added unit tests

Jami Cogswell · Jami Cogswell · commit b88d545c4948 · 2022-08-22T12:41:22.000-04:00
diff --git a/java/ql/test/query-tests/security/CWE-926/AndroidManifest.xml b/java/ql/test/query-tests/security/CWE-926/AndroidManifest.xml
@@ -12,42 +12,78 @@
         android:roundIcon="@mipmap/ic_launcher_round"
         android:supportsRtl="true"
         android:theme="@style/Theme.HappyBirthday"
-        tools:targetApi="31">  <!-- test -->
-        <!-- Safe: category LAUNCHER --> <activity
-            android:name=".MainActivity">
-            <intent-filter>
-                <action android:name="android.intent.action.MAIN" />
+        tools:targetApi="31">
 
-                <category android:name="android.intent.category.LAUNCHER" />
+        <!-- $ hasImplicitExport --> <activity
+            android:name=".Activity">
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
             </intent-filter>
         </activity>
 
-        <!-- $ hasImplicitExport --> <activity
-            android:name=".MainActivity">
+        <!-- $ hasImplicitExport --> <receiver
+            android:name=".CheckInstall">
             <intent-filter>
-                <action android:name="android.intent.action.MAIN" />
+                <action android:name="android.intent.action.PACKAGE_INSTALL"/>
+
             </intent-filter>
-        </activity>
+        </receiver>
+
+        <!-- $ hasImplicitExport --> <service
+            android:name=".backgroundService">
+            <intent-filter>
+                <action android:name="android.intent.action.START_BACKGROUND"/>
+
+            </intent-filter>
+        </service>
+
+        <!-- $ hasImplicitExport --> <provider
+            android:name=".MyCloudProvider">
+            <intent-filter>
+                <action android:name="android.intent.action.DOCUMENTS_PROVIDER"/>
+
+            </intent-filter>
+        </service>
 
         <!-- Safe: 'android:exported' explicitly set --> <activity
-            android:name=".MainActivity"
+            android:name=".Activity"
             android:exported="true">
             <intent-filter>
-                <action android:name="android.intent.action.MAIN" />
+                <action android:name="android.intent.action.VIEW" />
             </intent-filter>
         </activity>
 
         <!-- Safe: no intent filter --> <activity
-            android:name=".MainActivity">
+            android:name=".Activity">
         </activity>
 
         <!-- Safe: has 'permission' attribute --> <activity
-            android:name=".MainActivity"
+            android:name=".Activity"
             android:permission=".Test">
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
+            </intent-filter>
+        </activity>
+
+        <!-- Safe: 'provider' with read and write permissions set --> <provider
+            android:name=".MyCloudProvider"
+            android:readPermission=".TestRead"
+            android:writePermission=".TestWrite">
+            <intent-filter>
+                <action android:name="android.intent.action.DOCUMENTS_PROVIDER"/>
+
+            </intent-filter>
+        </service>
+
+        <!-- Safe: has category 'android.intent.category.LAUNCHER' --> <activity
+            android:name=".Activity">
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
+
+                <category android:name="android.intent.category.LAUNCHER" />
             </intent-filter>
         </activity>
+
     </application>
 
 </manifest>
diff --git a/java/ql/test/query-tests/security/CWE-926/ImplicitlyExportedAndroidComponentTest.ql b/java/ql/test/query-tests/security/CWE-926/ImplicitlyExportedAndroidComponentTest.ql
@@ -1,5 +1,5 @@
 import java
-import semmle.code.xml.AndroidManifest
+import semmle.code.java.security.ImplicitlyExportedAndroidComponent
 import TestUtilities.InlineExpectationsTest
 
 class ImplicitlyExportedAndroidComponentTest extends InlineExpectationsTest {
@@ -9,9 +9,11 @@ class ImplicitlyExportedAndroidComponentTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasImplicitExport" and
-    exists(AndroidComponentXmlElement compElement | compElement.isImplicitlyExported() |
-      compElement.getLocation() = location and
-      element = compElement.toString() and
+    exists(ImplicitlyExportedAndroidComponent impExpAndroidComp |
+      impExpAndroidComp.isImplicitlyExported()
+    |
+      impExpAndroidComp.getLocation() = location and
+      element = impExpAndroidComp.toString() and
       value = ""
     )
   }
diff --git a/java/ql/test/query-tests/security/CWE-926/TestApplicationPermission/AndroidManifest.xml b/java/ql/test/query-tests/security/CWE-926/TestApplicationPermission/AndroidManifest.xml
@@ -0,0 +1,90 @@
+<?xml version="1.0" encoding="utf-8"?>
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:tools="http://schemas.android.com/tools"
+    package="com.example.happybirthday">
+
+    <application
+        android:allowBackup="true"
+        android:dataExtractionRules="@xml/data_extraction_rules"
+        android:fullBackupContent="@xml/backup_rules"
+        android:icon="@mipmap/ic_launcher"
+        android:label="@string/app_name"
+        android:roundIcon="@mipmap/ic_launcher_round"
+        android:supportsRtl="true"
+        android:theme="@style/Theme.HappyBirthday"
+        tools:targetApi="31"
+        android:permission=".Test">
+
+        <!-- Safe: 'application' element has 'permission' attribute --> <activity
+            android:name=".Activity">
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
+            </intent-filter>
+        </activity>
+
+        <!-- Safe: 'application' element has 'permission' attribute --> <receiver
+            android:name=".CheckInstall">
+            <intent-filter>
+                <action android:name="android.intent.action.PACKAGE_INSTALL"/>
+
+            </intent-filter>
+        </receiver>
+
+        <!-- Safe: 'application' element has 'permission' attribute --> <service
+            android:name=".backgroundService">
+            <intent-filter>
+                <action android:name="android.intent.action.START_BACKGROUND"/>
+
+            </intent-filter>
+        </service>
+
+        <!-- Safe: 'application' element has 'permission' attribute --> <provider
+            android:name=".MyCloudProvider">
+            <intent-filter>
+                <action android:name="android.intent.action.DOCUMENTS_PROVIDER"/>
+
+            </intent-filter>
+        </service>
+
+        <!-- Safe: 'android:exported' explicitly set --> <activity
+            android:name=".Activity"
+            android:exported="true">
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
+            </intent-filter>
+        </activity>
+
+        <!-- Safe: no intent filter --> <activity
+            android:name=".Activity">
+        </activity>
+
+        <!-- Safe: has 'permission' attribute --> <activity
+            android:name=".Activity"
+            android:permission=".Test">
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
+            </intent-filter>
+        </activity>
+
+        <!-- Safe: 'provider' with read and write permissions set --> <provider
+            android:name=".MyCloudProvider"
+            android:readPermission=".TestRead"
+            android:writePermission=".TestWrite">
+            <intent-filter>
+                <action android:name="android.intent.action.DOCUMENTS_PROVIDER"/>
+
+            </intent-filter>
+        </service>
+
+        <!-- Safe: has category 'android.intent.category.LAUNCHER' --> <activity
+            android:name=".Activity">
+            <intent-filter>
+                <action android:name="android.intent.action.MAIN" />
+
+                <category android:name="android.intent.category.LAUNCHER" />
+            </intent-filter>
+        </activity>
+
+    </application>
+
+</manifest>
diff --git a/java/ql/test/query-tests/security/CWE-926/Testbuild/AndroidManifest.xml b/java/ql/test/query-tests/security/CWE-926/Testbuild/AndroidManifest.xml
@@ -12,42 +12,78 @@
         android:roundIcon="@mipmap/ic_launcher_round"
         android:supportsRtl="true"
         android:theme="@style/Theme.HappyBirthday"
-        tools:targetApi="31">  <!-- test -->
-        <!-- Safe: category LAUNCHER --> <activity
-            android:name=".MainActivity">
-            <intent-filter>
-                <action android:name="android.intent.action.MAIN" />
+        tools:targetApi="31">
 
-                <category android:name="android.intent.category.LAUNCHER" />
+        <!-- Safe: in build directory --> <activity
+            android:name=".Activity">
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
             </intent-filter>
         </activity>
 
-        <!-- Safe: in build directory --> <activity
-            android:name=".MainActivity">
+        <!-- Safe: in build directory --> <receiver
+            android:name=".CheckInstall">
             <intent-filter>
-                <action android:name="android.intent.action.MAIN" />
+                <action android:name="android.intent.action.PACKAGE_INSTALL"/>
+
             </intent-filter>
-        </activity>
+        </receiver>
+
+        <!-- Safe: in build directory --> <service
+            android:name=".backgroundService">
+            <intent-filter>
+                <action android:name="android.intent.action.START_BACKGROUND"/>
+
+            </intent-filter>
+        </service>
+
+        <!-- Safe: in build directory --> <provider
+            android:name=".MyCloudProvider">
+            <intent-filter>
+                <action android:name="android.intent.action.DOCUMENTS_PROVIDER"/>
+
+            </intent-filter>
+        </service>
 
         <!-- Safe: 'android:exported' explicitly set --> <activity
-            android:name=".MainActivity"
+            android:name=".Activity"
             android:exported="true">
             <intent-filter>
-                <action android:name="android.intent.action.MAIN" />
+                <action android:name="android.intent.action.VIEW" />
             </intent-filter>
         </activity>
 
         <!-- Safe: no intent filter --> <activity
-            android:name=".MainActivity">
+            android:name=".Activity">
         </activity>
 
         <!-- Safe: has 'permission' attribute --> <activity
-            android:name=".MainActivity"
+            android:name=".Activity"
             android:permission=".Test">
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
+            </intent-filter>
+        </activity>
+
+        <!-- Safe: 'provider' with read and write permissions set --> <provider
+            android:name=".MyCloudProvider"
+            android:readPermission=".TestRead"
+            android:writePermission=".TestWrite">
+            <intent-filter>
+                <action android:name="android.intent.action.DOCUMENTS_PROVIDER"/>
+
+            </intent-filter>
+        </service>
+
+        <!-- Safe: has category 'android.intent.category.LAUNCHER' --> <activity
+            android:name=".Activity">
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
+
+                <category android:name="android.intent.category.LAUNCHER" />
             </intent-filter>
         </activity>
+
     </application>
 
 </manifest>
