updated predicates

Jami Cogswell · Jami Cogswell · commit 9968d5d816bb · 2022-08-22T12:41:22.000-04:00
diff --git a/java/ql/lib/semmle/code/java/security/ImplicitlyExportedAndroidComponent.qll b/java/ql/lib/semmle/code/java/security/ImplicitlyExportedAndroidComponent.qll
@@ -1,9 +1,20 @@
-/** Provides a class to reason about Android implicitly exported components. */
+/** Provides a class to identify implicitly exported Android components. */
 
 private import semmle.code.xml.AndroidManifest
 
+/** Represents an implicitly exported Android component */
 class ImplicitlyExportedAndroidComponent extends AndroidComponentXmlElement {
-  //ImplicitlyExportedAndroidComponent() {  }
+  //   ImplicitlyExportedAndroidComponent() {
+  //     not this.hasExportedAttribute() and
+  //     this.hasAnIntentFilterElement() and
+  //     not this.requiresPermissions() and
+  //     not this.getParent().(AndroidApplicationXmlElement).hasAttribute("permission") and
+  //     not this.getAnIntentFilterElement().hasLauncherCategoryElement() and
+  //     not this.getFile().(AndroidManifestXmlFile).isInBuildDirectory()
+  //   }
+  /**
+   * Holds if this Android component is implicitly exported.
+   */
   predicate isImplicitlyExported() {
     not this.hasExportedAttribute() and
     this.hasAnIntentFilterElement() and
diff --git a/java/ql/lib/semmle/code/xml/AndroidManifest.qll b/java/ql/lib/semmle/code/xml/AndroidManifest.qll
@@ -178,7 +178,7 @@ class AndroidComponentXmlElement extends XmlElement {
   /**
    * Holds if this component element has an `<intent-filter>` child element.
    */
-  predicate hasAnIntentFilterElement() { this.getAChild().hasName("intent-filter") }
+  predicate hasAnIntentFilterElement() { exists(this.getAnIntentFilterElement()) }
 
   /**
    * Gets the value of the `android:name` attribute of this component element.
diff --git a/java/ql/src/Security/CWE/CWE-926/ImplicitlyExportedAndroidComponent.ql b/java/ql/src/Security/CWE/CWE-926/ImplicitlyExportedAndroidComponent.ql
@@ -16,3 +16,6 @@ import semmle.code.java.security.ImplicitlyExportedAndroidComponent
 from ImplicitlyExportedAndroidComponent impExpAndroidComp
 where impExpAndroidComp.isImplicitlyExported()
 select impExpAndroidComp, "This component is implicitly exported."
+// from ImplicitlyExportedAndroidComponent impExpAndroidComp
+// where exists(impExpAndroidComp)
+// select impExpAndroidComp, "This component is implicitly exported."
