Skip to content

Commit e213e3f

Browse files
d10cd10c
committed
Java: convert ImplicitPendingIntents test to .qlref
1 parent e0311e2 commit e213e3f

File tree

6 files changed

+400
-72
lines changed

6 files changed

+400
-72
lines changed

java/ql/test/query-tests/security/CWE-927/ImplicitPendingIntents/ImplicitPendingIntentsTest.expected

Lines changed: 341 additions & 0 deletions
Large diffs are not rendered by default.

java/ql/test/query-tests/security/CWE-927/ImplicitPendingIntentsTest.java renamed to java/ql/test/query-tests/security/CWE-927/ImplicitPendingIntents/ImplicitPendingIntentsTest.java

Lines changed: 54 additions & 54 deletions
Original file line numberDiff line numberDiff line change
@@ -28,77 +28,77 @@ public class ImplicitPendingIntentsTest {
2828
public static void testPendingIntentAsAnExtra(Context ctx)
2929
throws PendingIntent.CanceledException {
3030
{
31-
Intent baseIntent = new Intent();
31+
Intent baseIntent = new Intent(); // $ Source
3232
PendingIntent pi = PendingIntent.getActivity(ctx, 0, baseIntent, 0);
3333
Intent fwdIntent = new Intent();
3434
fwdIntent.putExtra("fwdIntent", pi);
35-
ctx.startActivities(new Intent[] {fwdIntent}); // $ MISSING: hasImplicitPendingIntent
36-
ctx.startActivity(fwdIntent); // $hasImplicitPendingIntent
35+
ctx.startActivities(new Intent[] {fwdIntent}); // $ MISSING: Alert
36+
ctx.startActivity(fwdIntent); // $ Alert
3737
ctx.startService(fwdIntent); // Safe
38-
ctx.sendBroadcast(fwdIntent); // $hasImplicitPendingIntent
38+
ctx.sendBroadcast(fwdIntent); // $ Alert
3939

4040
fwdIntent.setComponent(null); // Not a sanitizer
41-
ctx.startActivity(fwdIntent); // $hasImplicitPendingIntent
41+
ctx.startActivity(fwdIntent); // $ Alert
4242

4343
fwdIntent.setPackage("a.safe.package"); // Sanitizer
4444
ctx.startActivity(fwdIntent); // Safe
4545
}
4646

4747
{
48-
Intent baseIntent = new Intent();
48+
Intent baseIntent = new Intent(); // $ Source
4949
PendingIntent pi = PendingIntent.getActivityAsUser(ctx, 0, baseIntent, 0, null, null);
5050
Intent fwdIntent = new Intent();
5151
fwdIntent.putExtra("fwdIntent", pi);
52-
ctx.startActivity(fwdIntent); // $hasImplicitPendingIntent
52+
ctx.startActivity(fwdIntent); // $ Alert
5353
}
5454

5555
{
56-
Intent baseIntent = new Intent();
56+
Intent baseIntent = new Intent(); // $ Source
5757
PendingIntent pi = PendingIntent.getActivities(ctx, 0, new Intent[] {baseIntent}, 0);
5858
Intent fwdIntent = new Intent();
5959
fwdIntent.putExtra("fwdIntent", pi);
60-
ctx.startActivity(fwdIntent); // $hasImplicitPendingIntent
60+
ctx.startActivity(fwdIntent); // $ Alert
6161
}
6262

6363
{
64-
Intent baseIntent = new Intent();
64+
Intent baseIntent = new Intent(); // $ Source
6565
PendingIntent pi = PendingIntent.getActivitiesAsUser(ctx, 0, new Intent[] {baseIntent},
6666
0, null, null);
6767
Intent fwdIntent = new Intent();
6868
fwdIntent.putExtra("fwdIntent", pi);
69-
ctx.startActivity(fwdIntent); // $hasImplicitPendingIntent
69+
ctx.startActivity(fwdIntent); // $ Alert
7070
}
7171

7272
{
73-
Intent baseIntent = new Intent();
73+
Intent baseIntent = new Intent(); // $ Source
7474
PendingIntent pi = PendingIntent.getBroadcast(ctx, 0, baseIntent, 0);
7575
Intent fwdIntent = new Intent();
7676
fwdIntent.putExtra("fwdIntent", pi);
77-
ctx.sendBroadcast(fwdIntent); // $hasImplicitPendingIntent
77+
ctx.sendBroadcast(fwdIntent); // $ Alert
7878
}
7979

8080
{
81-
Intent baseIntent = new Intent();
81+
Intent baseIntent = new Intent(); // $ Source
8282
PendingIntent pi = PendingIntent.getBroadcastAsUser(ctx, 0, baseIntent, 0, null);
8383
Intent fwdIntent = new Intent();
8484
fwdIntent.putExtra("fwdIntent", pi);
85-
ctx.sendBroadcast(fwdIntent); // $hasImplicitPendingIntent
85+
ctx.sendBroadcast(fwdIntent); // $ Alert
8686
}
8787

8888
{
89-
Intent baseIntent = new Intent();
89+
Intent baseIntent = new Intent(); // $ Source
9090
PendingIntent pi = PendingIntent.getService(ctx, 0, baseIntent, 0);
9191
Intent fwdIntent = new Intent();
9292
fwdIntent.putExtra("fwdIntent", pi);
93-
ctx.startActivity(fwdIntent); // $hasImplicitPendingIntent
93+
ctx.startActivity(fwdIntent); // $ Alert
9494
}
9595

9696
{
97-
Intent baseIntent = new Intent();
97+
Intent baseIntent = new Intent(); // $ Source
9898
PendingIntent pi = PendingIntent.getForegroundService(ctx, 0, baseIntent, 0);
9999
Intent fwdIntent = new Intent();
100100
fwdIntent.putExtra("fwdIntent", pi);
101-
ctx.startActivity(fwdIntent); // $hasImplicitPendingIntent
101+
ctx.startActivity(fwdIntent); // $ Alert
102102
}
103103

104104
{
@@ -163,31 +163,31 @@ public static void testPendingIntentAsAnExtra(Context ctx)
163163
public static void testPendingIntentWrappedInAnotherPendingIntent(Context ctx,
164164
PendingIntent other) throws PendingIntent.CanceledException {
165165
{
166-
Intent baseIntent = new Intent();
166+
Intent baseIntent = new Intent(); // $ Source
167167
PendingIntent pi = PendingIntent.getActivity(ctx, 0, baseIntent, 0);
168168
Intent fwdIntent = new Intent();
169169
fwdIntent.putExtra("fwdIntent", pi);
170-
other.send(ctx, 0, fwdIntent); // $hasImplicitPendingIntent
171-
other.send(ctx, 0, fwdIntent, null, null); // $hasImplicitPendingIntent
172-
other.send(ctx, 0, fwdIntent, null, null, null); // $hasImplicitPendingIntent
173-
other.send(ctx, 0, fwdIntent, null, null, null, null); // $hasImplicitPendingIntent
170+
other.send(ctx, 0, fwdIntent); // $ Alert
171+
other.send(ctx, 0, fwdIntent, null, null); // $ Alert
172+
other.send(ctx, 0, fwdIntent, null, null, null); // $ Alert
173+
other.send(ctx, 0, fwdIntent, null, null, null, null); // $ Alert
174174
}
175175
}
176176

177177
public static void testPendingIntentInANotification(Context ctx)
178178
throws PendingIntent.CanceledException {
179179

180180
{
181-
Intent baseIntent = new Intent();
181+
Intent baseIntent = new Intent(); // $ Source
182182
PendingIntent pi = PendingIntent.getActivity(ctx, 0, baseIntent, 0);
183183
Notification.Action.Builder aBuilder = new Notification.Action.Builder(0, "", pi);
184184
Notification.Builder nBuilder =
185185
new Notification.Builder(ctx).addAction(aBuilder.build());
186186
Notification notification = nBuilder.build();
187187
NotificationManager nManager = null;
188-
nManager.notifyAsPackage("targetPackage", "tag", 0, notification); // $hasImplicitPendingIntent
189-
nManager.notify(0, notification); // $hasImplicitPendingIntent
190-
nManager.notifyAsUser("", 0, notification, null); // $hasImplicitPendingIntent
188+
nManager.notifyAsPackage("targetPackage", "tag", 0, notification); // $ Alert
189+
nManager.notify(0, notification); // $ Alert
190+
nManager.notifyAsUser("", 0, notification, null); // $ Alert
191191
}
192192
{
193193
Intent baseIntent = new Intent();
@@ -219,31 +219,31 @@ public static void testPendingIntentInANotification(Context ctx)
219219
}
220220
// Compat sinks
221221
{
222-
Intent baseIntent = new Intent();
222+
Intent baseIntent = new Intent(); // $ Source
223223
PendingIntent pi = PendingIntent.getActivity(ctx, 0, baseIntent, 0);
224224
Notification.Action.Builder aBuilder = new Notification.Action.Builder(0, "", pi);
225225
Notification.Builder nBuilder =
226226
new Notification.Builder(ctx).addAction(aBuilder.build());
227227
Notification notification = nBuilder.build();
228228
NotificationManagerCompat nManager = null;
229-
nManager.notify(0, notification); // $hasImplicitPendingIntent
230-
nManager.notify("", 0, notification); // $hasImplicitPendingIntent
229+
nManager.notify(0, notification); // $ Alert
230+
nManager.notify("", 0, notification); // $ Alert
231231
}
232232
}
233233

234234
public static void testPendingIntentInAnAlarm(Context ctx) {
235235
AlarmManager aManager = (AlarmManager) ctx.getSystemService(Context.ALARM_SERVICE);
236236
{
237-
Intent baseIntent = new Intent();
237+
Intent baseIntent = new Intent(); // $ Source
238238
PendingIntent pi = PendingIntent.getActivity(ctx, 0, baseIntent, 0);
239-
aManager.set(0, 0, pi); // $hasImplicitPendingIntent
240-
aManager.setAlarmClock(null, pi); // $hasImplicitPendingIntent
241-
aManager.setAndAllowWhileIdle(0, 0, pi); // $hasImplicitPendingIntent
242-
aManager.setExact(0, 0, pi); // $hasImplicitPendingIntent
243-
aManager.setExactAndAllowWhileIdle(0, 0, pi); // $hasImplicitPendingIntent
244-
aManager.setInexactRepeating(0, 0, 0, pi); // $hasImplicitPendingIntent
245-
aManager.setRepeating(0, 0, 0, pi); // $hasImplicitPendingIntent
246-
aManager.setWindow(0, 0, 0, pi); // $hasImplicitPendingIntent
239+
aManager.set(0, 0, pi); // $ Alert
240+
aManager.setAlarmClock(null, pi); // $ Alert
241+
aManager.setAndAllowWhileIdle(0, 0, pi); // $ Alert
242+
aManager.setExact(0, 0, pi); // $ Alert
243+
aManager.setExactAndAllowWhileIdle(0, 0, pi); // $ Alert
244+
aManager.setInexactRepeating(0, 0, 0, pi); // $ Alert
245+
aManager.setRepeating(0, 0, 0, pi); // $ Alert
246+
aManager.setWindow(0, 0, 0, pi); // $ Alert
247247
}
248248
{
249249
Intent baseIntent = new Intent();
@@ -253,24 +253,24 @@ public static void testPendingIntentInAnAlarm(Context ctx) {
253253
}
254254
// Compat sinks
255255
{
256-
Intent baseIntent = new Intent();
256+
Intent baseIntent = new Intent(); // $ Source
257257
PendingIntent pi = PendingIntent.getActivity(ctx, 0, baseIntent, 0);
258-
AlarmManagerCompat.setAlarmClock(aManager, 0, pi, null); // $hasImplicitPendingIntent
259-
AlarmManagerCompat.setAlarmClock(aManager, 0, null, pi); // $hasImplicitPendingIntent
260-
AlarmManagerCompat.setAndAllowWhileIdle(aManager, 0, 0, pi); // $hasImplicitPendingIntent
261-
AlarmManagerCompat.setExact(aManager, 0, 0, pi); // $hasImplicitPendingIntent
262-
AlarmManagerCompat.setExactAndAllowWhileIdle(aManager, 0, 0, pi); // $hasImplicitPendingIntent
258+
AlarmManagerCompat.setAlarmClock(aManager, 0, pi, null); // $ Alert
259+
AlarmManagerCompat.setAlarmClock(aManager, 0, null, pi); // $ Alert
260+
AlarmManagerCompat.setAndAllowWhileIdle(aManager, 0, 0, pi); // $ Alert
261+
AlarmManagerCompat.setExact(aManager, 0, 0, pi); // $ Alert
262+
AlarmManagerCompat.setExactAndAllowWhileIdle(aManager, 0, 0, pi); // $ Alert
263263
}
264264
}
265265

266266
static class TestActivity extends Activity {
267267
@Override
268268
public void onCreate(Bundle bundle) {
269-
Intent baseIntent = new Intent();
269+
Intent baseIntent = new Intent(); // $ Source
270270
PendingIntent pi = PendingIntent.getActivity(null, 0, baseIntent, 0);
271271
Intent fwdIntent = new Intent();
272272
fwdIntent.putExtra("fwdIntent", pi);
273-
setResult(0, fwdIntent); // $hasImplicitPendingIntent
273+
setResult(0, fwdIntent); // $ Alert
274274
}
275275
}
276276

@@ -281,13 +281,13 @@ static class TestSliceProvider extends SliceProvider {
281281
@Override
282282
public Slice onBindSlice(Uri sliceUri) {
283283
if (sliceUri.getAuthority().equals("1")) {
284-
Intent baseIntent = new Intent();
284+
Intent baseIntent = new Intent(); // $ Source
285285
PendingIntent pi = PendingIntent.getActivity(getContext(), 0, baseIntent, 0);
286286
SliceAction activityAction = SliceAction.createDeeplink(pi, null, 0, "Test");
287287
ListBuilder listBuilder = new ListBuilder(getContext(), sliceUri, null);
288288
listBuilder.addRow(new ListBuilder.RowBuilder().setTitle("Title")
289289
.setPrimaryAction(activityAction));
290-
return listBuilder.build(); // $hasImplicitPendingIntent
290+
return listBuilder.build(); // $ Alert
291291

292292
} else if (sliceUri.getAuthority().equals("2")) {
293293
Intent baseIntent = new Intent(getContext(), Activity.class); // Sanitizer
@@ -314,16 +314,16 @@ public Slice onBindSlice(Uri sliceUri) {
314314
SliceAction action = SliceAction.createDeeplink(mPendingIntent, null, 0, "");
315315
ListBuilder listBuilder = new ListBuilder(getContext(), sliceUri, 0);
316316
listBuilder.addRow(new ListBuilder.RowBuilder(sliceUri).setPrimaryAction(action));
317-
return listBuilder.build(); // $hasImplicitPendingIntent
317+
return listBuilder.build(); // $ Alert
318318
}
319319
}
320320

321321
@Override
322322
public PendingIntent onCreatePermissionRequest(Uri sliceUri, String callingPackage) {
323323
if (sliceUri.getAuthority().equals("1")) {
324-
Intent baseIntent = new Intent();
324+
Intent baseIntent = new Intent(); // $ Source
325325
PendingIntent pi = PendingIntent.getActivity(getContext(), 0, baseIntent, 0);
326-
return pi; // $hasImplicitPendingIntent
326+
return pi; // $ Alert
327327
} else {
328328
Intent baseIntent = new Intent();
329329
PendingIntent pi = PendingIntent.getActivity(getContext(), 0, baseIntent,
@@ -336,7 +336,7 @@ public PendingIntent onCreatePermissionRequest(Uri sliceUri, String callingPacka
336336
public boolean onCreateSliceProvider() {
337337
// Testing implicit field read flows:
338338
// mPendingIntent is used in onBindSlice
339-
Intent baseIntent = new Intent();
339+
Intent baseIntent = new Intent(); // $ Source
340340
mPendingIntent = PendingIntent.getActivity(getContext(), 0, baseIntent, 0);
341341
return true;
342342
}

java/ql/test/query-tests/security/CWE-927/ImplicitPendingIntents/ImplicitPendingIntentsTest.qlref

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
query: Security/CWE/CWE-927/ImplicitPendingIntents.ql
2+
postprocess:
3+
- utils/test/PrettyPrintModels.ql
4+
- utils/test/InlineExpectationsTestQuery.ql

java/ql/test/query-tests/security/CWE-927/ImplicitPendingIntents/options

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
// semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/google-android-9.0.0

java/ql/test/query-tests/security/CWE-927/ImplicitPendingIntentsTest.expected

Whitespace-only changes.

java/ql/test/query-tests/security/CWE-927/ImplicitPendingIntentsTest.ql

Lines changed: 0 additions & 18 deletions
This file was deleted.

0 commit comments

Comments
 (0)