hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.23.6
codeql/java/ql/test/experimental/query-tests/security/CWE-200/LeakFileActivity.java

27 lines
868 B
Java
Raw Permalink Blame History

import java.io.RandomAccessFile;
import android.app.Activity;
import android.content.Intent;
import android.net.Uri;
import android.os.Bundle;
public class LeakFileActivity extends Activity {
@Override
// BAD: Load file from activity without validation
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
if (requestCode == GetFileActivity.REQUEST_CODE__SELECT_CONTENT_FROM_APPS &&
resultCode == RESULT_OK) {
loadOfContentFromApps(data, resultCode);
}
}
private void loadOfContentFromApps(Intent contentIntent, int resultCode) {
Uri streamsToUpload = contentIntent.getData();
try {
RandomAccessFile file = new RandomAccessFile(streamsToUpload.getPath(), "r");
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
Reference in New Issue View Git Blame Copy Permalink