File tree Expand file tree Collapse file tree 1 file changed +11
-6
lines changed
java/ql/lib/semmle/code/java/security Expand file tree Collapse file tree 1 file changed +11
-6
lines changed Original file line number Diff line number Diff line change @@ -59,7 +59,7 @@ private module TextFieldTrackingConfig implements DataFlow::ConfigSig {
5959 predicate isSink ( DataFlow:: Node sink ) {
6060 exists ( SetTextCall call |
6161 sink .asExpr ( ) = call .getStringArgument ( ) and
62- not isMasked ( call )
62+ not setTextCallIsMasked ( call )
6363 )
6464 }
6565
@@ -68,13 +68,18 @@ private module TextFieldTrackingConfig implements DataFlow::ConfigSig {
6868 }
6969}
7070
71+ /** Holds if the given may be masked. */
72+ private predicate viewIsMasked ( AndroidLayoutXmlElement view ) {
73+ DataFlow:: localExprFlow ( getAUseOfViewWithId ( view .getId ( ) ) , any ( MaskCall mcall ) .getQualifier ( ) )
74+ }
75+
7176/** Holds if the qualifier of `call` is also called with a method that may mask the information displayed. */
72- private predicate isMasked ( SetTextCall call ) {
73- exists ( string id |
74- DataFlow:: localExprFlow ( getAUseOfViewWithId ( id ) , call .getQualifier ( ) ) and
75- DataFlow :: localExprFlow ( getAUseOfViewWithId ( id ) , any ( MaskCall mcall ) . getQualifier ( ) )
77+ private predicate setTextCallIsMasked ( SetTextCall call ) {
78+ exists ( AndroidLayoutXmlElement view |
79+ DataFlow:: localExprFlow ( getAUseOfViewWithId ( view . getId ( ) ) , call .getQualifier ( ) ) and
80+ viewIsMasked ( view . getParent * ( ) )
7681 )
7782}
7883
7984/** Taint tracking flow for sensitive data flowing to text fields. */
80- module TextFieldTracking = TaintTracking:: Global< NotificationTrackingConfig > ;
85+ module TextFieldTracking = TaintTracking:: Global< TextFieldTrackingConfig > ;
You can’t perform that action at this time.
0 commit comments