Add tests

Author: joefarebrother

java/ql/test/query-tests/security/CWE-295/ImproperWebVeiwCertificateValidation/Test.java

@@ -0,0 +1,54 @@
+import android.webkit.WebViewClient;
+import android.webkit.WebView;
+import android.webkit.SslErrorHandler;
+import android.net.http.SslError;
+import android.net.http.SslCertificate;
+import android.app.AlertDialog;
+import android.content.DialogInterface;
+import android.app.Activity;
+
+class Test {
+    class A extends WebViewClient {
+        public void onReceivedSslError (WebView view, SslErrorHandler handler, SslError error) {
+            handler.proceed(); // $hasResult
+        }
+    }
+
+    interface Validator {
+        boolean isValid(SslCertificate cert);
+    }
+
+    class B extends WebViewClient {
+        Validator v;
+
+        public void onReceivedSslError (WebView view, SslErrorHandler handler, SslError error) {
+            if (this.v.isValid(error.getCertificate())) {
+                handler.proceed();
+            }
+            else {
+                handler.cancel();
+            }
+        } 
+    }
+
+    class C extends WebViewClient {
+        Activity activity;
+
+        public void onReceivedSslError (WebView view, SslErrorHandler handler, SslError error) {
+            new AlertDialog.Builder(activity).
+                        setTitle("SSL error").
+                        setMessage("SSL error. Connect anyway?").
+                        setPositiveButton("Yes", new DialogInterface.OnClickListener() {
+                            @Override
+                            public void onClick(DialogInterface dialog, int which) {
+                                handler.proceed();
+                            }
+                        }).setNegativeButton("No", new DialogInterface.OnClickListener() {
+                            @Override
+                            public void onClick(DialogInterface dialog, int which) {
+                                handler.cancel();
+                            }
+                        }).show();
+        }
+    }
+}

java/ql/test/query-tests/security/CWE-295/ImproperWebVeiwCertificateValidation/options

@@ -0,0 +1 @@
+// semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/google-android-9.0.0

java/ql/test/query-tests/security/CWE-295/ImproperWebVeiwCertificateValidation/test.expected

@@ -0,0 +1,19 @@
+import java
+import semmle.code.java.security.AndroidWebViewCertificateValidationQuery
+import TestUtilities.InlineExpectationsTest
+
+class WebViewTest extends InlineExpectationsTest {
+  WebViewTest() { this = "WebViewTest" }
+
+  override string getARelevantTag() { result = "hasResult" }
+
+  override predicate hasActualResult(Location location, string element, string tag, string value) {
+    exists(OnReceivedSslErrorMethod m |
+      trustsAllCerts(m) and
+      location = m.getLocation() and
+      element = m.toString() and
+      tag = "hasResult" and
+      value = ""
+    )
+  }
+}