Add missing QLDocs

egregius313 · egregius313 · commit 10cd6328dc68 · 2023-03-08T12:12:11.000-05:00
diff --git a/java/ql/src/Security/CWE/CWE-094/ArbitraryAPKInstallation.ql b/java/ql/src/Security/CWE/CWE-094/ArbitraryAPKInstallation.ql
@@ -23,6 +23,7 @@ class PackageArchiveMimeTypeLiteral extends StringLiteral {
   PackageArchiveMimeTypeLiteral() { this.getValue() = "application/vnd.android.package-archive" }
 }
 
+/** The `android.content.Intent.ACTION_INSTALL_PACKAGE` constant. */
 class InstallPackageAction extends Expr {
   InstallPackageAction() {
     this.(StringLiteral).getValue() = "android.intent.action.INSTALL_PACKAGE"
@@ -110,13 +111,20 @@ class ApkConfiguration extends DataFlow::Configuration {
   }
 }
 
+/** The `setAction` method of the `android.content.Intent` class. */
 class SetActionMethod extends Method {
   SetActionMethod() {
     this.hasName("setAction") and
     this.getDeclaringType() instanceof TypeIntent
   }
 }
 
+/**
+ * A dataflow configuration tracking the flow from the `android.content.Intent.ACTION_INSTALL_PACKAGE`
+ * constant to either the constructor of an intent or the `setAction` method of an intent.
+ *
+ * This is used to track if an intent is used to install an APK.
+ */
 private class InstallPackageActionConfiguration extends TaintTracking3::Configuration {
   InstallPackageActionConfiguration() { this = "InstallPackageActionConfiguration" }
 

Original file line number	Diff line number	Diff line change
`@@ -23,6 +23,7 @@ class PackageArchiveMimeTypeLiteral extends StringLiteral {`
`23`	`23`	`PackageArchiveMimeTypeLiteral() { this.getValue() = "application/vnd.android.package-archive" }`
`24`	`24`	`}`
`25`	`25`
	`26`	+/** The `android.content.Intent.ACTION_INSTALL_PACKAGE` constant. */
`26`	`27`	`class InstallPackageAction extends Expr {`
`27`	`28`	`InstallPackageAction() {`
`28`	`29`	`this.(StringLiteral).getValue() = "android.intent.action.INSTALL_PACKAGE"`
`@@ -110,13 +111,20 @@ class ApkConfiguration extends DataFlow::Configuration {`
`110`	`111`	`}`
`111`	`112`	`}`
`112`	`113`
	`114`	+/** The `setAction` method of the `android.content.Intent` class. */
`113`	`115`	`class SetActionMethod extends Method {`
`114`	`116`	`SetActionMethod() {`
`115`	`117`	`this.hasName("setAction") and`
`116`	`118`	`this.getDeclaringType() instanceof TypeIntent`
`117`	`119`	`}`
`118`	`120`	`}`
`119`	`121`
	`122`	`+/**`
	`123`	+ * A dataflow configuration tracking the flow from the `android.content.Intent.ACTION_INSTALL_PACKAGE`
	`124`	+ * constant to either the constructor of an intent or the `setAction` method of an intent.
	`125`	`+ *`
	`126`	`+ * This is used to track if an intent is used to install an APK.`
	`127`	`+ */`
`120`	`128`	`private class InstallPackageActionConfiguration extends TaintTracking3::Configuration {`
`121`	`129`	`InstallPackageActionConfiguration() { this = "InstallPackageActionConfiguration" }`
`122`	`130`