-
Notifications
You must be signed in to change notification settings - Fork 727
Expand file tree
/
Copy pathAndroidUnencryptedDatabaseCheckSample.java
More file actions
108 lines (82 loc) · 3.39 KB
/
AndroidUnencryptedDatabaseCheckSample.java
File metadata and controls
108 lines (82 loc) · 3.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
package checks.security;
import android.app.Activity;
import android.content.Context;
import android.database.DatabaseErrorHandler;
import android.database.sqlite.SQLiteDatabase;
import android.preference.PreferenceManager;
import io.realm.RealmConfiguration;
import java.io.File;
public class AndroidUnencryptedDatabaseCheckSample {
RealmConfiguration.Builder builderAsField;
void testSharedPreferences(Activity activity, Context context, PreferenceManager preferenceManager) {
activity.getPreferences(1); // Noncompliant {{Make sure using an unencrypted database is safe here.}}
// ^^^^^^^^^^^^^^
activity().getPreferences(2); // Noncompliant
myActivity().getPreferences(3); // Noncompliant
myActivity().getPreferences(3, 4); // Compliant, unrelated method
context.getSharedPreferences(new File(""), 1); // Noncompliant {{Make sure using an unencrypted database is safe here.}}
// ^^^^^^^^^^^^^^^^^^^^
context.getSharedPreferences("file", 1); // Noncompliant
PreferenceManager.getDefaultSharedPreferences(context); // Noncompliant
}
void testSQLiteDatabase(Context context, SQLiteDatabase.CursorFactory cursorFactory, DatabaseErrorHandler databaseErrorHandler) {
context.openOrCreateDatabase("name", 1, cursorFactory); // Noncompliant {{Make sure using an unencrypted database is safe here.}}
// ^^^^^^^^^^^^^^^^^^^^
context.openOrCreateDatabase("name", 1, cursorFactory, databaseErrorHandler); // Noncompliant
}
void testRealm() {
new RealmConfiguration.Builder()
.build(); // Noncompliant
// ^^^^^
new RealmConfiguration.Builder()
.name("")
.build(); // Noncompliant
new RealmConfiguration.Builder()
.name("")
.encryptionKey(new byte[1])
.build(); // Compliant
RealmConfiguration.Builder builder = new RealmConfiguration.Builder();
builder.name("");
builder.build(); // Noncompliant
RealmConfiguration.Builder builder2 = new RealmConfiguration.Builder();
builder2.encryptionKey(new byte[1]);
builder2.build(); // Compliant
RealmConfiguration.Builder builder3 = new RealmConfiguration.Builder();
builder3.name("").encryptionKey(new byte[1]);
builder3.build(); // Compliant
RealmConfiguration.Builder builder3_2 = new RealmConfiguration.Builder();
builder3_2.encryptionKey(new byte[1]).name("");
builder3_2.build(); // Compliant
RealmConfiguration.Builder builder4 = new RealmConfiguration.Builder().encryptionKey(new byte[1]);
builder4.build(); // Compliant
RealmConfiguration.Builder builder5 = new RealmConfiguration.Builder().name("");
builder5.name("");
builder5.build(); // Noncompliant
RealmConfiguration.Builder builder6 = new RealmConfiguration.Builder().name("");
addProperty(builder6);
builder6.build(); // Compliant
new BuilderProvider()
.getBuilder()
.name("")
.build(); // Compliant
builderAsField.build(); // Compliant, field can be modified somewhere else
}
void addProperty(RealmConfiguration.Builder builder) {
builder.encryptionKey(new byte[0]);
}
Activity activity() {
return new Activity();
}
MyActivity myActivity() {
return new MyActivity();
}
class MyActivity extends Activity {
void getPreferences(int i, int j) {
}
}
class BuilderProvider {
RealmConfiguration.Builder getBuilder() {
return new RealmConfiguration.Builder();
}
}
}