hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Refactor CWE-940/AndroidIntentRedirection

Browse Source
This commit is contained in:
Ed Minnix
2023-03-16 22:05:20 -04:00
parent 1e0c6811a4
commit d68bec98bc
3 changed files with 37 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.ql
View File

@@ -15,10 +15,10 @@
import java
import semmle.code.java.security.AndroidIntentRedirectionQuery
import DataFlow::PathGraph
import IntentRedirectionFlow::PathGraph
from DataFlow::PathNode source, DataFlow::PathNode sink, IntentRedirectionConfiguration conf
where conf.hasFlowPath(source, sink)
from IntentRedirectionFlow::PathNode source, IntentRedirectionFlow::PathNode sink
where IntentRedirectionFlow::hasFlowPath(source, sink)
select sink.getNode(), source, sink,
"Arbitrary Android activities or services can be started from a $@.", source.getNode(),
"user-provided value"