Fix failing test cases

joefarebrother · atorralba · commit cb717a22bf98 · 2022-06-28T10:10:27.000+02:00
diff --git a/java/ql/lib/semmle/code/java/frameworks/android/ExternalStorage.qll b/java/ql/lib/semmle/code/java/frameworks/android/ExternalStorage.qll
@@ -1,7 +1,7 @@
 /** Provides definitions for working with uses of Android external storage */
 
 import java
-import semmle.code.java.dataflow.DataFlow
+private import semmle.code.java.dataflow.DataFlow
 private import semmle.code.java.dataflow.ExternalFlow
 
 private class ExternalStorageDirSourceModel extends SourceModelCsv {
@@ -10,11 +10,11 @@ private class ExternalStorageDirSourceModel extends SourceModelCsv {
       [
         //"package;type;overrides;name;signature;ext;spec;kind"
         "android.content;Context;true;getExternalFilesDir;(String);;ReturnValue;android-external-storage-dir",
-        "android.content;Context;true;getExternalFilesDirs;(String);;ReturnValue.ArrayElement;android-external-storage-dir",
-        "android.content;Context;true;getExternalCachesDir;(String);;ReturnValue;android-external-storage-dir",
-        "android.content;Context;true;getExternalCachesDirs;(String);;ReturnValue.ArrayElement;android-external-storage-dir",
-        "android.os;Environment;false;getExternalStorageDirectory;(String);;ReturnValue.ArrayElement;android-external-storage-dir",
-        "android.os;Environment;false;getExternalStoragePublicDirectory;(String);;ReturnValue.ArrayElement;android-external-storage-dir",
+        "android.content;Context;true;getExternalFilesDirs;(String);;ReturnValue;android-external-storage-dir",
+        "android.content;Context;true;getExternalCacheDir;();;ReturnValue;android-external-storage-dir",
+        "android.content;Context;true;getExternalCacheDirs;();;ReturnValue;android-external-storage-dir",
+        "android.os;Environment;false;getExternalStorageDirectory;();;ReturnValue;android-external-storage-dir",
+        "android.os;Environment;false;getExternalStoragePublicDirectory;(String);;ReturnValue;android-external-storage-dir",
       ]
   }
 }
@@ -23,9 +23,13 @@ private predicate externalStorageFlowStep(DataFlow::Node node1, DataFlow::Node n
   DataFlow::localFlowStep(node1, node2)
   or
   exists(ConstructorCall c | c.getConstructedType() instanceof TypeFile |
-    node1.asExpr() = c.getArgument(1) and
+    node1.asExpr() = c.getArgument(0) and
     node2.asExpr() = c
   )
+  or
+  node2.asExpr().(ArrayAccess).getArray() = node1.asExpr()
+  or
+  node2.asExpr().(FieldRead).getField().getInitializer() = node1.asExpr()
 }
 
 private predicate externalStorageFlow(DataFlow::Node node1, DataFlow::Node node2) {
diff --git a/java/ql/test/library-tests/frameworks/android/external-storage/Test.java b/java/ql/test/library-tests/frameworks/android/external-storage/Test.java
@@ -13,39 +13,39 @@ void test1(Context ctx) throws IOException {
         InputStream is = new FileInputStream(f);
         byte[] data = new byte[is.available()];
         is.read(data);
-        sink(data); // $hasTaintFlow
+        sink(data); // $ hasTaintFlow
         is.close();
     }
 
     void test2(Context ctx) throws IOException {
         File f = new File(new File(new File(ctx.getExternalFilesDirs(null)[0], "things"), "stuff"), "file.txt");
-        sink(new FileInputStream(f)); // $hasTaintFlow
+        sink(new FileInputStream(f)); // $ hasTaintFlow
     }
 
     void test3(Context ctx) throws IOException {
         File f = new File(ctx.getExternalCacheDir(), "file.txt");
-        sink(new FileInputStream(f)); // $hasTaintFlow
+        sink(new FileInputStream(f)); // $ hasTaintFlow
     }
 
     void test4(Context ctx) throws IOException {
         File f = new File(ctx.getExternalCacheDirs()[0], "file.txt");
-        sink(new FileInputStream(f)); // $hasTaintFlow
+        sink(new FileInputStream(f)); // $ hasTaintFlow
     }
 
     void test5(Context ctx) throws IOException {
         File f = new File(Environment.getExternalStorageDirectory(), "file.txt");
-        sink(new FileInputStream(f)); // $hasTaintFlow
+        sink(new FileInputStream(f)); // $ hasTaintFlow
     }
 
     void test6(Context ctx) throws IOException {
         File f = new File(Environment.getExternalStoragePublicDirectory(null), "file.txt");
-        sink(new FileInputStream(f)); // $hasTaintFlow
+        sink(new FileInputStream(f)); // $ hasTaintFlow
     }
 
     static final File dir = Environment.getExternalStorageDirectory();
  
     void test7(Context ctx) throws IOException {
         File f = new File(dir, "file.txt");
-        sink(new FileInputStream(f)); // $hasTaintFlow
+        sink(new FileInputStream(f)); // $ hasTaintFlow 
     }
  }

Original file line number	Diff line number	Diff line change
`@@ -13,39 +13,39 @@ void test1(Context ctx) throws IOException {`
`13`	`13`	`InputStream is = new FileInputStream(f);`
`14`	`14`	`byte[] data = new byte[is.available()];`
`15`	`15`	`is.read(data);`
`16`		`- sink(data); // $hasTaintFlow`
	`16`	`+ sink(data); // $ hasTaintFlow`
`17`	`17`	`is.close();`
`18`	`18`	`}`
`19`	`19`
`20`	`20`	`void test2(Context ctx) throws IOException {`
`21`	`21`	`File f = new File(new File(new File(ctx.getExternalFilesDirs(null)[0], "things"), "stuff"), "file.txt");`
`22`		`- sink(new FileInputStream(f)); // $hasTaintFlow`
	`22`	`+ sink(new FileInputStream(f)); // $ hasTaintFlow`
`23`	`23`	`}`
`24`	`24`
`25`	`25`	`void test3(Context ctx) throws IOException {`
`26`	`26`	`File f = new File(ctx.getExternalCacheDir(), "file.txt");`
`27`		`- sink(new FileInputStream(f)); // $hasTaintFlow`
	`27`	`+ sink(new FileInputStream(f)); // $ hasTaintFlow`
`28`	`28`	`}`
`29`	`29`
`30`	`30`	`void test4(Context ctx) throws IOException {`
`31`	`31`	`File f = new File(ctx.getExternalCacheDirs()[0], "file.txt");`
`32`		`- sink(new FileInputStream(f)); // $hasTaintFlow`
	`32`	`+ sink(new FileInputStream(f)); // $ hasTaintFlow`
`33`	`33`	`}`
`34`	`34`
`35`	`35`	`void test5(Context ctx) throws IOException {`
`36`	`36`	`File f = new File(Environment.getExternalStorageDirectory(), "file.txt");`
`37`		`- sink(new FileInputStream(f)); // $hasTaintFlow`
	`37`	`+ sink(new FileInputStream(f)); // $ hasTaintFlow`
`38`	`38`	`}`
`39`	`39`
`40`	`40`	`void test6(Context ctx) throws IOException {`
`41`	`41`	`File f = new File(Environment.getExternalStoragePublicDirectory(null), "file.txt");`
`42`		`- sink(new FileInputStream(f)); // $hasTaintFlow`
	`42`	`+ sink(new FileInputStream(f)); // $ hasTaintFlow`
`43`	`43`	`}`
`44`	`44`
`45`	`45`	`static final File dir = Environment.getExternalStorageDirectory();`
`46`	`46`
`47`	`47`	`void test7(Context ctx) throws IOException {`
`48`	`48`	`File f = new File(dir, "file.txt");`
`49`		`- sink(new FileInputStream(f)); // $hasTaintFlow`
	`49`	`+ sink(new FileInputStream(f)); // $ hasTaintFlow`
`50`	`50`	`}`
`51`	`51`	`}`