176 lines
4.3 KiB
Python
176 lines
4.3 KiB
Python
|
#!/usr/bin/env python
|
||
|
#
|
||
|
# Copyright (C) 2019 The Android Open Source Project
|
||
|
#
|
||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||
|
# you may not use this file except in compliance with the License.
|
||
|
# You may obtain a copy of the License at
|
||
|
#
|
||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||
|
#
|
||
|
# Unless required by applicable law or agreed to in writing, software
|
||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
|
# See the License for the specific language governing permissions and
|
||
|
# limitations under the License.
|
||
|
#
|
||
|
"""Find APK sharedUserId violators.
|
||
|
|
||
|
Usage: find_shareduid_violation [args]
|
||
|
|
||
|
--product_out
|
||
|
PRODUCT_OUT directory
|
||
|
|
||
|
--aapt
|
||
|
Path to aapt or aapt2
|
||
|
|
||
|
--copy_out_system
|
||
|
TARGET_COPY_OUT_SYSTEM
|
||
|
|
||
|
--copy_out_vendor_
|
||
|
TARGET_COPY_OUT_VENDOR
|
||
|
|
||
|
--copy_out_product
|
||
|
TARGET_COPY_OUT_PRODUCT
|
||
|
|
||
|
--copy_out_system_ext
|
||
|
TARGET_COPY_OUT_SYSTEM_EXT
|
||
|
"""
|
||
|
|
||
|
import json
|
||
|
import logging
|
||
|
import os
|
||
|
import re
|
||
|
import subprocess
|
||
|
import sys
|
||
|
|
||
|
from collections import defaultdict
|
||
|
from glob import glob
|
||
|
|
||
|
import common
|
||
|
|
||
|
logger = logging.getLogger(__name__)
|
||
|
|
||
|
OPTIONS = common.OPTIONS
|
||
|
OPTIONS.product_out = os.environ.get("PRODUCT_OUT")
|
||
|
OPTIONS.aapt = "aapt2"
|
||
|
OPTIONS.copy_out_system = "system"
|
||
|
OPTIONS.copy_out_vendor = "vendor"
|
||
|
OPTIONS.copy_out_product = "product"
|
||
|
OPTIONS.copy_out_system_ext = "system_ext"
|
||
|
|
||
|
|
||
|
def execute(cmd):
|
||
|
p = subprocess.Popen(
|
||
|
cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||
|
out, err = map(lambda b: b.decode("utf-8"), p.communicate())
|
||
|
return p.returncode == 0, out, err
|
||
|
|
||
|
|
||
|
def make_aapt_cmds(aapt, apk):
|
||
|
return [
|
||
|
aapt + " dump " + apk + " --file AndroidManifest.xml",
|
||
|
aapt + " dump xmltree " + apk + " --file AndroidManifest.xml"
|
||
|
]
|
||
|
|
||
|
|
||
|
def extract_shared_uid(aapt, apk):
|
||
|
for cmd in make_aapt_cmds(aapt, apk):
|
||
|
success, manifest, error_msg = execute(cmd)
|
||
|
if success:
|
||
|
break
|
||
|
else:
|
||
|
logger.error(error_msg)
|
||
|
sys.exit()
|
||
|
|
||
|
pattern = re.compile(r"sharedUserId.*=\"([^\"]*)")
|
||
|
|
||
|
for line in manifest.split("\n"):
|
||
|
match = pattern.search(line)
|
||
|
if match:
|
||
|
return match.group(1)
|
||
|
return None
|
||
|
|
||
|
|
||
|
def FindShareduidViolation(product_out, partition_map, aapt="aapt2"):
|
||
|
"""Find sharedUserId violators in the given partitions.
|
||
|
|
||
|
Args:
|
||
|
product_out: The base directory containing the partition directories.
|
||
|
partition_map: A map of partition name -> directory name.
|
||
|
aapt: The name of the aapt binary. Defaults to aapt2.
|
||
|
|
||
|
Returns:
|
||
|
A string containing a JSON object describing the shared UIDs.
|
||
|
"""
|
||
|
shareduid_app_dict = defaultdict(lambda: defaultdict(list))
|
||
|
|
||
|
for part, location in partition_map.items():
|
||
|
for f in glob(os.path.join(product_out, location, "*", "*", "*.apk")):
|
||
|
apk_file = os.path.basename(f)
|
||
|
shared_uid = extract_shared_uid(aapt, f)
|
||
|
|
||
|
if shared_uid is None:
|
||
|
continue
|
||
|
shareduid_app_dict[shared_uid][part].append(apk_file)
|
||
|
|
||
|
# Only output sharedUserId values that appear in >1 partition.
|
||
|
output = {}
|
||
|
for uid, partitions in shareduid_app_dict.items():
|
||
|
if len(partitions) > 1:
|
||
|
output[uid] = shareduid_app_dict[uid]
|
||
|
|
||
|
return json.dumps(output, indent=2, sort_keys=True)
|
||
|
|
||
|
|
||
|
def main():
|
||
|
common.InitLogging()
|
||
|
|
||
|
def option_handler(o, a):
|
||
|
if o == "--product_out":
|
||
|
OPTIONS.product_out = a
|
||
|
elif o == "--aapt":
|
||
|
OPTIONS.aapt = a
|
||
|
elif o == "--copy_out_system":
|
||
|
OPTIONS.copy_out_system = a
|
||
|
elif o == "--copy_out_vendor":
|
||
|
OPTIONS.copy_out_vendor = a
|
||
|
elif o == "--copy_out_product":
|
||
|
OPTIONS.copy_out_product = a
|
||
|
elif o == "--copy_out_system_ext":
|
||
|
OPTIONS.copy_out_system_ext = a
|
||
|
else:
|
||
|
return False
|
||
|
return True
|
||
|
|
||
|
args = common.ParseOptions(
|
||
|
sys.argv[1:],
|
||
|
__doc__,
|
||
|
extra_long_opts=[
|
||
|
"product_out=",
|
||
|
"aapt=",
|
||
|
"copy_out_system=",
|
||
|
"copy_out_vendor=",
|
||
|
"copy_out_product=",
|
||
|
"copy_out_system_ext=",
|
||
|
],
|
||
|
extra_option_handler=option_handler)
|
||
|
|
||
|
if args:
|
||
|
common.Usage(__doc__)
|
||
|
sys.exit(1)
|
||
|
|
||
|
partition_map = {
|
||
|
"system": OPTIONS.copy_out_system,
|
||
|
"vendor": OPTIONS.copy_out_vendor,
|
||
|
"product": OPTIONS.copy_out_product,
|
||
|
"system_ext": OPTIONS.copy_out_system_ext,
|
||
|
}
|
||
|
|
||
|
print(
|
||
|
FindShareduidViolation(OPTIONS.product_out, partition_map, OPTIONS.aapt))
|
||
|
|
||
|
|
||
|
if __name__ == "__main__":
|
||
|
main()
|