Follow taint across getExtras without qualifier

Author: smowton

java/ql/src/semmle/code/java/dataflow/FlowSources.qll

@@ -308,16 +308,18 @@ class ReverseDNSMethod extends Method {
 /** Exported Android `Intent` that may have come from a hostile application. */
 class AndroidIntentInput extends RemoteFlowSource {
   AndroidIntentInput() {
-    this.getEnclosingCallable().getDeclaringType().(AndroidComponent).isExported() and
-    (
+    exists(AndroidComponent exportedType |
+      exportedType.isExported() |
       exists(MethodAccess ma, AndroidGetIntentMethod m |
         ma.getMethod().overrides*(m) and
-        this.asExpr() = ma
+        this.asExpr() = ma and
+        exportedType = ma.getReceiverType()
       )
       or
       exists(Method m, AndroidReceiveIntentMethod rI |
         m.overrides*(rI) and
-        this.asParameter() = m.getParameter(1)
+        this.asParameter() = m.getParameter(1) and
+        exportedType = m.getDeclaringType()
       )
     )
   }