult" }
+
+  override predicate hasActualResult(Location location, string element, string tag, string value) {
+    exists(OnReceivedSslErrorMethod m |
+      trustsAllCerts(m) and
+      location = m.getLocation() and
+      element = m.toString() and
+      tag = "hasResult" and
+      value = ""
+    )
+  }
+}
				`@@ -0,0 +1 @@`
				`// semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/google-android-9.0.0`