From d6ba0121b8237a8710a48f25af6b835e6d035f6b Mon Sep 17 00:00:00 2001
From: Shivasurya <s.shivasurya@gmail.com>
Date: Thu, 26 Sep 2024 11:04:03 -0400
Subject: [PATCH] added unencrypted socket connection detection rule

---
 .../java/UnEncryptedSocketConnection.cql          | 15 +++++++++++++++
 .../java/com/ivb/udacity/movieDetailActivity.java |  6 ++++++
 2 files changed, 21 insertions(+)
 create mode 100644 pathfinder-rules/java/UnEncryptedSocketConnection.cql

diff --git a/pathfinder-rules/java/UnEncryptedSocketConnection.cql b/pathfinder-rules/java/UnEncryptedSocketConnection.cql
new file mode 100644
index 00000000..5fb695ae
--- /dev/null
+++ b/pathfinder-rules/java/UnEncryptedSocketConnection.cql
@@ -0,0 +1,15 @@
+/**
+ * @name unencrypted-socket
+ * @description This socket is not encrypted. Use an SSLSocket created by SSLSocketFactory or SSLServerSocketFactory instead.
+ * @kind problem
+ * @id java/UnEncryptedSocketConnection
+ * @problem.severity warning
+ * @security-severity 3.1
+ * @precision medium
+ * @tags security
+ * external/cwe/cwe-319
+ */
+
+FROM ClassInstanceExpr AS cie
+WHERE cie.getClassInstanceExpr().GetClassName() == "Socket" || cie.getClassInstanceExpr().GetClassName() == "ServerSocket"
+SELECT cie.getName(), "This socket is not encrypted. Use an SSLSocket created by SSLSocketFactory or SSLServerSocketFactory instead"
\ No newline at end of file
diff --git a/test-src/android/app/src/main/java/com/ivb/udacity/movieDetailActivity.java b/test-src/android/app/src/main/java/com/ivb/udacity/movieDetailActivity.java
index dd4f997f..815ba30e 100644
--- a/test-src/android/app/src/main/java/com/ivb/udacity/movieDetailActivity.java
+++ b/test-src/android/app/src/main/java/com/ivb/udacity/movieDetailActivity.java
@@ -34,6 +34,12 @@ protected void onCreate(Bundle savedInstanceState) {
         // webview.javascriptEnabled();
         webview.getSettings().setJavaScriptEnabled(true);
 
+        Socket socket = new Socket("www.google.com", 80);
+
+        Socket socket = new Socket();
+
+        ServerSocket serverSocket = new ServerSocket(80);
+
         movieGeneralModal moviegeneralModal = (movieGeneralModal) intent.getSerializableExtra("DATA_MOVIE");
 
         if (savedInstanceState == null) {