Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 382e5a5

Browse files
luchua-bcluchua-bc
committed
Revert "Add remote source of Android intent extra"
This reverts commit 65e76ab.
1 parent 3e8e9f9 commit 382e5a5

3 files changed

Lines changed: 0 additions & 60 deletions

File tree

java/ql/src/semmle/code/java/dataflow/FlowSources.qll

Lines changed: 0 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,6 @@ import semmle.code.java.frameworks.SpringWeb
2020
import semmle.code.java.frameworks.Guice
2121
import semmle.code.java.frameworks.struts.StrutsActions
2222
import semmle.code.java.frameworks.Thrift
23-
import semmle.code.java.frameworks.android.Android
2423

2524
/** A data flow source of remote user input. */
2625
abstract class RemoteFlowSource extends DataFlow::Node {
@@ -271,36 +270,3 @@ class AndroidIntentInput extends DataFlow::Node {
271270
)
272271
}
273272
}
274-
275-
/**
276-
* Method access to external inputs of `android.content.Intent` object
277-
*/
278-
class IntentGetExtraMethodAccess extends MethodAccess {
279-
IntentGetExtraMethodAccess() {
280-
exists(AndroidComponent ac |
281-
this.getEnclosingCallable().getDeclaringType() = ac and ac.isExported()
282-
) and
283-
(
284-
this.getMethod().getName().regexpMatch("get\\w+Extra") and
285-
this.getMethod().getDeclaringType() instanceof TypeIntent
286-
or
287-
this.getMethod().getName().regexpMatch("get\\w+") and
288-
this.getQualifier().(MethodAccess).getMethod().hasName("getExtras") and
289-
this.getQualifier().(MethodAccess).getMethod().getDeclaringType() instanceof TypeIntent
290-
)
291-
}
292-
}
293-
294-
/**
295-
* Android intent extra source
296-
*/
297-
private class AndroidIntentExtraSource extends RemoteFlowSource {
298-
AndroidIntentExtraSource() {
299-
exists(MethodAccess ma |
300-
ma instanceof IntentGetExtraMethodAccess and
301-
this.asExpr().(VarAccess).getVariable().getAnAssignedValue() = ma
302-
)
303-
}
304-
305-
override string getSourceType() { result = "Android intent extra" }
306-
}

java/ql/src/semmle/code/java/frameworks/android/Android.qll

Lines changed: 0 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -32,39 +32,18 @@ class AndroidComponent extends Class {
3232
/** An Android activity. */
3333
class AndroidActivity extends AndroidComponent {
3434
AndroidActivity() { this.getASupertype*().hasQualifiedName("android.app", "Activity") }
35-
36-
/** Holds if this Android component is configured as `exported` or has intent filters configured without `exported` explicitly disabled in an `AndroidManifest.xml` file. */
37-
override predicate isExported() {
38-
getAndroidComponentXmlElement().isExported()
39-
or
40-
not getAndroidComponentXmlElement().isNotExported() and hasIntentFilter()
41-
}
4235
}
4336

4437
/** An Android service. */
4538
class AndroidService extends AndroidComponent {
4639
AndroidService() { this.getASupertype*().hasQualifiedName("android.app", "Service") }
47-
48-
/** Holds if this Android component is configured as `exported` or has intent filters configured without `exported` explicitly disabled in an `AndroidManifest.xml` file. */
49-
override predicate isExported() {
50-
getAndroidComponentXmlElement().isExported()
51-
or
52-
not getAndroidComponentXmlElement().isNotExported() and hasIntentFilter()
53-
}
5440
}
5541

5642
/** An Android broadcast receiver. */
5743
class AndroidBroadcastReceiver extends AndroidComponent {
5844
AndroidBroadcastReceiver() {
5945
this.getASupertype*().hasQualifiedName("android.content", "BroadcastReceiver")
6046
}
61-
62-
/** Holds if this Android component is configured as `exported` or has intent filters configured without `exported` explicitly disabled in an `AndroidManifest.xml` file. */
63-
override predicate isExported() {
64-
getAndroidComponentXmlElement().isExported()
65-
or
66-
not getAndroidComponentXmlElement().isNotExported() and hasIntentFilter()
67-
}
6847
}
6948

7049
/** An Android content provider. */

java/ql/src/semmle/code/xml/AndroidManifest.qll

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -137,11 +137,6 @@ class AndroidComponentXmlElement extends XMLElement {
137137
* Holds if the `android:exported` attribute of this component element is `true`.
138138
*/
139139
predicate isExported() { getExportedAttributeValue() = "true" }
140-
141-
/**
142-
* Holds if the `android:exported` attribute of this component element is explicitly set to `false`.
143-
*/
144-
predicate isNotExported() { getExportedAttributeValue() = "false" }
145140
}
146141

147142
/**

0 commit comments

Comments
 (0)