hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-27 20:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: Convert WebViewGetUrlMethod to CSV based flow source

Browse Source
This commit is contained in:
Tamas Vajk
2021-03-01 13:07:20 +01:00
parent 8ba820cae1
commit e0c51b510f
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/src/semmle/code/java/dataflow/ExternalFlow.qll
View File

@@ -162,7 +162,11 @@ private predicate sourceModelCsv(string row) {
"android.util;AttributeSet;false;getIdAttribute;;;ReturnValue;remote",
"android.util;AttributeSet;false;getIdAttributeResourceValue;;;ReturnValue;remote",
"android.util;AttributeSet;false;getPositionDescription;;;ReturnValue;remote",
"android.util;AttributeSet;false;getStyleAttribute;;;ReturnValue;remote"
"android.util;AttributeSet;false;getStyleAttribute;;;ReturnValue;remote",
// The current URL in a browser may be untrusted or uncontrolled.
// WebViewGetUrlMethod
"android.webkit;WebView;false;getUrl;();;ReturnValue;remote",
"android.webkit;WebView;false;getOriginalUrl;();;ReturnValue;remote"
]
}

4
java/ql/src/semmle/code/java/dataflow/FlowSources.qll
View File

@@ -215,9 +215,7 @@ class DatabaseInput extends LocalUserInput {
private class RemoteTaintedMethod extends Method {
RemoteTaintedMethod() {
this instanceof PlayRequestGetMethod or
this instanceof SpringRestTemplateResponseEntityMethod or
// The current URL in a browser may be untrusted or uncontrolled.
this instanceof WebViewGetUrlMethod
this instanceof SpringRestTemplateResponseEntityMethod
}
}