1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-09 17:00:12 +01:00

Rewrite much of the source scanner

* Group apk, jar and zip files in the same case
* Use regex to support more patterns and be more flexible
* Only check for usual suspects in jar files (saves time)
* Also catch unknown zip-like files as warnings
This commit is contained in:
Daniel Martí 2014-04-15 23:33:54 +02:00
parent b92b722c6d
commit 8f0f896d91

View File

@ -1180,20 +1180,22 @@ def scan_source(build_dir, root_dir, thisbuild):
count = 0 count = 0
# Common known non-free blobs (always lower case): # Common known non-free blobs (always lower case):
usual_suspects = ['flurryagent', usual_suspects = [
'paypal_mpl', re.compile(r'flurryagent', re.IGNORECASE),
'libgoogleanalytics', re.compile(r'paypal.*mpl', re.IGNORECASE),
'admob-sdk-android', re.compile(r'libgoogleanalytics', re.IGNORECASE),
'googleadview', re.compile(r'admob.*sdk.*android', re.IGNORECASE),
'googleadmobadssdk', re.compile(r'googleadview', re.IGNORECASE),
'google-play-services', re.compile(r'googleadmobadssdk', re.IGNORECASE),
'crittercism', re.compile(r'google.*play.*services', re.IGNORECASE),
'heyzap', re.compile(r'crittercism', re.IGNORECASE),
'jpct-ae', re.compile(r'heyzap', re.IGNORECASE),
'youtubeandroidplayerapi', re.compile(r'jpct.*ae', re.IGNORECASE),
'bugsense', re.compile(r'youtubeandroidplayerapi', re.IGNORECASE),
'crashlytics', re.compile(r'bugsense', re.IGNORECASE),
'ouya-sdk'] re.compile(r'crashlytics', re.IGNORECASE),
re.compile(r'ouya.*sdk', re.IGNORECASE),
]
def getpaths(field): def getpaths(field):
paths = [] paths = []
@ -1266,33 +1268,44 @@ def scan_source(build_dir, root_dir, thisbuild):
if toignore(fd): if toignore(fd):
continue continue
for suspect in usual_suspects:
if suspect in curfile.lower():
count += handleproblem('usual supect', fd, fp)
mime = magic.from_file(fp, mime=True) if ms is None else ms.file(fp) mime = magic.from_file(fp, mime=True) if ms is None else ms.file(fp)
if mime == 'application/x-sharedlib': if mime == 'application/x-sharedlib':
count += handleproblem('shared library', fd, fp) count += handleproblem('shared library', fd, fp)
elif mime == 'application/x-archive': elif mime == 'application/x-archive':
count += handleproblem('static library', fd, fp) count += handleproblem('static library', fd, fp)
elif mime == 'application/x-executable': elif mime == 'application/x-executable':
count += handleproblem('binary executable', fd, fp) count += handleproblem('binary executable', fd, fp)
elif mime == 'application/x-java-applet': elif mime == 'application/x-java-applet':
count += handleproblem('Java compiled class', fd, fp) count += handleproblem('Java compiled class', fd, fp)
elif has_extension(fp, 'apk') and mime in (
elif mime in (
'application/jar', 'application/jar',
'application/zip',
):
removeproblem('APK file', fd, fp)
elif has_extension(fp, 'jar') and mime in (
'application/zip', 'application/zip',
'application/java-archive', 'application/java-archive',
'application/octet-stream',
'binary', 'binary',
): ):
if has_extension(fp, 'apk'):
removeproblem('APK file', fd, fp)
elif has_extension(fp, 'jar'):
if any(suspect.match(curfile) for suspect in usual_suspects):
count += handleproblem('usual supect', fd, fp)
else:
warnproblem('JAR file', fd) warnproblem('JAR file', fd)
elif mime == 'application/zip':
elif has_extension(fp, 'zip'):
warnproblem('ZIP file', fd) warnproblem('ZIP file', fd)
else:
warnproblem('unknown compressed or binary file', fd)
elif has_extension(fp, 'java'): elif has_extension(fp, 'java'):
for line in file(fp): for line in file(fp):
if 'DexClassLoader' in line: if 'DexClassLoader' in line: