scanner: error/warn on dex/gz/zip, closes #394

fdroidserver/scanner.py

@@ -162,16 +162,19 @@ def scan_source(build_dir, build=metadata.Build()):
 
     def warnproblem(what, path_in_build_dir):
         if toignore(path_in_build_dir):
-            return
+            return 0
         logging.warning('Found %s at %s' % (what, path_in_build_dir))
         if json_per_build is not None:
             json_per_build['warnings'].append([what, path_in_build_dir])
+        return 0
 
     def handleproblem(what, path_in_build_dir, filepath):
         if toignore(path_in_build_dir):
             return ignoreproblem(what, path_in_build_dir)
         if todelete(path_in_build_dir):
             return removeproblem(what, path_in_build_dir, filepath)
+        if 'src/test' in filepath or '/test/' in filepath:
+            return warnproblem(what, path_in_build_dir)
         if options and options.json:
             json_per_build['errors'].append([what, path_in_build_dir])
         if options and (options.verbose or not options.json):
@@ -242,8 +245,14 @@ def scan_source(build_dir, build=metadata.Build()):
                 count += handleproblem(_('Android AAR library'), path_in_build_dir, filepath)
             elif ext == 'class':
                 count += handleproblem(_('Java compiled class'), path_in_build_dir, filepath)
+            elif ext == 'dex':
+                count += handleproblem(_('Android DEX code'), path_in_build_dir, filepath)
+            elif ext == 'gz':
+                count += handleproblem(_('gzip file archive'), path_in_build_dir, filepath)
             elif ext == 'so':
                 count += handleproblem(_('shared library'), path_in_build_dir, filepath)
+            elif ext == 'zip':
+                count += handleproblem(_('ZIP file archive'), path_in_build_dir, filepath)
             elif ext == 'jar':
                 for name in suspects_found(curfile):
                     count += handleproblem('usual suspect \'%s\'' % name, path_in_build_dir, filepath)

tests/scanner.TestCase

@@ -95,14 +95,17 @@ class ScannerTest(unittest.TestCase):
             'arg.jar',
             'ascii.out',
             'baz.so',
+            'classes.dex',
             'sqlcipher.aar',
             'static.a',
+            'src/test/resources/classes.dex',
         ]
         remove = [
             'gradle-wrapper.jar',
             'gradlew',
             'gradlew.bat',
         ]
+        os.makedirs('src/test/resources', exist_ok=True)
         for f in keep + remove:
             with open(f, 'w') as fp:
                 fp.write('placeholder')
@@ -127,7 +130,7 @@ class ScannerTest(unittest.TestCase):
         os.system('ls -l fake.png')
 
         count = fdroidserver.scanner.scan_source(testdir)
-        self.assertEqual(5, count, 'there should be this many errors')
+        self.assertEqual(6, count, 'there should be this many errors')
 
         for f in keep + binaries:
             self.assertTrue(os.path.exists(f), f + ' should still be there')
@@ -148,11 +151,14 @@ class ScannerTest(unittest.TestCase):
         self.assertTrue('arg.jar' in files['errors'], 'all JAR files are errors')
         self.assertTrue('baz.so' in files['errors'], 'all .so files are errors')
         self.assertTrue('binary.out' in files['errors'], 'a binary .out file is an error')
+        self.assertTrue('classes.dex' in files['errors'], 'all classes.dex files are errors')
         self.assertTrue('sqlcipher.aar' in files['errors'], 'all AAR files are errors')
         self.assertTrue('static.a' in files['errors'], 'all .a files are errors')
 
         self.assertTrue('fake.png' in files['warnings'],
                         'a random binary that is executable that is not an image is a warning')
+        self.assertTrue('src/test/resources/classes.dex' in files['warnings'],
+                        'suspicious file but in a test dir is a warning')
 
         for f in remove:
             self.assertTrue(f in files['infos'],