Skip to content

Commit 1a04ad9

Browse files
atorralbaatorralba
committed
Add Android Slice models
1 parent 9a80ab3 commit 1a04ad9

File tree

30 files changed

+3470
-0
lines changed

30 files changed

+3470
-0
lines changed

java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -113,6 +113,7 @@ private module Frameworks {
113113
private import semmle.code.java.security.XPath
114114
private import semmle.code.java.security.XsltInjection
115115
private import semmle.code.java.frameworks.android.Android
116+
private import semmle.code.java.frameworks.android.Slice
116117
private import semmle.code.java.frameworks.android.SQLite
117118
private import semmle.code.java.frameworks.Jdbc
118119
private import semmle.code.java.frameworks.SpringJdbc

java/ql/lib/semmle/code/java/frameworks/android/Slice.qll

Lines changed: 111 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,111 @@
1+
import java
2+
private import semmle.code.java.dataflow.ExternalFlow
3+
4+
private class SliceBuildersSummaryModels extends SummaryModelCsv {
5+
override predicate row(string row) {
6+
row =
7+
[
8+
"androidx.slice.builders;ListBuilder;false;addAction;;;Argument[0];Argument[-1];taint",
9+
"androidx.slice.builders;ListBuilder;false;addAction;;;Argument[-1];ReturnValue;value",
10+
"androidx.slice.builders;ListBuilder;false;addGridRow;;;Argument[0];Argument[-1];taint",
11+
"androidx.slice.builders;ListBuilder;false;addGridRow;;;Argument[-1];ReturnValue;value",
12+
"androidx.slice.builders;ListBuilder;false;addInputRange;;;Argument[0];Argument[-1];taint",
13+
"androidx.slice.builders;ListBuilder;false;addInputRange;;;Argument[-1];ReturnValue;value",
14+
"androidx.slice.builders;ListBuilder;false;addRange;;;Argument[0];Argument[-1];taint",
15+
"androidx.slice.builders;ListBuilder;false;addRange;;;Argument[-1];ReturnValue;value",
16+
"androidx.slice.builders;ListBuilder;false;addRating;;;Argument[0];Argument[-1];taint",
17+
"androidx.slice.builders;ListBuilder;false;addRating;;;Argument[-1];ReturnValue;value",
18+
"androidx.slice.builders;ListBuilder;false;addRow;;;Argument[0];Argument[-1];taint",
19+
"androidx.slice.builders;ListBuilder;false;addRow;;;Argument[-1];ReturnValue;value",
20+
"androidx.slice.builders;ListBuilder;false;addSelection;;;Argument[0];Argument[-1];taint",
21+
"androidx.slice.builders;ListBuilder;false;addSelection;;;Argument[-1];ReturnValue;value",
22+
"androidx.slice.builders;ListBuilder;false;setAccentColor;;;Argument[-1];ReturnValue;value",
23+
"androidx.slice.builders;ListBuilder;false;setHeader;;;Argument[0];Argument[-1];taint",
24+
"androidx.slice.builders;ListBuilder;false;setHeader;;;Argument[-1];ReturnValue;value",
25+
"androidx.slice.builders;ListBuilder;false;setHostExtras;;;Argument[-1];ReturnValue;value",
26+
"androidx.slice.builders;ListBuilder;false;setIsError;;;Argument[-1];ReturnValue;value",
27+
"androidx.slice.builders;ListBuilder;false;setKeywords;;;Argument[-1];ReturnValue;value",
28+
"androidx.slice.builders;ListBuilder;false;setLayoutDirection;;;Argument[-1];ReturnValue;value",
29+
"androidx.slice.builders;ListBuilder;false;setSeeMoreAction;;;Argument[0];Argument[-1];taint",
30+
"androidx.slice.builders;ListBuilder;false;setSeeMoreAction;;;Argument[-1];ReturnValue;value",
31+
"androidx.slice.builders;ListBuilder;false;setSeeMoreRow;;;Argument[0];Argument[-1];value",
32+
"androidx.slice.builders;ListBuilder;false;setSeeMoreRow;;;Argument[-1];ReturnValue;value",
33+
"androidx.slice.builders;ListBuilder;false;build;;;Argument[-1];ReturnValue;taint",
34+
"androidx.slice.builders;ListBuilder$HeaderBuilder;false;setContentDescription;;;Argument[-1];ReturnValue;value",
35+
"androidx.slice.builders;ListBuilder$HeaderBuilder;false;setLayoutDirection;;;Argument[-1];ReturnValue;value",
36+
"androidx.slice.builders;ListBuilder$HeaderBuilder;false;setPrimaryAction;;;Argument[0];Argument[-1];taint",
37+
"androidx.slice.builders;ListBuilder$HeaderBuilder;false;setPrimaryAction;;;Argument[-1];ReturnValue;value",
38+
"androidx.slice.builders;ListBuilder$HeaderBuilder;false;setSubtitle;;;Argument[-1];ReturnValue;value",
39+
"androidx.slice.builders;ListBuilder$HeaderBuilder;false;setSummary;;;Argument[-1];ReturnValue;value",
40+
"androidx.slice.builders;ListBuilder$HeaderBuilder;false;setTitle;;;Argument[-1];ReturnValue;value",
41+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;addEndItem;;;Argument[0];Argument[-1];taint",
42+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;addEndItem;;;Argument[-1];ReturnValue;value",
43+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setContentDescription;;;Argument[-1];ReturnValue;value",
44+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setInputAction;(PendingIntent);;Argument[0];Argument[-1];taint",
45+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setInputAction;;;Argument[-1];ReturnValue;value",
46+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setLayoutDirection;;;Argument[-1];ReturnValue;value",
47+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setMax;;;Argument[-1];ReturnValue;value",
48+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setMin;;;Argument[-1];ReturnValue;value",
49+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setPrimaryAction;;;Argument[0];Argument[-1];taint",
50+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setPrimaryAction;;;Argument[-1];ReturnValue;value",
51+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setSubtitle;;;Argument[-1];ReturnValue;value",
52+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setThumb;;;Argument[-1];ReturnValue;value",
53+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setTitle;;;Argument[-1];ReturnValue;value",
54+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setTitleItem;;;Argument[-1];ReturnValue;value",
55+
"androidx.slice.builders;ListBuilder$InputRangeBuilder;false;setValue;;;Argument[-1];ReturnValue;value",
56+
"androidx.slice.builders;ListBuilder$RangeBuilder;false;setContentDescription;;;Argument[-1];ReturnValue;value",
57+
"androidx.slice.builders;ListBuilder$RangeBuilder;false;setMax;;;Argument[-1];ReturnValue;value",
58+
"androidx.slice.builders;ListBuilder$RangeBuilder;false;setMode;;;Argument[-1];ReturnValue;value",
59+
"androidx.slice.builders;ListBuilder$RangeBuilder;false;setPrimaryAction;;;Argument[0];Argument[-1];taint",
60+
"androidx.slice.builders;ListBuilder$RangeBuilder;false;setPrimaryAction;;;Argument[-1];ReturnValue;value",
61+
"androidx.slice.builders;ListBuilder$RangeBuilder;false;setSubtitle;;;Argument[-1];ReturnValue;value",
62+
"androidx.slice.builders;ListBuilder$RangeBuilder;false;setTitle;;;Argument[-1];ReturnValue;value",
63+
"androidx.slice.builders;ListBuilder$RangeBuilder;false;setTitleItem;;;Argument[-1];ReturnValue;value",
64+
"androidx.slice.builders;ListBuilder$RangeBuilder;false;setValue;;;Argument[-1];ReturnValue;value",
65+
"androidx.slice.builders;ListBuilder$RatingBuilder;false;setContentDescription;;;Argument[-1];ReturnValue;value",
66+
"androidx.slice.builders;ListBuilder$RatingBuilder;false;setInputAction;(PendingIntent);;Argument[0];Argument[-1];taint",
67+
"androidx.slice.builders;ListBuilder$RatingBuilder;false;setInputAction;;;Argument[-1];ReturnValue;value",
68+
"androidx.slice.builders;ListBuilder$RatingBuilder;false;setMax;;;Argument[-1];ReturnValue;value",
69+
"androidx.slice.builders;ListBuilder$RatingBuilder;false;setMin;;;Argument[-1];ReturnValue;value",
70+
"androidx.slice.builders;ListBuilder$RatingBuilder;false;setPrimaryAction;;;Argument[0];Argument[-1];taint",
71+
"androidx.slice.builders;ListBuilder$RatingBuilder;false;setPrimaryAction;;;Argument[-1];ReturnValue;value",
72+
"androidx.slice.builders;ListBuilder$RatingBuilder;false;setSubtitle;;;Argument[-1];ReturnValue;value",
73+
"androidx.slice.builders;ListBuilder$RatingBuilder;false;setTitle;;;Argument[-1];ReturnValue;value",
74+
"androidx.slice.builders;ListBuilder$RatingBuilder;false;setTitleItem;;;Argument[-1];ReturnValue;value",
75+
"androidx.slice.builders;ListBuilder$RatingBuilder;false;setValue;;;Argument[-1];ReturnValue;value",
76+
"androidx.slice.builders;ListBuilder$RowBuilder;false;addEndItem;(SliceAction,boolean);;Argument[0];Argument[-1];taint",
77+
"androidx.slice.builders;ListBuilder$RowBuilder;false;addEndItem;(SliceAction);;Argument[0];Argument[-1];taint",
78+
"androidx.slice.builders;ListBuilder$RowBuilder;false;addEndItem;;;Argument[-1];ReturnValue;value",
79+
"androidx.slice.builders;ListBuilder$RowBuilder;false;setContentDescription;;;Argument[-1];ReturnValue;value",
80+
"androidx.slice.builders;ListBuilder$RowBuilder;false;setEndOfSection;;;Argument[-1];ReturnValue;value",
81+
"androidx.slice.builders;ListBuilder$RowBuilder;false;setLayoutDirection;;;Argument[-1];ReturnValue;value",
82+
"androidx.slice.builders;ListBuilder$RowBuilder;false;setPrimaryAction;;;Argument[0];Argument[-1];taint",
83+
"androidx.slice.builders;ListBuilder$RowBuilder;false;setPrimaryAction;;;Argument[-1];ReturnValue;value",
84+
"androidx.slice.builders;ListBuilder$RowBuilder;false;setSubtitle;;;Argument[-1];ReturnValue;value",
85+
"androidx.slice.builders;ListBuilder$RowBuilder;false;setTitle;;;Argument[-1];ReturnValue;value",
86+
"androidx.slice.builders;ListBuilder$RowBuilder;false;setTitleItem;(SliceAction);;Argument[0];Argument[-1];taint",
87+
"androidx.slice.builders;ListBuilder$RowBuilder;false;setTitleItem;(SliceAction,boolean);;Argument[0];Argument[-1];taint",
88+
"androidx.slice.builders;ListBuilder$RowBuilder;false;setTitleItem;;;Argument[-1];ReturnValue;value",
89+
"androidx.slice.builders;SliceAction;false;create;(PendingIntent,IconCompat,int,CharSequence);;Argument[0];ReturnValue;taint",
90+
"androidx.slice.builders;SliceAction;false;createDeeplink;(PendingIntent,IconCompat,int,CharSequence);;Argument[0];ReturnValue;taint",
91+
"androidx.slice.builders;SliceAction;false;createToggle;(PendingIntent,CharSequence,boolean);;Argument[0];ReturnValue;taint",
92+
"androidx.slice.builders;SliceAction;false;getAction;;;Argument[-1];ReturnValue;taint",
93+
"androidx.slice.builders;SliceAction;false;setChecked;;;Argument[-1];ReturnValue;value",
94+
"androidx.slice.builders;SliceAction;false;setContentDescription;;;Argument[-1];ReturnValue;value",
95+
"androidx.slice.builders;SliceAction;false;setPriority;;;Argument[-1];ReturnValue;value"
96+
]
97+
}
98+
}
99+
100+
private class SliceProviderSourceModels extends SourceModelCsv {
101+
override predicate row(string row) {
102+
row =
103+
[
104+
"androidx.slice;SliceProvider;true;onBindSlice;;;Parameter[0];contentprovider",
105+
"androidx.slice;SliceProvider;true;onCreatePermissionRequest;;;Parameter[0];contentprovider",
106+
"androidx.slice;SliceProvider;true;onMapIntentToUri;;;Parameter[0];contentprovider",
107+
"androidx.slice;SliceProvider;true;onSlicePinned;;;Parameter[0];contentprovider",
108+
"androidx.slice;SliceProvider;true;onSliceUnpinned;;;Parameter[0];contentprovider"
109+
]
110+
}
111+
}

java/ql/test/library-tests/frameworks/android/slice/AndroidManifest.xml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
<?xml version="1.0" encoding="utf-8"?>
2+
<manifest
3+
xmlns:android="http://schemas.android.com/apk/res/android"
4+
android:versionCode="1"
5+
android:versionName="1.0"
6+
package="com.example.app">
7+
8+
<application
9+
android:allowBackup="true"
10+
android:icon="@mipmap/ic_launcher"
11+
android:roundIcon="@mipmap/ic_launcher_round"
12+
android:label="@string/app_name"
13+
android:supportsRtl="true"
14+
android:theme="@style/AppTheme">
15+
16+
<activity
17+
android:name=".MainActivity"
18+
android:icon="@drawable/ic_launcher"
19+
android:label="@string/app_name">
20+
<intent-filter>
21+
<action android:name="android.intent.action.MAIN" />
22+
<category android:name="android.intent.category.LAUNCHER" />
23+
</intent-filter>
24+
</activity>
25+
26+
<provider
27+
android:name=".TestSources"
28+
android:authority="com.example.myapp.Test"
29+
android:exported="true" />
30+
31+
</application>
32+
</manifest>

0 commit comments

Comments
 (0)