Moved allowBackup query logic to allowsBackup pred

Author: egregius313

java/ql/lib/semmle/code/xml/AndroidManifest.qll

@@ -79,10 +79,20 @@ class AndroidApplicationXmlElement extends XmlElement {
    * https://developer.android.com/guide/topics/data/autobackup
    */
   predicate allowsBackup() {
-    not exists(AndroidXmlAttribute attr |
-      this.getAnAttribute() = attr and
-      attr.getName() = "allowBackup" and
-      attr.getValue() = "false"
+    not this.getFile().(AndroidManifestXmlFile).isInBuildDirectory() and
+    (
+      // explicitly sets android:allowBackup="true"
+      this.allowsBackupExplicitly()
+      or
+      // Manifest providing the main intent for an application, and does not explicitly
+      // disallow the allowBackup attribute
+      this.providesMainIntent() and
+      // Check that android:allowBackup="false" is not present
+      not exists(AndroidXmlAttribute attr |
+        this.getAnAttribute() = attr and
+        attr.getName() = "allowBackup" and
+        attr.getValue() = "false"
+      )
     )
   }
 
@@ -91,7 +101,7 @@ class AndroidApplicationXmlElement extends XmlElement {
    *
    * https://developer.android.com/guide/topics/data/autobackup
    */
-  predicate allowsBackupExplicitly() {
+  private predicate allowsBackupExplicitly() {
     exists(AndroidXmlAttribute attr |
       this.getAnAttribute() = attr and
       attr.getName() = "allowBackup" and
@@ -103,7 +113,7 @@ class AndroidApplicationXmlElement extends XmlElement {
    * Holds if the application element contains a child element which provides the
    * `android.intent.action.MAIN` intent.
    */
-  predicate providesMainIntent() {
+  private predicate providesMainIntent() {
     exists(AndroidActivityXmlElement activity |
       activity = this.getAChild() and
       exists(AndroidIntentFilterXmlElement intentFilter |

java/ql/src/Security/CWE/CWE-312/AllowBackupAttributeEnabled.ql

@@ -14,15 +14,5 @@ import java
 import semmle.code.xml.AndroidManifest
 
 from AndroidApplicationXmlElement androidAppElem
-where
-  not androidAppElem.getFile().(AndroidManifestXmlFile).isInBuildDirectory() and
-  (
-    // explicitly sets android:allowBackup=true
-    androidAppElem.allowsBackupExplicitly()
-    or
-    // Manifest providing the main intent for an application, and does not explicitly
-    // disallow the allowBackup attribute
-    androidAppElem.providesMainIntent() and
-    androidAppElem.allowsBackup()
-  )
+where androidAppElem.allowsBackup()
 select androidAppElem, "The 'android:allowBackup' attribute is enabled."