hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Refactor ImproperIntentVerificationQuery.qll

Browse Source
This commit is contained in:
Ed Minnix
2023-03-21 13:15:01 -04:00
parent 413a6cbc4f
commit ef08a91340
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
java/ql/lib/semmle/code/java/security/ImproperIntentVerificationQuery.qll
View File

@@ -14,14 +14,12 @@ private class OnReceiveMethod extends Method {
}
/** A configuration to detect whether the `action` of an `Intent` is checked. */
private class VerifiedIntentConfig extends DataFlow::Configuration {
VerifiedIntentConfig() { this = "VerifiedIntentConfig" }
override predicate isSource(DataFlow::Node src) {
private module VerifiedIntentConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node src) {
src.asParameter() = any(OnReceiveMethod orm).getIntentParameter()
}
override predicate isSink(DataFlow::Node sink) {
predicate isSink(DataFlow::Node sink) {
exists(MethodAccess ma |
ma.getMethod().hasQualifiedName("android.content", "Intent", "getAction") and
sink.asExpr() = ma.getQualifier()
@@ -29,10 +27,12 @@ private class VerifiedIntentConfig extends DataFlow::Configuration {
}
}
private module VerifiedIntentFlow = DataFlow::Make<VerifiedIntentConfig>;
/** An `onReceive` method that doesn't verify the action of the intent it receives. */
private class UnverifiedOnReceiveMethod extends OnReceiveMethod {
UnverifiedOnReceiveMethod() {
not any(VerifiedIntentConfig c).hasFlow(DataFlow::parameterNode(this.getIntentParameter()), _)
not VerifiedIntentFlow::hasFlow(DataFlow::parameterNode(this.getIntentParameter()), _)
}
}