File tree Expand file tree Collapse file tree
java/ql/test/query-tests/security/CWE-749 Expand file tree Collapse file tree Original file line number Diff line number Diff line change 4444
4545 <activity android : name =" .UnsafeActivity3" android : exported =" true"
4646 <activity android : name =" .UnsafeActivity4" android : exported =" true"
47+ <activity android : name =" .UnsafeActivityKt" android : exported =" true"
4748
4849 <receiver android : name =" .UnsafeAndroidBroadcastReceiver" android : exported =" true"
4950 </application >
Original file line number Diff line number Diff line change 1+ package com.example.app
2+
3+ import android.app.Activity
4+ import android.os.Bundle
5+ import android.webkit.WebSettings
6+ import android.webkit.WebView
7+ import android.webkit.WebViewClient
8+
9+ class UnsafeActivityKt : Activity () {
10+ override fun onCreate (savedInstanceState : Bundle ) {
11+
12+ val wv = findViewById<WebView >(- 1 )
13+ // Implicit not-nulls happening here
14+ wv.settings.setJavaScriptEnabled(true )
15+ wv.settings.setAllowFileAccessFromFileURLs(true )
16+
17+ val thisUrl : String = intent.extras.getString(" url"
18+ wv.loadUrl(thisUrl) // $ hasUnsafeAndroidAccess
19+ }
20+ }
Original file line number Diff line number Diff line change 1- //semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/android
1+ //semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/google-android-9.0.0
2+ //codeql-extractor-kotlin-options: ${testdir}/../../../stubs/google-android-9.0.0
You can’t perform that action at this time.
0 commit comments