Improve ExplicitIntent's QLDoc

Author: atorralba

java/ql/lib/semmle/code/java/frameworks/android/Intent.qll

@@ -87,7 +87,17 @@ class AndroidBundle extends Class {
   AndroidBundle() { this.getASupertype*().hasQualifiedName("android.os", "BaseBundle") }
 }
 
-/** An `Intent` that explicitly sets a destination component. */
+/**
+ * An `Intent` that explicitly sets a destination component.
+ *
+ * The `Intent` is not considered explicit if a `null` value ever flows to the destination
+ * component, even if only conditionally.
+ *
+ * For example, in the following code, `intent` is not considered an `ExplicitIntent`:
+ * ```java
+ * intent.setClass(condition ? null : "MyClass");
+ * ```
+ */
 class ExplicitIntent extends Expr {
   ExplicitIntent() {
     exists(MethodAccess ma, Method m |

java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll

@@ -94,9 +94,10 @@ private class MutablePendingIntentFlowStep extends PendingIntentAsFieldAdditiona
       node2.asExpr() = pic and
       flagArg = pic.getFlagsArg()
     |
-      // We err on the side of false positives here, assuming a PendingIntent may be mutable unless it is at
-      // least sometimes explicitly marked immutable and never marked mutable.
-      // Note for API level < 31, PendingIntents were mutable by default, whereas since then they are immutable by default.
+      // We err on the side of false positives here, assuming a PendingIntent may be mutable
+      // unless it is at least sometimes explicitly marked immutable and never marked mutable.
+      // Note: for API level < 31, PendingIntents were mutable by default, whereas since then
+      // they are immutable by default.
       not TaintTracking::localExprTaint(any(ImmutablePendingIntentFlag flag).getAnAccess(), flagArg)
       or
       TaintTracking::localExprTaint(any(MutablePendingIntentFlag flag).getAnAccess(), flagArg)