diff options
| author | Sebastian Porst <sporst@google.com> | 2012-06-15 16:07:43 -0700 |
|---|---|---|
| committer | Sebastian Porst <sporst@google.com> | 2012-06-15 16:07:43 -0700 |
| commit | e5aa2db8bcc4934005e4730862f95930b1eb3b84 (patch) | |
| tree | 30516c075f2d58d1fa52c3265bf3354d7e81d24f | |
| parent | fe01f623d81bcc8c53b6e31f581aaab2c28e5546 (diff) | |
| download | sdk-e5aa2db8bcc4934005e4730862f95930b1eb3b84.zip sdk-e5aa2db8bcc4934005e4730862f95930b1eb3b84.tar.gz sdk-e5aa2db8bcc4934005e4730862f95930b1eb3b84.tar.bz2 | |
Launcher activities are not flagged as unprotected anymore if they are not protected by permissions.
Change-Id: I4811757779ca8048cd84f51173d8325d9f4af3d7
| -rw-r--r-- | lint/libs/lint_checks/src/com/android/tools/lint/checks/SecurityDetector.java | 21 | ||||
| -rw-r--r-- | lint/libs/lint_checks/tests/src/com/android/tools/lint/checks/data/exportactivity1.xml | 9 |
2 files changed, 29 insertions, 1 deletions
diff --git a/lint/libs/lint_checks/src/com/android/tools/lint/checks/SecurityDetector.java b/lint/libs/lint_checks/src/com/android/tools/lint/checks/SecurityDetector.java index 0e802b8..5299ff7 100644 --- a/lint/libs/lint_checks/src/com/android/tools/lint/checks/SecurityDetector.java +++ b/lint/libs/lint_checks/src/com/android/tools/lint/checks/SecurityDetector.java @@ -19,6 +19,7 @@ package com.android.tools.lint.checks; import static com.android.tools.lint.detector.api.LintConstants.ANDROID_MANIFEST_XML; import static com.android.tools.lint.detector.api.LintConstants.ANDROID_URI; import static com.android.tools.lint.detector.api.LintConstants.ATTR_EXPORTED; +import static com.android.tools.lint.detector.api.LintConstants.ATTR_NAME; import static com.android.tools.lint.detector.api.LintConstants.ATTR_PATH; import static com.android.tools.lint.detector.api.LintConstants.ATTR_PATH_PATTERN; import static com.android.tools.lint.detector.api.LintConstants.ATTR_PATH_PREFIX; @@ -249,8 +250,26 @@ public class SecurityDetector extends Detector implements Detector.XmlScanner, return false; } + private boolean isLauncher(Element element) { + // Checks whether an element is a launcher activity. + for (Element child : LintUtils.getChildren(element)) { + if (child.getTagName().equals(TAG_INTENT_FILTER)) { + for (Element innerChild: LintUtils.getChildren(child)) { + if (innerChild.getTagName().equals("category")) { //$NON-NLS-1$ + String categoryString = innerChild.getAttributeNS(ANDROID_URI, ATTR_NAME); + return "android.intent.category.LAUNCHER".equals(categoryString); //$NON-NLS-1$ + } + } + } + } + + return false; + } + private void checkActivity(XmlContext context, Element element) { - if (getExported(element) && isUnprotectedByPermission(element)) { + // Do not flag launch activities. Even if not explicitly exported, it's + // safe to assume that those activities should be exported. + if (getExported(element) && isUnprotectedByPermission(element) && !isLauncher(element)) { // No declared permission for this exported activity: complain context.report(EXPORTED_ACTIVITY, element, context.getLocation(element), "Exported activity does not require permission", null); diff --git a/lint/libs/lint_checks/tests/src/com/android/tools/lint/checks/data/exportactivity1.xml b/lint/libs/lint_checks/tests/src/com/android/tools/lint/checks/data/exportactivity1.xml index 46d5efb..0fc80f3 100644 --- a/lint/libs/lint_checks/tests/src/com/android/tools/lint/checks/data/exportactivity1.xml +++ b/lint/libs/lint_checks/tests/src/com/android/tools/lint/checks/data/exportactivity1.xml @@ -17,6 +17,15 @@ </action> </intent-filter> </activity> + <activity + android:label="@string/app_name" + android:name="com.sample.service.mainClass" > + <intent-filter > + <action android:name="com.sample.service.mainClass" > + </action> + <category android:name="android.intent.category.LAUNCHER" /> + </intent-filter> + </activity> </application> </manifest> |