Current status of Android Lint option 'MissingPermission' - android

I'm looking for a quick way to identify missing Android permissions. According to Android Tools Project Site here: http://tools.android.com/tips/lint-checks, Android Studio 1.4 is able to check MissingPermission:
MissingPermission
Priority: 9 / 10 Severity: Error Category: Correctness
This check scans through your code and libraries and looks at the APIs
being used, and checks this against the set of permissions required to
access those APIs. If the code using those APIs is called at runtime,
then the program will crash.
Furthermore, for permissions that are revocable (with targetSdkVersion
23), client code must also be prepared to handle the calls throwing an
exception if the user rejects the request for permission at runtime.
However, when I try ./gradlew lint check MissingPermission, the output is:
Task 'MissingPermission' not found in root project 'Android'.
(I have to use the command line because AS always freezes when I use Analyze - Inspect Code from UI.)
If I run ./gradlew lint, Lint report doesn't complain missing permission even if I remove android.permission.INTERNET.
Any ideas on this Lint option?

Related

Why Android 7 devices show error messages related to native shared libraries

My Android app is using 3rd party library that uses native libraries.
It is built with targetSdkVersion 21.
When running my app on Android 7 phones (in my example, LG G20), users start getting a visible error message upon process initialization.
The error message screenshot is attached.
When running the same app on Android 5.x and 6.x, there is no error shown to the user, although there is still a matching warning message in the log. Log message looks like:
library "/data/app/org.iotivity.base.examples.simpleclient-1/lib/arm/libocstack-jni.so" has invalid DT_NEEDED entry "./obj/local/armeabi/libocprovision.so"
ךibrary "/data/app/org.iotivity.base.examples.simpleclient-1/lib/arm/libocstack-jni.so" has invalid DT_NEEDED entry "./obj/local/armeabi/libocpmapi.so"
So it looks likes Android 7 "decides" to show to the end user a warning which is kept for the log only in previous versions.
I would appreciate:
1. Ideas on how the error message can be suppressed
2. Hints on what is the right solution for the issue (this is a 3rd party code, but I may try to tweak the build process)
Thanks in advance
Max

Exception thrown when executing model rule for augmented reality app

I am working on the ARSimple example for ARToolKit and after setting my SDK to 4.4 and using my real device (yes I enabled USB debugging) I get this error when trying to run. What is causing this error? I can provide more info as needed.
Error:A problem occurred configuring project ':aRSimple'.
> Exception thrown while executing model rule: com.android.build.gradle.model.BaseComponentModelPlugin$Rules#createAndroidComponents(org.gradle.platform.base.ComponentSpecContainer,
org.gradle.internal.service.ServiceRegistry,
com.android.build.gradle.managed.AndroidConfig,
com.android.build.gradle.AndroidConfig,
org.gradle.model.ModelMap<com.android.build.gradle.managed.BuildType>,
org.gradle.model.ModelMap<com.android.build.gradle.managed.ProductFlavor>,
org.gradle.model.ModelMap<com.android.build.gradle.managed.SigningConfig>,
com.android.build.gradle.internal.variant.VariantFactory,
com.android.build.gradle.internal.TaskManager, org.gradle.api.Project,
com.android.builder.core.AndroidBuilder,
com.android.build.gradle.internal.SdkHandler,
com.android.build.gradle.internal.ExtraModelInfo,
java.lang.Boolean)
> failed to find target with hash string 'android-23' in: C:\Users\aaron\AppData\Local\Android\Sdk
The error message indicates that you do not have API 23 installed. You need to start the SDK Manager and download it.
Alternatively, you can set compileSdkVersion in your build.gradle file to the API version you wish to use instead.

API Change error when building AOSP 5.1

Currently trying to build android-5.1.0_r5. I've checked out the sources and made no modifications. However, when compiling I get the following error.
Checking API: checkpublicapi-current
out/target/common/obj/PACKAGING/public_api.txt:20: error 5: Added public field android.Manifest.permission.BACKUP
out/target/common/obj/PACKAGING/public_api.txt:82: error 5: Added public field android.Manifest.permission.INVOKE_CARRIER_SETUP
out/target/common/obj/PACKAGING/public_api.txt:106: error 5: Added public field android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE
out/target/common/obj/PACKAGING/public_api.txt:116: error 5: Added public field android.Manifest.permission.RECEIVE_EMERGENCY_BROADCAST
******************************
You have tried to change the API from what has been previously approved.
To make these errors go away, you have two choices:
1) You can add "#hide" javadoc comments to the methods, etc. listed in the
errors above.
2) You can update current.txt by executing the following command:
make update-api
To submit the revised current.txt to the main Android repository,
you will need approval.
******************************
And diffing the public api txt files does indeed show a difference.
diff frameworks/base/api/current.txt out/target/common/obj/PACKAGING/public_api.txt
19a20
> field public static final java.lang.String BACKUP = "android.permission.BACKUP";
80a82
> field public static final java.lang.String INVOKE_CARRIER_SETUP = "android.permission.INVOKE_CARRIER_SETUP";
103a106
> field public static final java.lang.String READ_PRIVILEGED_PHONE_STATE = "android.permission.READ_PRIVILEGED_PHONE_STATE";
112a116
> field public static final java.lang.String RECEIVE_EMERGENCY_BROADCAST = "android.permission.RECEIVE_EMERGENCY_BROADCAST";
However, I cant figure out where those additional Public Fields are coming from. Any ideas?
Don't do 'make update-api' if you didn't touch anything. There additional apis came form frameworks/base/res/AndroidManifest.xml badly parsed by aapt that uses buggy system/core/libcore/String8.cpp##removeAll() they use memcpy but should be memmove for overlapping strings in memory.
This is issue on latest Debian (sid) or Ubuntu (16 maybe 15) build machines.
It's a google bug in libcore/String8.cpp. Fix is here:
https://android.googlesource.com/platform/system/core/+/dd060f01f68ee0e633e9cae24c4e565cda2032bd
This man found it (Michael Scott) and maybe some other people too. Here is his investigation: https://plus.google.com/+hashcode0f/posts/URHo3hBmfHY
Living on the Edge (of Ubuntu) ... can be painful!
I've been running Ubuntu 15.04 for a while now. It's been great
having a very current kernel alongside the latest improvements from
Ubuntu and Debian. (My past post on using zRAM ramdisk is one
example).
However, having the newest greatest toys also has it's downsides. I
recently spent 4 days troubleshooting a build break in Android which
started some time after March 25th. I'm guessing I updated packages
or inadvertently changed my glibc version.
The outcome was a build error during the checkapi stage of Android
build:
Install: /out/mydroid-ara/host/linux-x86/bin/apicheck Checking API:
checkpublicapi-last Checking API: checkpublicapi-current
/out/mydroid-ara/target/common/obj/PACKAGING/public_api.txt:20: error
5: Added public field android.Manifest.permission.BACKUP
/out/mydroid-ara/target/common/obj/PACKAGING/public_api.txt:82: error
5: Added public field android.Manifest.permission.INVOKE_CARRIER_SETUP
/out/mydroid-ara/target/common/obj/PACKAGING/public_api.txt:106: error
5: Added public field
android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE
/out/mydroid-ara/target/common/obj/PACKAGING/public_api.txt:116: error
5: Added public field
android.Manifest.permission.RECEIVE_EMERGENCY_BROADCAST
**************************** You have tried to change the API from what has been previously approved.
To make these errors go away, you have two choices: 1) You can add
"#hide" javadoc comments to the methods, etc. listed in the
errors above.
2) You can update current.txt by executing the following command:
make update-api
To submit the revised current.txt to the main Android repository,
you will need approval.
This occurred on both of my Ubuntu 15.04 boxes and was present when
when build AOSP android-5.0.2_r1 and android-5.1.0_r1.
For those of you who are unfamiliar with this portion of the Android
build, the Android framework exports all of the public portions of the
API and makes sure that the current build matches up with what's
located under frameworks/base/api/current.txt. It does this by
parsing frameworks/base/res/AndroidManifest.xml and any of the current
device's overlay .xml files and processes items marked with various
flags in the comments above them:#SystemApi, #hide, etc. This
parsing and processing portion of the checkapi stage is done by a
binary "aapt" (Android Asset Packagng Tool). It's source is located
under frameworks/base/tools/aapt.
I started by checking for upstream fixes to the platform/build or
platform/frameworks/base projects. After striking out, I began
debugging the android build via the use of: "make checkapi
showcommands" and then manually running the commands with "strace" to
see how each binary was involved and what output it generated.
After the first few hours of debugging, it became apparent that
out/target/common/obj/APPS/frameworks-res_intermediates/src/android/Manifest.java
file had comments which were being corrupted when aapt was generating
it. I was able to make some manual changes to the AndroidManifest.xml
file and get the build to pass (removing extra portions of the
comments).
Digging deeper via strace and then looking at various static link
sources, I found that during the AndroidManifest.xml comments
processing the #SystemApi token was being filtered out via a
String8.removeAll("#SystemApi") function call. Experimentally, I
removed this part of the processing. Lo and Behold! The build
worked. Taking a closer look at the removeAll function, I was able to
pin point a memcpy function as the part of the function which was
causing corruption.
I then researched memcpy a bit and noted that you are not supposed to
use memcpy on overlapping memory addresses, instead memmove was
preferred, because it makes a copy of the source prior to any changes
being made to the destination. After changing the use of memcpy to
memmove the build was fixed and all was well with the world!
As a good player in the open source world, I immediately thought I
should upstream this incredible feat of debugging to the master branch
of system/core. BUT, alas! The fix has been in the master branch
since November 11th 2014! And hasn't been brought into any of the
current development tags! grumble
https://android.googlesource.com/platform/system/core/+/dd060f01f68ee0e633e9cae24c4e565cda2032bd
I've since contacted the Google team about this change and let them
know of my experience in hopes that we may yet see this patch in
future release tags of Android.
Conclusion: apparently glibc is undergoeing some changes and some of
those have now filtered onto my Ubuntu boxes. Where previously the
memcpy usage was incorrect but still usable, it now causes the build
break I was seeing.
If you see this kind of error in your Android builds, and you're on a
newish version of Ubuntu or Debian distrobution, you may want to try
this simple patch and see if it helps.
Hash
Big up himself!
I do see the entries in my r8 code so you are probably safe running make update-api, and when that finishes then run your make command as normal.

PaClient error: E0002 Missing profile name

I try to make an android application in delphi but when i build the project i get this error:
[PAClient Error] Error: E0002 Missing profile name; use paclient -?
for Help
How can i fix this?
You may check your configuration as well in Delphi XE 8.1:
Build Configuration: RELEASE
Android: APPLICATION STORE
For instance DEBUG and APPLICATION STORE may result in a E00002 error.
For building Android applications in delphi, you do not use the PAServer nor PAClient, so there is no profile: these are only needed for iOS or OS X development.
To figure out what is calling PAClient and why the call fails, follow these steps:
Run Delphi while the free Process Monitor from SysInternals is active,
watch the Process Monitor log to see when the PAClient is executed, and what parameters there are.
Relate these parameters to the selected profile
Note that error E00002 means the PAClient has no profile name in the parameters.
Also check Project -> Deployment that all items are checked. That worked for me.
(I unchecked all items by mistake when adding some files for deployment manually)
Via FFernandes https://forums.embarcadero.com/thread.jspa?threadID=118789

Permission Denial: this requires android.permission.INTERACT_ACROSS_USERS_FULL

I am having an issue with sqlite db in Android. But as I made a quick research on the internet, I suspect that the problem is not related to sqlite but system user. My app is not recognized as authorized user to access db functionalities. I tried to apply possible suggested solutions in stack overflow but none of them made a difference. This is the LogCat I am facing every time I attempt to use db functionality.
12-14 02:35:17.721 2953-3355/? E/DatabaseUtils﹕ Writing exception to parcel
java.lang.SecurityException: Permission Denial: get/set setting for user asks to run as user -2 but is calling from user 0; this requires android.permission.INTERACT_ACROSS_USERS_FULL
at com.android.server.am.ActivityManagerService.handleIncomingUser(ActivityManagerService.java:13082)
at android.app.ActivityManager.handleIncomingUser(ActivityManager.java:2038)
at com.android.providers.settings.SettingsProvider.callFromPackage(SettingsProvider.java:577)
at android.content.ContentProvider$Transport.call(ContentProvider.java:279)
at android.content.ContentProviderNative.onTransact(ContentProviderNative.java:273)
at android.os.Binder.execTransact(Binder.java:388)
at dalvik.system.NativeStart.run(Native Method)
I tried to add permission
android.permission.INTERACT_ACROSS_USERS_FULL
but still no sound. The strange thing is when I try to add INTERNET permission Android Studio 0.3 (ide I use) suggests me possible permissions I can choose. But when it comes to INTERACT_ACROSS_USERS_FULL permission it behaves like it has no idea about this permission. My test device is Samsung S4 running on 4.3.
I assume that I am not the only one who tries to use db on android. So there is a solution.
How can I really add INTERACT_ACROSS_USERS_FULL permission to my application?
According to this answer: android.permission.INTERACT_ACROSS_USERS_FULL is a signature level permission. Your app will not be able to use it until and unless it has the same signature as the system.
Which is not something you can achieve unless you either are the creator or the system build, or collaborating with them such that they are willing to sign your apk with their certificate. In other words, this is off limits for most developers.
I got the error android.permission.INTERACT_ACROSS_USERS_FULL because I had some conflicts in the bin directory of the project. I did some changes to the my app package id and the app-file-1.apk in the bin directory doesn't match with the project.
I did a project > clean and checked that the bin folder was cleared and regenerated, and it works now.
I had the same issue and think that I can help you out. I had registered my app with my production keystore, but was using Eclipse debug to load it into my phone. The Eclipse debug uses debug.keystore which wont match the signature of your production key and throw this error. Use the debug keystore instead for testing or send the apk to yourself and download it onto your phone.
I get this error when I change my minSdkVersion from 8 to 11 in my Manifest. I changed it back to 8 or 9 and no more error.
Try changing your minSdkVersion in your manifest. I was able to repeat the crash and error results with versions 10, 11, and 12 (my app crashes and displays "requires android.permission.INTERACT_ACROSS_USERS_FULL" in the LogCat)
Try to disable auto-fill. It works 100% on Android Oreo. Check this link
Simply add this code to your app :
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
window.decorView.importantForAutofill =
View.IMPORTANT_FOR_AUTOFILL_NO_EXCLUDE_DESCENDANTS;
}

Categories

Resources