From 95389e68cf5f12fa18c92daf737157ec6b3c97b5 Mon Sep 17 00:00:00 2001 From: Riya Date: Thu, 14 Dec 2023 20:31:43 +0530 Subject: [PATCH 1/2] Add compliant and noncompliant examples of java/device-permission-usage@v1.0 --- .../DevicePermissionUsage.java | 62 +++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 src/java/detectors/device_permission_usage/DevicePermissionUsage.java diff --git a/src/java/detectors/device_permission_usage/DevicePermissionUsage.java b/src/java/detectors/device_permission_usage/DevicePermissionUsage.java new file mode 100644 index 0000000..c14abfd --- /dev/null +++ b/src/java/detectors/device_permission_usage/DevicePermissionUsage.java @@ -0,0 +1,62 @@ +/* + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0 + */ + +package detectors.device_permission_usage; + +import android.media.MediaPlayer; +import android.bluetooth.BluetoothAdapter; +import android.content.ContentResolver; +import android.database.Cursor; +import android.net.Uri; +import android.media.MediaRecorder; +import java.io.File; +import android.widget.SeekBar; +import android.widget.SeekBar.OnSeekBarChangeListener; +import java.lang.Math; + + +public class DevicePermissionUsage { + + // {fact rule=device-permission-usage@v1.0 defects=1} + public void devicePermissionUsageNoncompliant() { + File song = new File(getString(R.string.song_path)); + MediaPlayer mediaPlayer = MediaPlayer.create(this, Uri.fromFile(song)); + mediaPlayer.setLooping(true); + seekBar = (SeekBar) findViewById(R.id.seek_bar); + seekBar.setMax(mediaPlayer.getDuration()); + seekBar.setOnSeekBarChangeListener(new OnSeekBarChangeListener() { + @Override + public void onStartTrackingTouch(final SeekBar seekBar) { + } + + @Override + public void onStopTrackingTouch(final SeekBar seekBar) { + } + + @Override + public void onProgressChanged(final SeekBar seekBar, final int progress, final boolean fromUser) { + if (fromUser) { + final int ms = Math.max(progress, 0); + mediaPlayer.seekTo(ms); + setPosition(ms); + } + } + }); + // Noncompliant: The call to method android.media.MediaPlayer.start triggers an OS-level permission (media) request directly. + mediaPlayer.start(); + } + // {/fact} + + // {fact rule=device-permission-usage@v1.0 defects=0} + public void devicePermissionUsageCompliant() { + File song = new File(getString(R.string.song_path)); + // Compliant: The call to method android.media.MediaPlayer.start does not trigger an OS-level permission (media) request directly. + MediaPlayer mediaPlayer = MediaPlayer.create(this, Uri.fromFile(song)); + mediaPlayer.setLooping(true); + seekBar = (SeekBar) findViewById(R.id.seek_bar); + seekBar.setMax(mediaPlayer.getDuration()); + } + // {/fact} +} From 4d6e298081bf8242fe91be79f16177aab6ecabca Mon Sep 17 00:00:00 2001 From: Riya Date: Thu, 14 Dec 2023 20:41:25 +0530 Subject: [PATCH 2/2] Add compliant and noncompliant examples of java/device-permission-usage@v1.0 --- .../DevicePermissionUsage.java | 60 +++++++------------ 1 file changed, 20 insertions(+), 40 deletions(-) diff --git a/src/java/detectors/device_permission_usage/DevicePermissionUsage.java b/src/java/detectors/device_permission_usage/DevicePermissionUsage.java index c14abfd..8c57e76 100644 --- a/src/java/detectors/device_permission_usage/DevicePermissionUsage.java +++ b/src/java/detectors/device_permission_usage/DevicePermissionUsage.java @@ -5,58 +5,38 @@ package detectors.device_permission_usage; -import android.media.MediaPlayer; -import android.bluetooth.BluetoothAdapter; -import android.content.ContentResolver; -import android.database.Cursor; -import android.net.Uri; import android.media.MediaRecorder; -import java.io.File; -import android.widget.SeekBar; -import android.widget.SeekBar.OnSeekBarChangeListener; -import java.lang.Math; +import java.lang.IllegalStateException; +import java.io.IOException; public class DevicePermissionUsage { // {fact rule=device-permission-usage@v1.0 defects=1} public void devicePermissionUsageNoncompliant() { - File song = new File(getString(R.string.song_path)); - MediaPlayer mediaPlayer = MediaPlayer.create(this, Uri.fromFile(song)); - mediaPlayer.setLooping(true); - seekBar = (SeekBar) findViewById(R.id.seek_bar); - seekBar.setMax(mediaPlayer.getDuration()); - seekBar.setOnSeekBarChangeListener(new OnSeekBarChangeListener() { - @Override - public void onStartTrackingTouch(final SeekBar seekBar) { - } - - @Override - public void onStopTrackingTouch(final SeekBar seekBar) { - } - - @Override - public void onProgressChanged(final SeekBar seekBar, final int progress, final boolean fromUser) { - if (fromUser) { - final int ms = Math.max(progress, 0); - mediaPlayer.seekTo(ms); - setPosition(ms); - } - } - }); - // Noncompliant: The call to method android.media.MediaPlayer.start triggers an OS-level permission (media) request directly. - mediaPlayer.start(); + String file = ""; + MediaRecorder recorder = new MediaRecorder(); + // Noncompliant: The call to method android.media.MediaRecorder.start triggers an OS-level permission (media) request directly. + recorder.start(); + recorder.setOutputFormat(MediaRecorder.OutputFormat.DEFAULT); + recorder.setAudioEncoder(MediaRecorder.AudioEncoder.DEFAULT); + try { + recorder.prepare(); + recorder.setAudioSource(MediaRecorder.AudioSource.MIC); + return; + } catch (IllegalStateException e) { + e.printStackTrace(); + } catch (IOException e) { + e.printStackTrace(); + } } // {/fact} // {fact rule=device-permission-usage@v1.0 defects=0} public void devicePermissionUsageCompliant() { - File song = new File(getString(R.string.song_path)); - // Compliant: The call to method android.media.MediaPlayer.start does not trigger an OS-level permission (media) request directly. - MediaPlayer mediaPlayer = MediaPlayer.create(this, Uri.fromFile(song)); - mediaPlayer.setLooping(true); - seekBar = (SeekBar) findViewById(R.id.seek_bar); - seekBar.setMax(mediaPlayer.getDuration()); + String file = ""; + // Compliant: The call to method android.media.MediaRecorder.start does not trigger a permission request through the MediaRecorder class. + MediaRecorder recorder = new MediaRecorder(); } // {/fact} }