hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d28316d3974dfb51d42853e1e57a4104ce2de7f7
codeql/java/ql/test/library-tests/frameworks/android/slice/test.ql
Ed Minnix 59e59125d6 Refactor tests
2023-04-24 17:10:32 -04:00

38 lines
1.2 KiB
Plaintext
Raw Blame History

import java
import semmle.code.java.dataflow.TaintTracking
import TestUtilities.InlineFlowTest
import semmle.code.java.dataflow.FlowSources
module SliceValueFlowConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) {
DefaultFlowConfig::isSource(source) or source instanceof RemoteFlowSource
}
predicate isSink = DefaultFlowConfig::isSink/1;
}
module SliceValueFlow = DataFlow::Global<SliceValueFlowConfig>;
module SliceTaintFlowConfig implements DataFlow::ConfigSig {
predicate isSource = DefaultFlowConfig::isSource/1;
predicate isSink = DefaultFlowConfig::isSink/1;
predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c) {
DefaultFlowConfig::isSink(node) and
c.(DataFlow::SyntheticFieldContent).getField() = "androidx.slice.Slice.action"
}
}
module SliceTaintFlow = TaintTracking::Global<SliceTaintFlowConfig>;
class SliceFlowTest extends InlineFlowTest {
override predicate hasValueFlow(DataFlow::Node source, DataFlow::Node sink) {
SliceValueFlow::flow(source, sink)
}
override predicate hasTaintFlow(DataFlow::Node source, DataFlow::Node sink) {
SliceTaintFlow::flow(source, sink)
}
}
Reference in New Issue View Git Blame Copy Permalink