hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-13 05:31:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
102cdcdab88ab71cae14ddbdd117f797ba261ee3
codeql/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulationQuery.qll
Tony Torralba 265f8a3b19 Make bitwise taintsteps specific for this query
2022-01-20 13:23:56 +01:00

35 lines
1.2 KiB
Plaintext
Raw Blame History

/**
* Provides taint tracking configurations to be used in queries related to Intent URI permission
* manipulation in Android.
*/
import java
private import semmle.code.java.dataflow.FlowSources
private import semmle.code.java.dataflow.DataFlow
private import IntentUriPermissionManipulation
/**
* A taint tracking configuration for user-provided Intents being returned to third party apps.
*/
class IntentUriPermissionManipulationConf extends TaintTracking::Configuration {
IntentUriPermissionManipulationConf() { this = "UriPermissionManipulationConf" }
override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
override predicate isSink(DataFlow::Node sink) {
sink instanceof IntentUriPermissionManipulationSink
}
override predicate isSanitizer(DataFlow::Node barrier) {
barrier instanceof IntentUriPermissionManipulationSanitizer
}
override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
guard instanceof IntentUriPermissionManipulationGuard
}
override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
any(IntentUriPermissionManipulationAdditionalTaintStep c).step(node1, node2)
}
}
Reference in New Issue View Git Blame Copy Permalink