hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 08:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Update to documentation.

Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
This commit is contained in:
masterofnow
2023-12-22 08:25:05 +08:00
committed by GitHub
parent 7162540faf
commit cb5733d647
2 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
java/ql/src/experimental/Security/CWE/CWE-470/LoadClassNoSignatureCheck.qhelp
View File

@@ -3,8 +3,8 @@
<overview>
<p>
If a vulnerable loads classes or code of any app based solely on the package name of the app without
first checking the package signature of the app, this could malicious app with the same package name
If an application loads classes or code from another app based solely on its package name without
first checking its package signature, this could allow a malicious app with the same package name
to be loaded through "package namespace squatting".
If the victim user install such malicious app in the same device as the vulnerable app, the vulnerable app would load
classes or code from the malicious app, potentially leading to arbitrary code execution.
@@ -13,17 +13,17 @@ classes or code from the malicious app, potentially leading to arbitrary code ex
<recommendation>
<p>
Verify that the signature of an app in addition to the package name before loading the classes or code.
Verify the package signature in addition to the package name before loading any classes or code from another application.
</p>
</recommendation>
<example>
<p>
The <code>BadClassLoader</code> class illustrate class loading with <code>android.content.pm.PackageInfo.packageName.startsWith()</code> method without any check on the package signature.
The <code>BadClassLoader</code> class illustrates class loading with the <code>android.content.pm.PackageInfo.packageName.startsWith()</code> method without any check on the package signature.
</p>
<sample src="BadClassLoader.java" />
<p>
The <code>GoodClassLoader</code> class illustrate class loading with package signature check using <code>android.content.pm.PackageManager.checkSignatures()</code> method.
The <code>GoodClassLoader</code> class illustrates class loading with correct package signature check using the <code>android.content.pm.PackageManager.checkSignatures()</code> method.
</p>
<sample src="GoodClassLoader.java" />
</example>

6
java/ql/src/experimental/Security/CWE/CWE-470/LoadClassNoSignatureCheck.ql
View File

@@ -1,8 +1,8 @@
/**
* @name Load 3rd party classes or code ('unsafe reflection') without signature check
* @description Load classes or code from 3rd party package without checking the
* package signature but only rely on package name.
* This makes it susceptible to package namespace squatting
* @description Loading classes or code from third-party packages without checking the
* package signature could make the application
* susceptible to package namespace squatting attacks,
* potentially leading to arbitrary code execution.
* @problem.severity error
* @precision high