Add tests

Author: joefarebrother

java/ql/test/query-tests/security/CWE-489/webview-debugging/Test.java

@@ -0,0 +1,23 @@
+import android.webkit.WebView;
+
+class Test {
+    boolean DEBUG_BUILD;
+
+    void test1() {
+        WebView.setWebContentsDebuggingEnabled(true); // $hasValueFlow
+    }
+
+    void test2(){
+        if (DEBUG_BUILD) {
+            WebView.setWebContentsDebuggingEnabled(true); 
+        }
+    }
+
+    void test3(boolean enabled){
+        WebView.setWebContentsDebuggingEnabled(enabled); // $hasValueFlow
+    }
+
+    void test4(){
+        test3(true);
+    }
+}

java/ql/test/query-tests/security/CWE-489/webview-debugging/WebviewDebuggingEnabled.expected

@@ -0,0 +1,11 @@
+import java
+import TestUtilities.InlineFlowTest
+import semmle.code.java.security.WebviewDubuggingEnabledQuery
+
+class HasFlowTest extends InlineFlowTest {
+  override DataFlow::Configuration getTaintFlowConfig() { none() }
+
+  override DataFlow::Configuration getValueFlowConfig() {
+    result = any(WebviewDebugEnabledConfig c)
+  }
+}

java/ql/test/query-tests/security/CWE-489/webview-debugging/WebviewDebuggingEnabled.ql

@@ -0,0 +1 @@
+//semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/google-android-9.0.0