Permalink
Browse files

Added ContentProvider access notifications

  • Loading branch information...
jakev committed Feb 2, 2014
1 parent 2d4d71f commit 3eead3f988eaf886793b6af78e4b3de3d6df42ba
@@ -45,6 +45,8 @@
import android.util.EventLog;
import android.util.Log;

import com.cobradroid.EventNotifier;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
@@ -395,6 +397,9 @@ public final Cursor query(Uri uri, String[] projection,
public final Cursor query(final Uri uri, String[] projection,
String selection, String[] selectionArgs, String sortOrder,
CancellationSignal cancellationSignal) {
/* Temporary call to CobraDroid security buffer. */
EventNotifier.recordContentProvider(uri, projection, selection, selectionArgs);

IContentProvider unstableProvider = acquireUnstableProvider(uri);
if (unstableProvider == null) {
return null;
@@ -0,0 +1,73 @@
/*
* com/cobradroid/EventNotifier.java - Class to record suspicious events
* Copyright (c) 2014 Jake Valletta
*
*
* Author:
* Jake Valletta -javallet@gmail.com, @jake_valletta
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.cobradroid;

import android.net.Uri;
import android.util.Seclog;
import android.text.TextUtils;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;

public class EventNotifier {

private static final String EVENT_CONTENT_PROVIDER = "ContentProviderQuery";
private static final String UNKNOWN = "unknown";

private static String getProcessName() {

File file = new File("/proc/self/cmdline");
BufferedReader br;

try {
br = new BufferedReader(new FileReader(file));
String line;

if ((line = br.readLine()) != null) {
return line.replaceAll("[^\\x01-\\x7F]", "");
}
else {
return UNKNOWN;
}

} catch (FileNotFoundException e) {
return UNKNOWN;
} catch (IOException e) {
return UNKNOWN;
}
}
/* Record access to a content provider */
public static void recordContentProvider(Uri url, String[] projection, String selection,
String[] selectionArgs) {

String urlString = url.toString();
String projectionString = projection == null ? "()" : "("+TextUtils.join(",", projection)+")";
String selectionString = selection == null ? "()" : selection;
String calleeApplication = getProcessName();

Seclog.d(EVENT_CONTENT_PROVIDER, "["+calleeApplication+"] Database access: \""+urlString+
"\" "+projectionString+" "+selectionString);

}
}
@@ -949,6 +949,7 @@ android.util.PrefixPrinter
android.util.PrintWriterPrinter
android.util.Printer
android.util.Property
android.util.Seclog
android.util.Singleton
android.util.Slog
android.util.SparseArray
@@ -1689,6 +1690,7 @@ com.android.server.NetworkManagementSocketTagger
com.android.server.NetworkManagementSocketTagger$1
com.android.server.NetworkManagementSocketTagger$SocketTags
com.android.server.Watchdog
com.cobradroid.EventNotifier
com.google.android.collect.Lists
com.google.android.collect.Maps
com.google.android.gles_jni.EGLConfigImpl

0 comments on commit 3eead3f

Please sign in to comment.