Skip to content

Add Quark Script APIs to detect CWE-749#381

Merged
haeter525 merged 14 commits into
ev-flow:masterfrom
haeter525:feat/quark_script_for_cwe_749
Sep 22, 2022
Merged

Add Quark Script APIs to detect CWE-749#381
haeter525 merged 14 commits into
ev-flow:masterfrom
haeter525:feat/quark_script_for_cwe_749

Conversation

@haeter525

@haeter525 haeter525 commented Sep 8, 2022
edited
Loading

Copy link
Copy Markdown
Member

Description

Please refer to #324.

This PR adds the following Quark script API to detect exposed dangerous methods or functions(CWE-749).

  1. methodInstance.getArguments(none)

Test Plans

  • All tests passed

@pulorsok

pulorsok commented Sep 12, 2022

Copy link
Copy Markdown
Member

I suggest we can add the API isArgumentTrue to methodInstance rather than using isTrue.
The isArgumentTrue will first get the parameter values from the target method, then check if the value is True. I think it is more intuitive for the user.

What do you think?

@codecov-commenter

codecov-commenter commented Sep 15, 2022

Copy link
Copy Markdown

Codecov Report

Base: 77.92% // Head: 78.15% // Increases project coverage by +0.22% 🎉

Coverage data is based on head (4f37c3b) compared to base (402e0a9).
Patch coverage: 93.54% of modified lines in pull request are covered.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #381      +/-   ##
==========================================
+ Coverage   77.92%   78.15%   +0.22%     
==========================================
  Files          62       63       +1     
  Lines        4629     4682      +53     
==========================================
+ Hits         3607     3659      +52     
- Misses       1022     1023       +1
Flag Coverage Δ
unittests 78.15% <93.54%> (+0.22%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
quark/script/utils.py 0.00% <0.00%> (ø)
tests/core/test_apkinfo.py 95.79% <ø> (ø)
quark/core/rzapkinfo.py 76.55% <86.66%> (+0.39%) ⬆️
quark/utils/tools.py 66.66% <86.66%> (+8.52%) ⬆️
quark/core/apkinfo.py 90.20% <100.00%> (ø)
quark/core/quark.py 71.74% <100.00%> (-0.82%) ⬇️
quark/script/__init__.py 96.87% <100.00%> (+1.87%) ⬆️
tests/core/test_quark.py 87.07% <100.00%> (ø)
tests/script/test_script.py 100.00% <100.00%> (ø)
tests/utils/test_tools.py 100.00% <100.00%> (ø)
... and 1 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

@haeter525 haeter525 merged commit 5af6e0d into ev-flow:master Sep 22, 2022
@sidra-asa sidra-asa mentioned this pull request Sep 27, 2022
Closed
@github-actions github-actions Bot mentioned this pull request May 4, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

pr-processing-state-05

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@haeter525 @pulorsok @codecov-commenter