(THIS CODING RULE OR GUIDELINE IS UNDER CONSTRUCTION)
A Pending Intent is an intent that can be given to another application for it to use later, see: [Android API 2013] class PendingIntent. The application receiving the pending intent can perform the operation(s) specified in the pending intent with the same permissions and the same identity as the application that produced the pending intent. Consequently, the pending intent should be built with care, and must always contain base intents that have the component name set explicitly to a component owned by the originating application. This ensures that the base intents are ultimately sent to appropriate locations and nowhere else. An implicit intent must never be included in a pending intent.
Noncompliant Code Example
This noncompliant code example shows an application that creates a pending intent containing an implicit intent.
TBD
An application could intercept the implicit intent and pass it on to an inappropriate location, while the intent originator would remain unaware that the intent had been intercepted.
Compliant Solution
In this compliant solution the pending intent contains an explicit intent that cannot be misdirected.
TBD
Risk Assessment
Passing an implicit intent to a pending intent could allow the intent to be misdirected, thereby leaking sensitive information and/or altering the data flow within an app.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DRD05-J | Medium | Probable | Medium | P8 | L2 |
Automated Detection
Automatic detection of the passing of an implicit intent to a pending intent is straightforward.