hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add test and fix a bug

Browse Source
This commit is contained in:
Joe Farebrother
2022-12-15 15:05:06 +00:00
parent b96edb9c64
commit de565f9ccc
4 changed files with 44 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
java/ql/test/query-tests/security/CWE-927/SensitiveResultReceiver.expected Normal file
View File

13
java/ql/test/query-tests/security/CWE-927/SensitiveResultReceiver.java Normal file
View File

@@ -0,0 +1,13 @@
import android.os.Bundle;
import android.os.ResultReceiver;
class SensitiveResultReceiver {
<T> T source() { return null; }
void test1(String password) {
ResultReceiver rec = source();
Bundle b = new Bundle();
b.putCharSequence("pass", password);
rec.send(0, b); // $hasSensitiveResultReceiver
}
}

25
java/ql/test/query-tests/security/CWE-927/SensitiveResultReceiver.ql Normal file
View File

@@ -0,0 +1,25 @@
import java
import TestUtilities.InlineExpectationsTest
import semmle.code.java.security.SensitiveResultReceiverQuery
class TestSource extends RemoteFlowSource {
TestSource() { this.asExpr().(MethodAccess).getMethod().hasName("source") }
override string getSourceType() { result = "test" }
}
class ResultReceiverTest extends InlineExpectationsTest {
ResultReceiverTest() { this = "ResultReceiverTest" }
override string getARelevantTag() { result = "hasSensitiveResultReceiver" }
override predicate hasActualResult(Location loc, string element, string tag, string value) {
exists(DataFlow::PathNode src, DataFlow::PathNode sink, DataFlow::Node recSrc |
sensitiveResultReceiver(src, sink, recSrc) and
element = sink.toString() and
loc = sink.getNode().getLocation() and
tag = "hasSensitiveResultReceiver" and
value = ""
)
}
}