From cb717a22bf981f59a518b6f73f83a5677abdcad9 Mon Sep 17 00:00:00 2001
From: Joe Farebrother <joefarebrother@github.com>
Date: Wed, 18 May 2022 17:49:38 +0100
Subject: [PATCH] Fix failing test cases

---
 .../frameworks/android/ExternalStorage.qll     | 18 +++++++++++-------
 .../android/external-storage/Test.java         | 14 +++++++-------
 2 files changed, 18 insertions(+), 14 deletions(-)

diff --git a/java/ql/lib/semmle/code/java/frameworks/android/ExternalStorage.qll b/java/ql/lib/semmle/code/java/frameworks/android/ExternalStorage.qll
index b52fad076ed..8fa914d6dfc 100644
--- a/java/ql/lib/semmle/code/java/frameworks/android/ExternalStorage.qll
+++ b/java/ql/lib/semmle/code/java/frameworks/android/ExternalStorage.qll
@@ -1,7 +1,7 @@
 /** Provides definitions for working with uses of Android external storage */
 
 import java
-import semmle.code.java.dataflow.DataFlow
+private import semmle.code.java.dataflow.DataFlow
 private import semmle.code.java.dataflow.ExternalFlow
 
 private class ExternalStorageDirSourceModel extends SourceModelCsv {
@@ -10,11 +10,11 @@ private class ExternalStorageDirSourceModel extends SourceModelCsv {
       [
         //"package;type;overrides;name;signature;ext;spec;kind"
         "android.content;Context;true;getExternalFilesDir;(String);;ReturnValue;android-external-storage-dir",
-        "android.content;Context;true;getExternalFilesDirs;(String);;ReturnValue.ArrayElement;android-external-storage-dir",
-        "android.content;Context;true;getExternalCachesDir;(String);;ReturnValue;android-external-storage-dir",
-        "android.content;Context;true;getExternalCachesDirs;(String);;ReturnValue.ArrayElement;android-external-storage-dir",
-        "android.os;Environment;false;getExternalStorageDirectory;(String);;ReturnValue.ArrayElement;android-external-storage-dir",
-        "android.os;Environment;false;getExternalStoragePublicDirectory;(String);;ReturnValue.ArrayElement;android-external-storage-dir",
+        "android.content;Context;true;getExternalFilesDirs;(String);;ReturnValue;android-external-storage-dir",
+        "android.content;Context;true;getExternalCacheDir;();;ReturnValue;android-external-storage-dir",
+        "android.content;Context;true;getExternalCacheDirs;();;ReturnValue;android-external-storage-dir",
+        "android.os;Environment;false;getExternalStorageDirectory;();;ReturnValue;android-external-storage-dir",
+        "android.os;Environment;false;getExternalStoragePublicDirectory;(String);;ReturnValue;android-external-storage-dir",
       ]
   }
 }
@@ -23,9 +23,13 @@ private predicate externalStorageFlowStep(DataFlow::Node node1, DataFlow::Node n
   DataFlow::localFlowStep(node1, node2)
   or
   exists(ConstructorCall c | c.getConstructedType() instanceof TypeFile |
-    node1.asExpr() = c.getArgument(1) and
+    node1.asExpr() = c.getArgument(0) and
     node2.asExpr() = c
   )
+  or
+  node2.asExpr().(ArrayAccess).getArray() = node1.asExpr()
+  or
+  node2.asExpr().(FieldRead).getField().getInitializer() = node1.asExpr()
 }
 
 private predicate externalStorageFlow(DataFlow::Node node1, DataFlow::Node node2) {
diff --git a/java/ql/test/library-tests/frameworks/android/external-storage/Test.java b/java/ql/test/library-tests/frameworks/android/external-storage/Test.java
index 92eb50368ae..0955abc4828 100644
--- a/java/ql/test/library-tests/frameworks/android/external-storage/Test.java
+++ b/java/ql/test/library-tests/frameworks/android/external-storage/Test.java
@@ -13,39 +13,39 @@ class Test {
         InputStream is = new FileInputStream(f);
         byte[] data = new byte[is.available()];
         is.read(data);
-        sink(data); // $hasTaintFlow
+        sink(data); // $ hasTaintFlow
         is.close();
     }
 
     void test2(Context ctx) throws IOException {
         File f = new File(new File(new File(ctx.getExternalFilesDirs(null)[0], "things"), "stuff"), "file.txt");
-        sink(new FileInputStream(f)); // $hasTaintFlow
+        sink(new FileInputStream(f)); // $ hasTaintFlow
     }
 
     void test3(Context ctx) throws IOException {
         File f = new File(ctx.getExternalCacheDir(), "file.txt");
-        sink(new FileInputStream(f)); // $hasTaintFlow
+        sink(new FileInputStream(f)); // $ hasTaintFlow
     }
 
     void test4(Context ctx) throws IOException {
         File f = new File(ctx.getExternalCacheDirs()[0], "file.txt");
-        sink(new FileInputStream(f)); // $hasTaintFlow
+        sink(new FileInputStream(f)); // $ hasTaintFlow
     }
 
     void test5(Context ctx) throws IOException {
         File f = new File(Environment.getExternalStorageDirectory(), "file.txt");
-        sink(new FileInputStream(f)); // $hasTaintFlow
+        sink(new FileInputStream(f)); // $ hasTaintFlow
     }
 
     void test6(Context ctx) throws IOException {
         File f = new File(Environment.getExternalStoragePublicDirectory(null), "file.txt");
-        sink(new FileInputStream(f)); // $hasTaintFlow
+        sink(new FileInputStream(f)); // $ hasTaintFlow
     }
 
     static final File dir = Environment.getExternalStorageDirectory();
  
     void test7(Context ctx) throws IOException {
         File f = new File(dir, "file.txt");
-        sink(new FileInputStream(f)); // $hasTaintFlow
+        sink(new FileInputStream(f)); // $ hasTaintFlow 
     }
  }
\ No newline at end of file