• CodeQL query help documentation »
• CodeQL query help for Java and Kotlin »

Leaking sensitive information through a ResultReceiver

ID: java/android/sensitive-result-receiver Kind: path-problem Security severity: 8.2 Severity: error Precision: medium Tags: - security - external/cwe/cwe-927 Query suites: - java-security-extended.qls - java-security-and-quality.qls 

Click to see the query in the CodeQL repository

If a ResultReceiver is obtained from an untrusted source, such as an Intent received by an exported component, do not send it sensitive data. Otherwise, the information may be leaked to a malicious application.

Recommendation

Do not send sensitive data to an untrusted ResultReceiver.

Example

In the following (bad) example, sensitive data is sent to an untrusted ResultReceiver.

// BAD: Sensitive data is sent to an untrusted result receiver  void bad(String password) {  Intent intent = getIntent();  ResultReceiver rec = intent.getParcelableExtra("Receiver");  Bundle b = new Bundle();  b.putCharSequence("pass", password);  rec.send(0, b);  } 

References

• Common Weakness Enumeration: CWE-927.

• © GitHub, Inc.
• Terms
• Privacy