Apply suggestions from code review

egregius313 · jcogs33 · egregius313 · commit 8ec5b5b7fab2 · 2023-03-08T12:12:10.000-05:00
Co-authored-by: Jami &lt;57204504+jcogs33@users.noreply.github.com&gt;
diff --git a/java/ql/src/Security/CWE/CWE-094/ArbitraryAPKInstallation.qhelp b/java/ql/src/Security/CWE/CWE-094/ArbitraryAPKInstallation.qhelp
@@ -58,16 +58,16 @@
 
   <references>
     <li>
-      Intent.ACTION_INSTALL_PACKAGE: <a href="https://developer.android.com/reference/android/content/Intent#ACTION_INSTALL_PACKAGE"></a>.
+      Android Developers: <a href="https://developer.android.com/reference/android/content/Intent#ACTION_INSTALL_PACKAGE">Intent.ACTION_INSTALL_PACKAGE</a>.
     </li>
     <li>
-      Android Manifest Permission to Install Packages: <a href="https://developer.android.com/reference/android/Manifest.permission#REQUEST_INSTALL_PACKAGES"></a>.
+      Android Developers: <a href="https://developer.android.com/reference/android/Manifest.permission#REQUEST_INSTALL_PACKAGES">Manifest.permission.REQUEST_INSTALL_PACKAGES</a>.
     </li>
     <li>
-      PackageInstaller: <a href="https://developer.android.com/reference/android/content/pm/PackageInstaller"></a>.
+     Android Developers: <a href="https://developer.android.com/reference/android/content/pm/PackageInstaller">PackageInstaller</a>.
     </li>
     <li>
-      FileProvider: <a href="https://developer.android.com/reference/androidx/core/content/FileProvider"></a>.
+      Android Developers: <a href="https://developer.android.com/reference/androidx/core/content/FileProvider">FileProvider</a>.
     </li>
   </references>
 </qhelp>
diff --git a/java/ql/src/Security/CWE/CWE-094/ArbitraryAPKInstallation.ql b/java/ql/src/Security/CWE/CWE-094/ArbitraryAPKInstallation.ql
@@ -71,7 +71,7 @@ class SetDataSink extends DataFlow::ExprNode {
 /** A method that generates a URI. */
 class UriConstructorMethod extends Method {
   UriConstructorMethod() {
-    this.hasQualifiedName("android.net", "Uri", [/*"parse",*/ "fromFile", "fromParts"]) or
+    this.hasQualifiedName("android.net", "Uri", ["fromFile", "fromParts"]) or
     this.hasQualifiedName("androidx.core.content", "FileProvider", "getUriForFile")
   }
 }
diff --git a/java/ql/src/change-notes/2023-01-19-arbitrary-apk-installation.md b/java/ql/src/change-notes/2023-01-19-arbitrary-apk-installation.md
@@ -1,5 +1,5 @@
 ---
 category: newQuery
 ---
-* Added a new query `java/android/arbitrary-apk-installation` to detect installation of APKs from untrusted sources.
+* Added a new query, `java/android/arbitrary-apk-installation`, to detect installation of APKs from untrusted sources.
 

Original file line number	Diff line number	Diff line change
`@@ -71,7 +71,7 @@ class SetDataSink extends DataFlow::ExprNode {`
`71`	`71`	`/** A method that generates a URI. */`
`72`	`72`	`class UriConstructorMethod extends Method {`
`73`	`73`	`UriConstructorMethod() {`
`74`		`- this.hasQualifiedName("android.net", "Uri", [/"parse",/ "fromFile", "fromParts"]) or`
	`74`	`+ this.hasQualifiedName("android.net", "Uri", ["fromFile", "fromParts"]) or`
`75`	`75`	`this.hasQualifiedName("androidx.core.content", "FileProvider", "getUriForFile")`
`76`	`76`	`}`
`77`	`77`	`}`