Skip to content

Commit 084b983

Browse files
Jami CogswellJami Cogswell
Jami Cogswell
authored and
Jami Cogswell
committed
resolved merge conflict in AndroidManifest
1 parent 55bd9f9 commit 084b983

File tree

2 files changed

+9
-8
lines changed

2 files changed

+9
-8
lines changed

java/ql/lib/semmle/code/xml/AndroidManifest.qll

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -68,8 +68,10 @@ class AndroidApplicationXmlElement extends XmlElement {
6868
)
6969
}
7070

71-
/** Holds if this component element has an attribute with the name `permission`. */
72-
predicate hasPermissionAttribute() { exists(this.getAttribute("permission")) }
71+
/**
72+
* Holds if this application element has explicitly set a value for its `android:permission` attribute.
73+
*/
74+
predicate requiresPermissions() { this.getAnAttribute().(AndroidPermissionXmlAttribute).isFull() }
7375
}
7476

7577
/**
@@ -234,14 +236,13 @@ class AndroidComponentXmlElement extends XmlElement {
234236
*/
235237
predicate hasExportedAttribute() { this.hasAttribute("exported") }
236238

237-
/** Holds if this component element has an attribute with the name `permission`. */
238-
predicate hasPermissionAttribute() { exists(this.getAttribute("permission")) }
239-
239+
// /** Holds if this component element has an attribute with the name `permission`. */
240+
// predicate hasPermissionAttribute() { exists(this.getAttribute("permission")) }
240241
predicate isImplicitlyExported() {
241242
not this.hasExportedAttribute() and
242243
this.hasAnIntentFilterElement() and // Note: did not use getAnIntentFilterElement since don't need a return value
243-
not this.hasPermissionAttribute() and
244-
not this.getParent().(AndroidApplicationXmlElement).hasPermissionAttribute() and
244+
not this.hasAttribute("permission") and // not seeing how isFull() is any better than this..., this seems to more directly check what I want...
245+
not this.getParent().(AndroidApplicationXmlElement).hasAttribute("permission") and
245246
not this.getAnIntentFilterElement().hasLauncherCategoryElement() and
246247
not this.getFile().(AndroidManifestXmlFile).isInBuildDirectory()
247248
}

java/ql/src/Security/CWE/CWE-926/ImplicitlyExportedAndroidComponent.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
* @id java/android/implicitly-exported-component
88
* @tags security
99
* external/cwe/cwe-926
10-
* @precision high
10+
* @precision medium
1111
*/
1212

1313
import java

0 commit comments

Comments
 (0)