add initial framework for service and receiver test cases

Author: Jami Cogswell

java/ql/lib/semmle/code/java/frameworks/android/DeepLink.qll

@@ -22,7 +22,7 @@ private import semmle.code.xml.AndroidManifest
 // ! experimental - make a DeepLink step that combine Activity, Service, Receiver, etc.
 private class DeepLinkIntentStep extends AdditionalValueStep {
   // DeepLinkIntentStep() {
-  //   this instanceof StartActivityIntentStep_ContextAndActivity or
+  //   this instanceof StartActivityIntentStep or
   //   this instanceof SendBroadcastReceiverIntentStep or
   //   this instanceof StartServiceIntentStep
   // }

java/ql/test/library-tests/frameworks/android/deeplink/Test.java

@@ -1,72 +1,5 @@
-
-// !!! From AsyncTask, update for DeepLinks... !!!
-
-import android.os.AsyncTask;
-
+// ! adding tests in `intent` directory instead for now
 public class Test {
 
-    private static Object source(String kind) {
-        return null;
-    }
-
-    private static void sink(Object o) {}
-
-    public void test() {
-        TestAsyncTask t = new TestAsyncTask();
-        t.execute(source("execute"), null);
-        t.executeOnExecutor(null, source("executeOnExecutor"), null);
-        SafeAsyncTask t2 = new SafeAsyncTask();
-        t2.execute("safe");
-        TestConstructorTask t3 = new TestConstructorTask(source("constructor"), "safe");
-        t3.execute(source("params"));
-    }
-
-    private class TestAsyncTask extends AsyncTask<Object, Object, Object> {
-        @Override
-        protected Object doInBackground(Object... params) {
-            sink(params[0]); // $ hasTaintFlow=execute hasTaintFlow=executeOnExecutor
-            sink(params[1]); // $ SPURIOUS: hasTaintFlow=execute hasTaintFlow=executeOnExecutor
-            return null;
-        }
-    }
-
-    private class SafeAsyncTask extends AsyncTask<Object, Object, Object> {
-        @Override
-        protected Object doInBackground(Object... params) {
-            sink(params[0]); // Safe
-            return null;
-        }
-    }
-
-    static class TestConstructorTask extends AsyncTask<Object, Object, Object> {
-        private Object field;
-        private Object safeField;
-        private Object initField;
-        {
-            initField = Test.source("init");
-        }
-
-        public TestConstructorTask(Object field, Object safeField) {
-            this.field = field;
-            this.safeField = safeField;
-        }
-
-        @Override
-        protected Object doInBackground(Object... params) {
-            sink(params[0]); // $ hasTaintFlow=params
-            sink(field); // $ hasValueFlow=constructor
-            sink(safeField); // Safe
-            sink(initField); // $ hasValueFlow=init
-            return params[0];
-        }
-
-        @Override
-        protected void onPostExecute(Object param) {
-            sink(param); // $ hasTaintFlow=params
-            sink(field); // $ hasValueFlow=constructor
-            sink(safeField); // Safe
-            sink(initField); // $ hasValueFlow=init
-        }
 
-    }
 }

java/ql/test/library-tests/frameworks/android/intent/TestStartComponentToIntent.java

@@ -0,0 +1,56 @@
+import android.app.Activity;
+import android.app.Service;
+import android.content.BroadcastReceiver;
+import android.content.Context;
+import android.content.Intent;
+
+public class TestStartComponentToIntent {
+
+    static Object source() {
+        return null;
+    }
+
+    static void sink(Object sink) {}
+
+    public void testActivity(Context ctx) {
+        Intent intent = new Intent(null, SomeActivity.class);
+        intent.putExtra("data", (String) source());
+        ctx.startActivity(intent);
+    }
+
+    static class SomeActivity extends Activity {
+
+        public void testActivity() {
+            sink(getIntent().getStringExtra("data")); // $ hasValueFlow
+        }
+    }
+
+    // ! WIP
+     public void testService(Context ctx) {
+        Intent intent = new Intent(null, SomeService.class);
+        intent.putExtra("data", (String) source());
+        ctx.startService(intent);
+    }
+
+     public void testBroadcastReceiver(Context ctx) {
+        Intent intent = new Intent(null, SomeBroadcastReceiver.class);
+        intent.putExtra("data", (String) source());
+        ctx.sendBroadcast(intent);
+    }
+
+     static class SomeService extends Service {
+
+        public void test() {
+            // ! WIP
+            sink(getIntent().getStringExtra("data")); // $ hasValueFlow
+        }
+    }
+
+     static class SomeBroadcastReceiver extends BroadcastReceiver {
+
+        public void test() {
+            // ! WIP
+            sink(getIntent().getStringExtra("data")); // $ hasValueFlow
+        }
+    }
+}