Skip to content

Commit 9eb4cda

Browse files
atorralbaatorralba
committed
Fix qhelp and formatting
1 parent 031fa21 commit 9eb4cda

File tree

2 files changed

+9
-12
lines changed

2 files changed

+9
-12
lines changed

java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.qhelp

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,12 +7,12 @@
77
</overview>
88
<recommendation>
99
<p>Do not export compontents that start other components from a user-provided Intent.
10-
They can be made private by setting the `android:exported` property to `false` in the app's Android Manifest.</p>
10+
They can be made private by setting the <code>android:exported</code> property to <code>false</code> in the app's Android Manifest.</p>
1111
<p>If this is not possible, restrict either which apps can send Intents to the affected component, or which components can be started from it.</p>
1212
</recommendation>
1313
<example>
1414
<p>The following snippet contains two examples.
15-
In the first example, an arbitrary component can be started from the externally provided `forward_intent` Intent.
15+
In the first example, an arbitrary component can be started from the externally provided <code>forward_intent</code> Intent.
1616
In the second example, the destination component of the Intent is first checked to make sure it is safe.</p>
1717
<sample src="AndroidIntentRedirectionSample.java" />
1818
</example>
@@ -27,7 +27,7 @@
2727
</li>
2828
<li>
2929
Android Developers:
30-
<a href="https://developer.android.com/guide/topics/manifest/activity-element#exported">The `android:exported` attribute</a>.
30+
<a href="https://developer.android.com/guide/topics/manifest/activity-element#exported">The android:exported attribute</a>.
3131
</li>
3232
</references>
3333
</qhelp>

java/ql/test/query-tests/security/CWE-940/AndroidIntentRedirectionTest.java

Lines changed: 6 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@
88
public class AndroidIntentRedirectionTest extends Activity {
99

1010
public void onCreate(Bundle savedInstanceState) {
11+
// @formatter:off
1112
{
1213
Intent intent = (Intent) getIntent().getParcelableExtra("forward_intent");
1314
startActivities(new Intent[] {intent}); // $ hasAndroidIntentRedirection
@@ -17,13 +18,11 @@ public void onCreate(Bundle savedInstanceState) {
1718
startActivityAsUser(intent, null); // $ hasAndroidIntentRedirection
1819
startActivityAsUser(intent, null, null); // $ hasAndroidIntentRedirection
1920
startActivityAsCaller(intent, null, false, 0); // $ hasAndroidIntentRedirection
20-
startActivityAsUserFromFragment(null, intent, 0, null, null); // $
21-
// hasAndroidIntentRedirection
21+
startActivityAsUserFromFragment(null, intent, 0, null, null); // $ hasAndroidIntentRedirection
2222
startActivityForResult(intent, 0); // $ hasAndroidIntentRedirection
2323
startActivityForResult(intent, 0, null); // $ hasAndroidIntentRedirection
2424
startActivityForResult(null, intent, 0, null); // $ hasAndroidIntentRedirection
25-
startActivityForResultAsUser(intent, null, 0, null, null); // $
26-
// hasAndroidIntentRedirection
25+
startActivityForResultAsUser(intent, null, 0, null, null); // $ hasAndroidIntentRedirection
2726
startActivityForResultAsUser(intent, 0, null, null); // $ hasAndroidIntentRedirection
2827
startActivityForResultAsUser(intent, 0, null); // $ hasAndroidIntentRedirection
2928
}
@@ -46,11 +45,9 @@ public void onCreate(Bundle savedInstanceState) {
4645
sendStickyBroadcast(intent); // $ hasAndroidIntentRedirection
4746
sendStickyBroadcastAsUser(intent, null); // $ hasAndroidIntentRedirection
4847
sendStickyBroadcastAsUser(intent, null, null); // $ hasAndroidIntentRedirection
49-
sendStickyOrderedBroadcast(intent, null, null, 0, null, null); // $
50-
// hasAndroidIntentRedirection
51-
sendStickyOrderedBroadcastAsUser(intent, null, null, null, 0, null, null); // $
52-
// hasAndroidIntentRedirection
48+
sendStickyOrderedBroadcast(intent, null, null, 0, null, null); // $ hasAndroidIntentRedirection
49+
sendStickyOrderedBroadcastAsUser(intent, null, null, null, 0, null, null); // $ hasAndroidIntentRedirection
5350
}
54-
51+
// @formatter:on
5552
}
5653
}

0 commit comments

Comments
 (0)