-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Java: query to detect implicitly exported Android components #9983
Conversation
fd3c8e7
to
acc4ef9
Compare
fcf929a
to
560b4ec
Compare
java/ql/lib/semmle/code/java/security/ImplicitlyExportedAndroidComponent.qll
Fixed
Show resolved
Hide resolved
0f4c43a
to
6e87589
Compare
java/ql/lib/change-notes/2022-08-09-android-manifest-new-class-and-predicates.md
Outdated
Show resolved
Hide resolved
java/ql/lib/change-notes/2022-08-09-android-manifest-new-class-and-predicates.md
Outdated
Show resolved
Hide resolved
7ec9209
to
0778051
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks good 😄
Added a couple of minor comments.
java/ql/lib/semmle/code/java/security/ImplicitlyExportedAndroidComponent.qll
Outdated
Show resolved
Hide resolved
java/ql/lib/semmle/code/java/security/ImplicitlyExportedAndroidComponent.qll
Outdated
Show resolved
Hide resolved
java/ql/src/Security/CWE/CWE-926/ImplicitlyExportedAndroidComponent.ql
Outdated
Show resolved
Hide resolved
c4c4894
to
bb1b135
Compare
👋 Hello, Docs Content first responder here! I have added this PR to our writer review board to be picked up to review in the next couple days! Thanks! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jcogs33 👋🏻 - this LGTM ✨
I have made a suggestion about the query description, but I leave it up to you whether you can find a better alternative.
java/ql/src/Security/CWE/CWE-926/ImplicitlyExportedAndroidComponent.ql
Outdated
Show resolved
Hide resolved
bb1b135
to
36535de
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good to go from an editorial perspective
…of in manifest elem
36535de
to
0136c75
Compare
This PR adds a query to detect implicitly exported components in
AndroidManifest.xml
files.