CodeQL library for Java
codeql/java-all 0.4.4 (changelog, source)
Search

Module FragmentInjection

Provides classes and predicates to reason about Android Fragment injection vulnerabilities.

Import path

import semmle.code.java.security.FragmentInjection

Imports

java

Provides all default Java QL imports.

Classes

FragmentInjectionAdditionalTaintStep

An additional taint step for flows related to Fragment injection vulnerabilites.

FragmentInjectionSink

A sink for Fragment injection vulnerabilities, that is, method calls that dynamically add fragments to activities.

IsValidFragmentMethod

The method isValidFragment of the class android.preference.PreferenceActivity.