private boolean isInJob(PsiField field) { JavaEvaluator evaluator = context.getEvaluator(); if (evaluator.isMemberInSubClassOf(field, JOBQUEUE_JOB, true)) { return true; } return false; }
@Override public void visitMethodCallExpression(PsiMethodCallExpression node) { if (!mCallsGetAction) { PsiMethod method = node.resolveMethod(); if (method != null && "getAction".equals(method.getName()) && mEvaluator.isMemberInSubClassOf(method, CLASS_INTENT, false)) { mCallsGetAction = true; } } super.visitMethodCallExpression(node); }
@Override public void visitMethod(@NonNull JavaContext context, @Nullable JavaElementVisitor visitor, @NonNull PsiMethodCallExpression call, @NonNull PsiMethod method) { // Identify calls to Runtime.loadLibrary() and System.loadLibrary() if (LOAD_LIBRARY.equals(method.getName())) { JavaEvaluator evaluator = context.getEvaluator(); if (evaluator.isMemberInSubClassOf(method, RUNTIME_CLASS, false) || evaluator.isMemberInSubClassOf(method, SYSTEM_CLASS, false)) { mHasNativeLibs = true; } } }
private static void report( @NonNull JavaContext context, @NonNull PsiMethodCallExpression node, @NonNull PsiMethod method) { // Make sure the call is on a view if (!context.getEvaluator().isMemberInSubClassOf(method, CLASS_VIEW, false)) { return; } String name = method.getName(); String suggestion = Character.toLowerCase(name.charAt(2)) + name.substring(3); String message = String.format( // Keep in sync with {@link #getOldValue} and {@link #getNewValue} below! "Suspicious method call; should probably call \"`%1$s`\" rather than \"`%2$s`\"", suggestion, name); context.report(ISSUE, node, context.getNameLocation(node), message); }
@Override public void visitMethod(@NonNull JavaContext context, @Nullable JavaElementVisitor visitor, @NonNull PsiMethodCallExpression call, @NonNull PsiMethod method) { // Report calls to Runtime.load() and System.load() if ("load".equals(method.getName())) { JavaEvaluator evaluator = context.getEvaluator(); if (evaluator.isMemberInSubClassOf(method, RUNTIME_CLASS, false) || evaluator.isMemberInSubClassOf(method, SYSTEM_CLASS, false)) { context.report(LOAD, call, context.getLocation(call), "Dynamically loading code using `load` is risky, please use " + "`loadLibrary` instead when possible"); } } }
if (!evaluator.isMemberInSubClassOf(method, CLASS_VIEW, false)) { return null; if (!evaluator.isMemberInSubClassOf(method, "android.support.wearable.watchface.WatchFaceService.Engine", false)) { return null;
/** * Checks that the given call to {@code Context#getSystemService(WIFI_SERVICE)} is * using the application context */ private static void checkWifiService(@NonNull JavaContext context, @NonNull PsiMethodCallExpression call) { JavaEvaluator evaluator = context.getEvaluator(); PsiReferenceExpression methodExpression = call.getMethodExpression(); PsiExpression qualifier = methodExpression.getQualifierExpression(); PsiMethod resolvedMethod = call.resolveMethod(); if (resolvedMethod != null && (evaluator.isMemberInSubClassOf(resolvedMethod, CLASS_ACTIVITY, false) || (evaluator.isMemberInSubClassOf(resolvedMethod, CLASS_VIEW, false)))) { reportWifiServiceLeak(WIFI_MANAGER, context, call); return; } if (qualifier == null) { // Implicit: check surrounding class PsiMethod currentMethod = PsiTreeUtil.getParentOfType(call, PsiMethod.class, true); if (currentMethod != null && !evaluator.isMemberInSubClassOf(currentMethod, CLASS_APPLICATION, true)) { reportWifiServiceLeak(WIFI_MANAGER, context, call); } } else { checkContextReference(context, qualifier, call); } }
@Override public void visitReference( @NonNull JavaContext context, @Nullable JavaElementVisitor visitor, @NonNull PsiJavaCodeReferenceElement reference, @NonNull PsiElement resolved) { JavaEvaluator evaluator = context.getEvaluator(); if (resolved instanceof PsiField && evaluator.isMemberInSubClassOf((PsiField)resolved, "android.os.Build", false)) { String message = String.format(MESSAGE_DEVICE_IDENTIFIERS, "SERIAL"); context.report(ISSUE, reference, context.getNameLocation(reference), message); } }
/** * Returns true if the given method (which is typically looked up by resolving a method call) is * either a method in the exact given class, or if {@code allowInherit} is true, a method in a * class possibly extending the given class, and if the parameter types are the exact types * specified. * * @param method the method in question * @param className the class name the method should be defined in or inherit from (or * if null, allow any class) * @param allowInherit whether we allow checking for inheritance * @param argumentTypes the names of the types of the parameters * @return true if this method is defined in the given class and with the given parameters */ public boolean methodMatches( @NonNull PsiMethod method, @Nullable String className, boolean allowInherit, @NonNull String... argumentTypes) { if (className != null && allowInherit) { if (!isMemberInSubClassOf(method, className, false)) { return false; } } return parametersMatch(method, argumentTypes); }
if (evaluator.isMemberInSubClassOf(method, CLASS_RESOURCES, false) || evaluator.isMemberInSubClassOf(method, CLASS_CONTEXT, false) || evaluator.isMemberInSubClassOf(method, CLASS_FRAGMENT, false) || evaluator.isMemberInSubClassOf(method, CLASS_V4_FRAGMENT, false)) { checkStringFormatCall(context, method, node, false);
private static boolean isAppBarActivityCall(@NonNull JavaContext context, @NonNull PsiMethodCallExpression node, @NonNull PsiMethod method) { JavaEvaluator evaluator = context.getEvaluator(); if (evaluator.isMemberInSubClassOf(method, CLASS_ACTIVITY, false)) { // Make sure that the calling context is a subclass of ActionBarActivity; // we don't want to flag these calls if they are in non-appcompat activities // such as PreferenceActivity (see b.android.com/58512) PsiClass cls = PsiTreeUtil.getParentOfType(node, PsiClass.class, true); return cls != null && evaluator.extendsClass(cls, "android.support.v7.app.ActionBarActivity", false); } return false; }
PsiExpression[] args = node.getArgumentList().getExpressions(); String methodName = node.getMethodExpression().getReferenceName(); if (context.getEvaluator().isMemberInSubClassOf(method, FILE_CLASS, false)) {
@Override public void visitMethod(@NonNull JavaContext context, @Nullable JavaElementVisitor visitor, @NonNull PsiMethodCallExpression call, @NonNull PsiMethod method) { JavaEvaluator evaluator = context.getEvaluator(); if (!evaluator.isMemberInSubClassOf(method, TEXT_VIEW_CLS, false)) { return; } if (method.getParameterList().getParametersCount() > 0 && evaluator.parameterHasType(method, 0, CHAR_SEQUENCE_CLS)) { checkNode(context, call.getArgumentList().getExpressions()[0]); } }
@Override public void visitMethod(@NonNull JavaContext context, @Nullable JavaElementVisitor visitor, @NonNull PsiMethodCallExpression node, @NonNull PsiMethod method) { if (!context.getEvaluator().isMemberInSubClassOf(method, CIPHER, false)) { return; } PsiExpressionList argumentList = node.getArgumentList(); PsiExpression[] arguments = argumentList.getExpressions(); if (arguments.length == 1) { PsiExpression expression = arguments[0]; Object value = ConstantEvaluator.evaluate(context, expression); if (value instanceof String) { checkParameter(context, node, expression, (String)value, !(expression instanceof PsiLiteral)); } } }
@Override public void visitReference(@NonNull JavaContext context, @Nullable JavaElementVisitor visitor, @NonNull PsiJavaCodeReferenceElement reference, @NonNull PsiElement resolved) { if (resolved instanceof PsiField && context.getEvaluator().isMemberInSubClassOf((PsiField)resolved, "android.provider.Settings", false) && context.getMainProject().getTargetSdkVersion().getFeatureLevel() >= 23) { String message = getBatteryOptimizationsErrorMessage(); context.report(ISSUE, reference, context.getNameLocation(reference), message); } }
@Override public void visitMethod(@NonNull JavaContext context, @Nullable JavaElementVisitor visitor, @NonNull PsiMethodCallExpression call, @NonNull PsiMethod method) { if (context.getEvaluator().isMemberInSubClassOf(method, SSL_CERTIFICATE_SOCKET_FACTORY_CLASS, false)) { String methodName = method.getName(); if ("createSocket".equals(methodName)) { PsiExpression[] args = call.getArgumentList().getExpressions(); if (args.length > 0) { PsiType type = args[0].getType(); if (type != null && (INET_ADDRESS_CLASS.equals(type.getCanonicalText()) || context.getEvaluator().extendsClass(((PsiClassType)type).resolve(), INET_ADDRESS_CLASS, false))) { context.report(CREATE_SOCKET, call, context.getLocation(call), "Use of `SSLCertificateSocketFactory.createSocket()` " + "with an InetAddress parameter can cause insecure " + "network traffic due to trusting arbitrary hostnames in " + "TLS/SSL certificates presented by peers"); } } } else if ("getInsecure".equals(methodName)) { context.report(GET_INSECURE, call, context.getLocation(call), "Use of `SSLCertificateSocketFactory.getInsecure()` can cause " + "insecure network traffic due to trusting arbitrary TLS/SSL " + "certificates presented by peers"); } } } }
JavaEvaluator evaluator = context.getEvaluator(); if (evaluator.isMemberInClass(method, JAVA_SECURITY_SECURE_RANDOM) || evaluator.isMemberInSubClassOf(method, JAVA_UTIL_RANDOM, false) && isSecureRandomReceiver(context, call)) {
@NonNull PsiMethodCallExpression node, @NonNull PsiMethod method) { if (skipParentheses(node.getParent()) instanceof PsiExpressionStatement) { if (!context.getEvaluator().isMemberInSubClassOf(method, CLASS_CONTEXT, false)) { return;
if (!evaluator.isMemberInSubClassOf(method, CLASS_VIEW, false)) { return;