From 24d1763f8fdb426da34328562e49e26e5b3fba92 Mon Sep 17 00:00:00 2001 From: Yacine Rezgui Date: Thu, 2 May 2024 01:03:37 +0200 Subject: [PATCH 1/7] Add draft safer intents sample --- samples/security/intents/README.md | 4 +++ samples/security/intents/build.gradle.kts | 29 +++++++++++++++++ .../platform/security/intents/SaferIntents.kt | 32 +++++++++++++++++++ 3 files changed, 65 insertions(+) create mode 100644 samples/security/intents/README.md create mode 100644 samples/security/intents/build.gradle.kts create mode 100644 samples/security/intents/src/main/java/com/example/platform/security/intents/SaferIntents.kt diff --git a/samples/security/intents/README.md b/samples/security/intents/README.md new file mode 100644 index 00000000..6631e7bf --- /dev/null +++ b/samples/security/intents/README.md @@ -0,0 +1,4 @@ +# SaferIntents samples + +// TODO: provide minimal instructions +``` \ No newline at end of file diff --git a/samples/security/intents/build.gradle.kts b/samples/security/intents/build.gradle.kts new file mode 100644 index 00000000..3fa741f0 --- /dev/null +++ b/samples/security/intents/build.gradle.kts @@ -0,0 +1,29 @@ + +/* + * Copyright 2024 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +plugins { + id("com.example.platform.sample") +} + +android { + namespace = "com.example.platform.security.intents" +} + +dependencies { + // Add samples specific dependencies +} \ No newline at end of file diff --git a/samples/security/intents/src/main/java/com/example/platform/security/intents/SaferIntents.kt b/samples/security/intents/src/main/java/com/example/platform/security/intents/SaferIntents.kt new file mode 100644 index 00000000..06d6e742 --- /dev/null +++ b/samples/security/intents/src/main/java/com/example/platform/security/intents/SaferIntents.kt @@ -0,0 +1,32 @@ + +/* + * Copyright 2024 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package com.example.platform.security.intents + +import androidx.compose.runtime.Composable +import com.google.android.catalog.framework.annotations.Sample + +@Sample( + name = "SaferIntents", + description = "TODO: Add description" +) +@Composable +fun SaferIntents() { + // TODO: implement your sample. + // You can also use Activity or Fragment, simply tag them with the @Sample annotation +} \ No newline at end of file From 3adf6952f03e30cd4ccc048512c8917bfdbfbd2c Mon Sep 17 00:00:00 2001 From: Sabs Date: Tue, 21 May 2024 15:38:02 -0500 Subject: [PATCH 2/7] Add basic safer intent sample --- app/build.gradle.kts | 2 +- gradle/libs.versions.toml | 2 +- gradle/wrapper/gradle-wrapper.properties | 2 +- samples/README.md | 2 + samples/security/intents/README.md | 10 +++- .../intents/src/main/AndroidManifest.xml | 27 +++++++++ .../platform/security/intents/SaferIntents.kt | 46 ++++++++++++++- .../security/intents/SaferIntentsActivity.kt | 56 +++++++++++++++++++ 8 files changed, 139 insertions(+), 8 deletions(-) create mode 100644 samples/security/intents/src/main/AndroidManifest.xml create mode 100644 samples/security/intents/src/main/java/com/example/platform/security/intents/SaferIntentsActivity.kt diff --git a/app/build.gradle.kts b/app/build.gradle.kts index 4e383b1e..4e2fdeaa 100644 --- a/app/build.gradle.kts +++ b/app/build.gradle.kts @@ -34,7 +34,7 @@ android { defaultConfig { applicationId = "com.example.platform.app" - minSdk = 21 + minSdk = 24 targetSdk = 34 versionCode = 1 versionName = "1.0" diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index f385dfb1..a4bad604 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -18,7 +18,7 @@ accompanist = "0.32.0" androidx-datastore = "1.0.0" androidx-navigation = "2.7.7" androidx-window = "1.2.0" -agp = "8.2.2" +agp = "8.4.1" casa = "0.5.1" coil = "2.4.0" ksp = "1.9.22-1.0.17" diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 3ce71f6b..364bf915 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -17,6 +17,6 @@ #Wed Dec 07 13:21:03 CET 2022 distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.2-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.6-bin.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/samples/README.md b/samples/README.md index 8a0606ec..7b9f3523 100644 --- a/samples/README.md +++ b/samples/README.md @@ -90,6 +90,8 @@ Shows Predictive Back animations. Add your custom tile to the Quick Settings. - [Receive data shared by other apps](user-interface/share/src/main/java/com/example/platform/ui/share/receiver/ShareReceiverActivity.kt): Receive texts and images from other apps. +- [SaferIntents](security/intents/src/main/java/com/example/platform/security/intents/SaferIntents.kt): +Example on how can fix the miss use of intents - [Scan with BLE Intent](connectivity/bluetooth/ble/src/main/java/com/example/platform/connectivity/bluetooth/ble/BLEScanIntentSample.kt): This samples shows how to use the BLE intent to scan for devices - [Screenshot Detection](privacy/transparency/src/main/java/com/example/platform/privacy/transparency/ScreenshotDetection.kt): diff --git a/samples/security/intents/README.md b/samples/security/intents/README.md index 6631e7bf..dc5e9321 100644 --- a/samples/security/intents/README.md +++ b/samples/security/intents/README.md @@ -1,4 +1,10 @@ # SaferIntents samples -// TODO: provide minimal instructions -``` \ No newline at end of file +This sample shows that it is important to not have a NULL intent. +It contains 2 buttons: + +- One button sends an NULL intent +- Another button sends a regular intent + +It is important to note that for the NULL intent an exception handling has taken place. +If an app sends a NULL intent it will crash with an `ActivityNotFound` exception \ No newline at end of file diff --git a/samples/security/intents/src/main/AndroidManifest.xml b/samples/security/intents/src/main/AndroidManifest.xml new file mode 100644 index 00000000..b490a4c1 --- /dev/null +++ b/samples/security/intents/src/main/AndroidManifest.xml @@ -0,0 +1,27 @@ + + + + + + + + + + + + diff --git a/samples/security/intents/src/main/java/com/example/platform/security/intents/SaferIntents.kt b/samples/security/intents/src/main/java/com/example/platform/security/intents/SaferIntents.kt index 06d6e742..fbdfce42 100644 --- a/samples/security/intents/src/main/java/com/example/platform/security/intents/SaferIntents.kt +++ b/samples/security/intents/src/main/java/com/example/platform/security/intents/SaferIntents.kt @@ -18,15 +18,55 @@ package com.example.platform.security.intents +import android.annotation.SuppressLint +import android.content.ActivityNotFoundException +import android.content.Intent +import android.widget.Toast +import androidx.compose.foundation.layout.Arrangement +import androidx.compose.foundation.layout.Column +import androidx.compose.foundation.layout.fillMaxSize +import androidx.compose.foundation.layout.padding +import androidx.compose.material3.Button +import androidx.compose.material3.Text import androidx.compose.runtime.Composable +import androidx.compose.ui.Alignment +import androidx.compose.ui.Modifier +import androidx.compose.ui.platform.LocalContext +import androidx.compose.ui.unit.dp import com.google.android.catalog.framework.annotations.Sample @Sample( name = "SaferIntents", - description = "TODO: Add description" + description = "Example on how can fix the miss use of intents" ) +@SuppressLint("IntentWithNullActionLaunch") @Composable fun SaferIntents() { - // TODO: implement your sample. - // You can also use Activity or Fragment, simply tag them with the @Sample annotation + val context = LocalContext.current + + Column ( + modifier = Modifier + .fillMaxSize() + .padding(16.dp), + verticalArrangement = Arrangement.spacedBy(8.dp), + horizontalAlignment = Alignment.CenterHorizontally, + ){ + Button(onClick = { + val intent = Intent() + try { + context.startActivity(intent) + } catch (e : ActivityNotFoundException) { + Toast.makeText(context, "Error: " + e.message, Toast.LENGTH_SHORT).show() + } + }) { + Text(text = "Send NULL Intent") + } + + Button(onClick = { + val intent = Intent("com.example.platform.security.intents.MY_ACTION") + context.startActivity(intent) + }) { + Text(text = "Send Intent") + } + } } \ No newline at end of file diff --git a/samples/security/intents/src/main/java/com/example/platform/security/intents/SaferIntentsActivity.kt b/samples/security/intents/src/main/java/com/example/platform/security/intents/SaferIntentsActivity.kt new file mode 100644 index 00000000..a110cb0a --- /dev/null +++ b/samples/security/intents/src/main/java/com/example/platform/security/intents/SaferIntentsActivity.kt @@ -0,0 +1,56 @@ + +/* + * Copyright 2024 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.example.platform.security.intents + +import android.content.BroadcastReceiver +import android.content.Context +import android.content.Intent +import android.os.Bundle +import android.util.Log +import android.widget.Toast +import androidx.activity.ComponentActivity +import androidx.activity.compose.setContent +import androidx.compose.foundation.background +import androidx.compose.foundation.layout.fillMaxSize +import androidx.compose.material3.MaterialTheme +import androidx.compose.material3.Surface +import androidx.compose.material3.Text +import androidx.compose.runtime.Composable +import androidx.compose.ui.Modifier + +class SaferIntentsActivity : ComponentActivity() { + override fun onCreate(savedInstanceState: Bundle?) { + super.onCreate(savedInstanceState) + Toast.makeText(applicationContext, "Activity successfully created", Toast.LENGTH_SHORT).show() + + setContent { + MaterialTheme { + Surface ( + Modifier + .fillMaxSize() + .background(MaterialTheme.colorScheme.background) + ){ + HelloAndroidScreen() + } + } + } + } +} +@Composable +fun HelloAndroidScreen() { + Text(text = "Hello Android!") +} \ No newline at end of file From c1bb65ea749dfcfa9da24400b3964b613ee0e690 Mon Sep 17 00:00:00 2001 From: Sabs Date: Thu, 23 May 2024 11:19:04 -0500 Subject: [PATCH 3/7] Update build.yml Update the timeout to check if the test can be run --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 65dc2790..803ced7c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -61,7 +61,7 @@ jobs: androidTest: needs: build runs-on: macOS-latest # enables hardware acceleration in the virtual machine - timeout-minutes: 55 + timeout-minutes: 100 strategy: matrix: api-level: [26, 30] From 3d3c75b7fb966839a26afeebde167f8d9e1f3b67 Mon Sep 17 00:00:00 2001 From: Sabs Date: Fri, 24 May 2024 08:51:01 -0500 Subject: [PATCH 4/7] Update build.yml Update some github action version to latest (older are being deprecated) Update min api level to 27 --- .github/workflows/build.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 803ced7c..41f3eafc 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Validate Gradle Wrapper uses: gradle/wrapper-validation-action@v1 @@ -46,14 +46,14 @@ jobs: run: ./gradlew testDebug - name: Upload build outputs (APKs) - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: build-outputs path: app/build/outputs - name: Upload build reports if: always() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: build-reports path: app/build/reports @@ -64,7 +64,7 @@ jobs: timeout-minutes: 100 strategy: matrix: - api-level: [26, 30] + api-level: [27, 30] steps: - name: Checkout @@ -94,7 +94,7 @@ jobs: - name: Upload test reports if: always() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: test-reports-${{ matrix.api-level }} path: '*/build/reports/androidTests' From 2f3f1ace2d5036d1059d9467bc95e224f0253b2b Mon Sep 17 00:00:00 2001 From: Sabs Date: Fri, 24 May 2024 09:57:08 -0500 Subject: [PATCH 5/7] Update build.yml Changing emulator host because x86_64 does not run on arm64 --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 41f3eafc..a0bfa85a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -60,8 +60,8 @@ jobs: androidTest: needs: build - runs-on: macOS-latest # enables hardware acceleration in the virtual machine - timeout-minutes: 100 + runs-on: macos-latest-large + timeout-minutes: 55 strategy: matrix: api-level: [27, 30] From 9070e0c351c8f4c0dba236e313fda1d0ded24d41 Mon Sep 17 00:00:00 2001 From: Sabs Date: Mon, 3 Jun 2024 10:05:41 -0500 Subject: [PATCH 6/7] Update build.yml Update api level to 31 --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a0bfa85a..d6d32739 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -64,7 +64,7 @@ jobs: timeout-minutes: 55 strategy: matrix: - api-level: [27, 30] + api-level: [27, 31] steps: - name: Checkout From 5d91a8de50db0b9b6bfddd29d8238dace617e26f Mon Sep 17 00:00:00 2001 From: Sabs Date: Tue, 4 Jun 2024 13:31:45 -0500 Subject: [PATCH 7/7] Update build.yml Move the base api level to 31 --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d6d32739..87c4dc52 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -64,7 +64,7 @@ jobs: timeout-minutes: 55 strategy: matrix: - api-level: [27, 31] + api-level: [31, 34] steps: - name: Checkout