1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-09-17 10:40:12 +02:00

scanner: improve usual suspect output

This commit is contained in:
Daniel Martí 2015-09-16 17:13:54 -07:00
parent d155648a01
commit da2a4f2cf5

View File

@ -38,23 +38,30 @@ def scan_source(build_dir, root_dir, thisbuild):
count = 0 count = 0
# Common known non-free blobs (always lower case): # Common known non-free blobs (always lower case):
usual_suspects = [ usual_suspects = {
re.compile(r'.*flurryagent', re.IGNORECASE), exp: re.compile(r'.*' + exp, re.IGNORECASE) for exp in [
re.compile(r'.*paypal.*mpl', re.IGNORECASE), r'flurryagent',
re.compile(r'.*google.*analytics', re.IGNORECASE), r'paypal.*mpl',
re.compile(r'.*admob.*sdk.*android', re.IGNORECASE), r'google.*analytics',
re.compile(r'.*google.*ad.*view', re.IGNORECASE), r'admob.*sdk.*android',
re.compile(r'.*google.*admob', re.IGNORECASE), r'google.*ad.*view',
re.compile(r'.*google.*play.*services', re.IGNORECASE), r'google.*admob',
re.compile(r'.*crittercism', re.IGNORECASE), r'google.*play.*services',
re.compile(r'.*heyzap', re.IGNORECASE), r'crittercism',
re.compile(r'.*jpct.*ae', re.IGNORECASE), r'heyzap',
re.compile(r'.*youtube.*android.*player.*api', re.IGNORECASE), r'jpct.*ae',
re.compile(r'.*bugsense', re.IGNORECASE), r'youtube.*android.*player.*api',
re.compile(r'.*crashlytics', re.IGNORECASE), r'bugsense',
re.compile(r'.*ouya.*sdk', re.IGNORECASE), r'crashlytics',
re.compile(r'.*libspen23', re.IGNORECASE), r'ouya.*sdk',
] r'libspen23',
]
}
def suspects_found(s):
for n, r in usual_suspects.iteritems():
if r.match(s):
yield n
scanignore = common.getpaths(build_dir, thisbuild, 'scanignore') scanignore = common.getpaths(build_dir, thisbuild, 'scanignore')
scandelete = common.getpaths(build_dir, thisbuild, 'scandelete') scandelete = common.getpaths(build_dir, thisbuild, 'scandelete')
@ -133,10 +140,9 @@ def scan_source(build_dir, root_dir, thisbuild):
removeproblem('APK file', fd, fp) removeproblem('APK file', fd, fp)
elif ext == 'jar': elif ext == 'jar':
if any(suspect.match(curfile) for suspect in usual_suspects): for name in suspects_found(curfile):
count += handleproblem('usual supect', fd, fp) count += handleproblem('usual supect \'%s\'' % name, fd, fp)
else: warnproblem('JAR file', fd)
warnproblem('JAR file', fd)
elif ext == 'java': elif ext == 'java':
if not os.path.isfile(fp): if not os.path.isfile(fp):
@ -151,9 +157,8 @@ def scan_source(build_dir, root_dir, thisbuild):
continue continue
for i, line in enumerate(file(fp)): for i, line in enumerate(file(fp)):
i = i + 1 i = i + 1
if any(suspect.match(line) for suspect in usual_suspects): for name in suspects_found(line):
count += handleproblem('usual suspect at line %d' % i, fd, fp) count += handleproblem('usual supect \'%s\' at line %d' % (name, i), fd, fp)
break
# These files are often found - avoid checking if they are binary # These files are often found - avoid checking if they are binary
# to speed up the scanner # to speed up the scanner