Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 500a6f3

Browse files
egregius313egregius313
committed
Add check for files which provide the app launcher
Adds support for filtering which applications include the `android.intent.action.MAIN` intent.
1 parent b5c54f5 commit 500a6f3

2 files changed

Lines changed: 17 additions & 2 deletions

File tree

java/ql/lib/semmle/code/xml/AndroidManifest.qll

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,16 @@ class AndroidApplicationXmlElement extends XmlElement {
9898
attr.getValue() = "true"
9999
)
100100
}
101+
102+
predicate providesMainIntent() {
103+
exists(AndroidActivityXmlElement activity |
104+
activity = this.getAChild() and
105+
exists(AndroidIntentFilterXmlElement intentFilter |
106+
intentFilter = activity.getAChild() and
107+
intentFilter.getAnActionElement().getActionName() = "android.intent.action.MAIN"
108+
)
109+
)
110+
}
101111
}
102112

103113
/**

java/ql/src/Security/CWE/CWE-312/AllowBackupAttributeEnabled.ql

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,11 @@ import semmle.code.xml.AndroidManifest
1515

1616
from AndroidApplicationXmlElement androidAppElem
1717
where
18-
androidAppElem.allowsBackup() and
19-
androidAppElem.getFile().(AndroidManifestXmlFile).isInBuildDirectory()
18+
not androidAppElem.getFile().(AndroidManifestXmlFile).isInBuildDirectory() and
19+
(
20+
androidAppElem.allowsBackupExplicitly()
21+
or
22+
androidAppElem.providesMainIntent() and
23+
androidAppElem.allowsBackup()
24+
)
2025
select androidAppElem, "The 'android:allowBackup' attribute is enabled."

0 commit comments

Comments
 (0)