File tree Expand file tree Collapse file tree
semmle/code/java/security Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ <!DOCTYPE qhelp PUBLIC "-//Semmle//qhelp//EN" "qhelp.dtd">
2+ <qhelp >
3+ <overview >
4+ <p ></p >
5+ </overview >
6+ <recommendation >
7+ <p ></p >
8+ </recommendation >
9+ <example >
10+ <p ></p >
11+ <sample src =" "
12+ </example >
13+ <references >
14+ <li >
15+ <a href =" " a >
16+ </li >
17+ </references >
18+ </qhelp >
Original file line number Diff line number Diff line change 1+ /** Provides classes to reason about Androind Intent redirect vulnerabilities. */
2+
13import java
24private import semmle.code.java.dataflow.DataFlow
35private import semmle.code.java.frameworks.android.Intent
46
7+ /**
8+ * A sink for Intent redirect vulnerabilities in Android,
9+ * that is, method calls that start Android components (like activities or services).
10+ */
511abstract class IntentRedirectSink extends DataFlow:: Node { }
612
13+ /** A sanitizer for data used to start an Android component. */
714abstract class IntentRedirectSanitizer extends DataFlow:: Node { }
815
16+ /**
17+ * A unit class for adding additional taint steps.
18+ *
19+ * Extend this class to add additional taint steps that should apply to `IntentRedirectConfiguration`.
20+ */
921class IntentRedirectAdditionalTaintStep extends Unit {
1022 abstract predicate step ( DataFlow:: Node node1 , DataFlow:: Node node2 ) ;
1123}
1224
25+ /** Default sink for Intent redirect vulnerabilities. */
1326private class DefaultIntentRedirectSink extends IntentRedirectSink {
1427 DefaultIntentRedirectSink ( ) {
1528 exists ( MethodAccess ma , Method m |
You can’t perform that action at this time.
0 commit comments