Save only unique intent priorities in findings (#2474)

* Save only unique intent priorities in findings * Save only unique intent priorities in findings * Save only unique intent priorities in findings * Save only unique intent priorities in findings --------- Co-authored-by: Dmitry Maryushkin <[email protected]> Co-authored-by: Ajin Abraham <[email protected]>
MobSF · Dec 18, 2024 · 17332e8 · 17332e8
1 parent fbf5674
commit 17332e8
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 4 deletions.
diff --git a/mobsf/StaticAnalyzer/views/android/kb/android_manifest_desc.py b/mobsf/StaticAnalyzer/views/android/kb/android_manifest_desc.py
@@ -219,12 +219,12 @@
         'name': 'Data SMS Receiver Set on Port: %s Found. [android:port]',
     },
     'high_intent_priority_found': {
-        'title': 'High Intent Priority (%s)<br>[android:priority]',
+        'title': 'High Intent Priority (%s) - {%s} Hit(s)<br>[android:priority]',
         'level': 'warning',
         'description': ('By setting an intent priority higher than another'
                         ' intent, the app effectively overrides '
                         'other requests.'),
-        'name': 'High Intent Priority (%s). [android:priority]',
+        'name': 'High Intent Priority (%s) - {%s} Hit(s) [android:priority]',
     },
     'high_action_priority_found': {
         'title': 'High Action Priority (%s)<br>[android:priority] ',

diff --git a/mobsf/StaticAnalyzer/views/android/manifest_analysis.py b/mobsf/StaticAnalyzer/views/android/manifest_analysis.py
@@ -761,12 +761,18 @@ def manifest_analysis(app_dic, man_data_dic):
                 dataport = data.getAttribute(f'{ns}:port')
                 ret_list.append(('sms_receiver_port_found', (dataport,), ()))
         # INTENTS
+        processed_priorities = {}
         for intent in intents:
             if intent.getAttribute(f'{ns}:priority').isdigit():
                 value = intent.getAttribute(f'{ns}:priority')
                 if int(value) > 100:
-                    ret_list.append(
-                        ('high_intent_priority_found', (value,), ()))
+                    if value not in processed_priorities:
+                        processed_priorities[value] = 1
+                    else:
+                        processed_priorities[value] += 1
+        for priority, count in processed_priorities.items():
+            ret_list.append(
+                ('high_intent_priority_found', (priority, count,), ()))
         # ACTIONS
         for action in actions:
             if action.getAttribute(f'{ns}:priority').isdigit():