Skip to content

Commit

Permalink
Merge pull request #15869 from egregius313/egregius313/java/fix/parce…
Browse files Browse the repository at this point in the history
…lfiledescriptor-open-sink

Java: Add path-injection sink for `ParcelFileDescriptor::open`
  • Loading branch information
egregius313 authored Mar 12, 2024
2 parents 863e3f7 + 76aeee2 commit d544899
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Added a `path-injection` sink for the `open` methods of the `android.os.ParcelFileDescriptor` class.
5 changes: 5 additions & 0 deletions java/ql/lib/ext/android.os.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -132,3 +132,8 @@ extensions:
- ["android.os", "Parcel", False, "readTypedList", "", "", "Argument[this]", "Argument[0]", "taint", "manual"]
- ["android.os", "Parcel", False, "readTypedObject", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["android.os", "Parcel", False, "readValue", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["android.os", "ParcelFileDescriptor", False, "open", "", "", "Argument[0]", "path-injection", "manual"]

0 comments on commit d544899

Please sign in to comment.