Add lint checks for wakelock and secure random problems
This changeset adds new two lint bytecode-based detectors.
The WakelockDetector looks for problems with wakelocks:
- Calling release() in onDestroy() rather than in onPause()
- Calling acquire() but never calling release() anywhere in the app.
The SecureRandomDetector looks for problems with the SecureRandom
random number generator:
- Calling setSeed() with a fixed number, such as a string literal,
or something equivalent (such as a static field reference of
this or some other class)
- Calling setSeed() and passing in System.nanoTime or
currentTimeMillis since these are considered predictable seeds.
These are both using the new fast-dispatch mechanism for bytecode
detectors in lint. In both cases, there are more complex control flow
we should be checking using flow analysis; that's for an upcoming CL
where we add ASM's analysis library.
Change-Id: Iec2a95b042b8a3e4e976923cc62e9dccf2dfeca5
12 files changed