bartek/esa-tool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

10: Add TelephonyManagerPlugin

Browse Source
This commit is contained in:
Bartłomiej Pluta
2019-04-17 11:30:10 +02:00
parent 716a6bc92c
commit 4277304e20
3 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/com/bartek/esa/core/di/PluginModule.java
View File

@@ -143,4 +143,10 @@ public class PluginModule {
public Plugin webViewPlugin(GlobMatcher globMatcher, XmlHelper xmlHelper) { public Plugin webViewPlugin(GlobMatcher globMatcher, XmlHelper xmlHelper) {
return new WebViewPlugin(globMatcher, xmlHelper); return new WebViewPlugin(globMatcher, xmlHelper);
} }
@Provides
@IntoSet
public Plugin telephonyManagerPlugin(GlobMatcher globMatcher, XmlHelper xmlHelper) {
return new TelephonyManagerPlugin(globMatcher, xmlHelper);
}
} }

26
src/main/java/com/bartek/esa/core/plugin/TelephonyManagerPlugin.java Normal file
View File

@@ -0,0 +1,26 @@
package com.bartek.esa.core.plugin;
import com.bartek.esa.core.archetype.JavaPlugin;
import com.bartek.esa.core.model.enumeration.Severity;
import com.bartek.esa.core.xml.XmlHelper;
import com.bartek.esa.file.matcher.GlobMatcher;
import com.github.javaparser.ast.CompilationUnit;
import com.github.javaparser.ast.expr.CastExpr;
import javax.inject.Inject;
public class TelephonyManagerPlugin extends JavaPlugin {
@Inject
public TelephonyManagerPlugin(GlobMatcher globMatcher, XmlHelper xmlHelper) {
super(globMatcher, xmlHelper);
}
@Override
public void run(CompilationUnit compilationUnit) {
compilationUnit.findAll(CastExpr.class).stream()
.filter(expr -> expr.getType().isClassOrInterfaceType())
.filter(expr -> expr.getType().asClassOrInterfaceType().getName().getIdentifier().equals("TelephonyManager"))
.forEach(expr -> addIssue(Severity.INFO, getLineNumberFromExpression(expr), expr.toString()));
}
}

4
src/main/resources/description.properties
View File

@@ -136,3 +136,7 @@ com.bartek.esa.core.plugin.WebViewPlugin.ALLOW_FILE_ACCESS=Access to file system
The WebView has granted access to private files. Loading content from untrusted source may effect with \n\ The WebView has granted access to private files. Loading content from untrusted source may effect with \n\
accessing private files by malicious site/application.\n\ accessing private files by malicious site/application.\n\
Consider disabling this option. Consider disabling this option.
com.bartek.esa.core.plugin.TelephonyManagerPlugin=Usage of TelephonyManager.\n\
The TelephonyManager service is detected to be used.\n\
Make sure that no sensitive data (like IMEI, phone number etc.) exits the application.