hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 19:55:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add additional models; fix up tests

Browse Source
This commit is contained in:
Joe Farebrother
2021-08-31 16:47:43 +01:00
parent ae461bcfe4
commit d7c7776495
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
java/ql/test/query-tests/security/CWE-927/SensitiveBroadcast.java
View File

@@ -72,7 +72,7 @@ class SensitiveBroadcast {
intent.setAction("com.example.custom_action");
intent.putExtra("ticket", ticket);
String perm = "com.example.user_permission";
context.sendBroadcast(intent, perm); // $ hasTaintFlow
context.sendBroadcast(intent, perm);
}
// GOOD - Tests broadcast of sensitive user information to a specific application.
@@ -142,7 +142,6 @@ class SensitiveBroadcast {
/**
* BAD - Tests broadcast of sensitive user information with multiple permissions using empty array initialization through two variables and `intent.getExtras().putString()`.
* Note this case of `getExtras().putString(...)` is not yet detected thus is beyond what the query is capable of.
*/
public void sendBroadcast12(Context context) {
String username = "test123";