Moved allowBackup query logic to allowsBackup pred

2025-12-23 12:16:33 +01:00 · 2022-09-07 12:08:25 -04:00
parent 5206c792b0
commit c69a2be976
2 changed files with 17 additions and 17 deletions
--- a/java/ql/lib/semmle/code/xml/AndroidManifest.qll
+++ b/java/ql/lib/semmle/code/xml/AndroidManifest.qll
@@ -79,10 +79,20 @@ class AndroidApplicationXmlElement extends XmlElement {
   * https://developer.android.com/guide/topics/data/autobackup
   */
  predicate allowsBackup() {
-    not exists(AndroidXmlAttribute attr |
-      this.getAnAttribute() = attr and
-      attr.getName() = "allowBackup" and
-      attr.getValue() = "false"
+    not this.getFile().(AndroidManifestXmlFile).isInBuildDirectory() and
+    (
+      // explicitly sets android:allowBackup="true"
+      this.allowsBackupExplicitly()
+      or
+      // Manifest providing the main intent for an application, and does not explicitly
+      // disallow the allowBackup attribute
+      this.providesMainIntent() and
+      // Check that android:allowBackup="false" is not present
+      not exists(AndroidXmlAttribute attr |
+        this.getAnAttribute() = attr and
+        attr.getName() = "allowBackup" and
+        attr.getValue() = "false"
+      )
    )
  }

@@ -91,7 +101,7 @@ class AndroidApplicationXmlElement extends XmlElement {
   *
   * https://developer.android.com/guide/topics/data/autobackup
   */
-  predicate allowsBackupExplicitly() {
+  private predicate allowsBackupExplicitly() {
    exists(AndroidXmlAttribute attr |
      this.getAnAttribute() = attr and
      attr.getName() = "allowBackup" and
@@ -103,7 +113,7 @@ class AndroidApplicationXmlElement extends XmlElement {
   * Holds if the application element contains a child element which provides the
   * `android.intent.action.MAIN` intent.
   */
-  predicate providesMainIntent() {
+  private predicate providesMainIntent() {
    exists(AndroidActivityXmlElement activity |
      activity = this.getAChild() and
      exists(AndroidIntentFilterXmlElement intentFilter |
--- a/java/ql/src/Security/CWE/CWE-312/AllowBackupAttributeEnabled.ql
+++ b/java/ql/src/Security/CWE/CWE-312/AllowBackupAttributeEnabled.ql
@@ -14,15 +14,5 @@ import java
 import semmle.code.xml.AndroidManifest

 from AndroidApplicationXmlElement androidAppElem
-where
-  not androidAppElem.getFile().(AndroidManifestXmlFile).isInBuildDirectory() and
-  (
-    // explicitly sets android:allowBackup=true
-    androidAppElem.allowsBackupExplicitly()
-    or
-    // Manifest providing the main intent for an application, and does not explicitly
-    // disallow the allowBackup attribute
-    androidAppElem.providesMainIntent() and
-    androidAppElem.allowsBackup()
-  )
+where androidAppElem.allowsBackup()
 select androidAppElem, "The 'android:allowBackup' attribute is enabled."