Info Call to Random API

Description

List of all calls to methods that return pseudo-random values.

Recommendation

Do not seed Random with the current time because that value is more predictable to an attacker than the default seed.

The java.util.Random class must not be used either for security-critical applications or for protecting sensitive data. Use a more secure random number generator, such as the java.security.SecureRandom class.

Technical details

Method com.microsoft.appcenter.utils.UUIDUtils.initFailOver() calling method java.util.Random.<init>()


    private static declared_synchronized void initFailOver(SecurityException p3)
    {
        try {
            if (com.microsoft.appcenter.utils.UUIDUtils.sRandom == null) {
                com.microsoft.appcenter.utils.UUIDUtils.sRandom = new java.util.Random();
                com.microsoft.appcenter.utils.AppCenterLog.error("AppCenter", "UUID.randomUUID failed, using Random as fallback", p3);
            }
        } catch (String v0_4) {
            throw v0_4;
        }
        return;
    }

Method com.microsoft.appcenter.http.HttpClientRetryer.<init>() calling method java.util.Random.<init>()


    HttpClientRetryer(com.microsoft.appcenter.http.HttpClient p2, android.os.Handler p3)
    {
        super(p2);
        super.mRandom = new java.util.Random();
        super.mHandler = p3;
        return;
    }

Method com.adobe.mobile.StaticMethods.generateAID() calling method java.security.SecureRandom.<init>()


    private static String generateAID()
    {
        String v5_0 = java.util.UUID.randomUUID().toString().replace("-", "").toUpperCase(java.util.Locale.US);
        java.util.regex.Pattern v1 = java.util.regex.Pattern.compile("^[89A-F]");
        java.util.regex.Pattern v4 = java.util.regex.Pattern.compile("^[4-9A-F]");
        java.util.regex.Matcher v0 = v1.matcher(v5_0.substring(0, 16));
        java.util.regex.Matcher v3 = v4.matcher(v5_0.substring(16, 32));
        java.security.SecureRandom v2_1 = new java.security.SecureRandom();
        return new StringBuilder().append(v0.replaceAll(String.valueOf(v2_1.nextInt(7)))).append("-").append(v3.replaceAll(String.valueOf(v2_1.nextInt(3)))).toString();
    }

Method com.adobe.mobile.MessageTemplateCallback.<init>() calling method java.security.SecureRandom.<init>()


    MessageTemplateCallback()
    {
        this.randomGen = new java.security.SecureRandom();
        return;
    }

Method com.adobe.mobile.MessageNotificationHandler.onReceive() calling method java.security.SecureRandom.<init>()


    public void onReceive(android.content.Context p41, android.content.Intent p42)
    {
        android.os.Bundle v8 = p42.getExtras();
        if (v8 != null) {
            try {
                String v14 = v8.getString("alarm_message");
                int v23 = v8.getInt("adbMessageCode");
                int v22 = v8.getInt("requestCode");
                String v15 = v8.getString("adb_m_l_id");
                String v11 = v8.getString("adb_deeplink");
                String v34 = v8.getString("userData");
            } catch (Exception v12_0) {
                android.app.NotificationManager v0_64 = new Object[1];
                Class[] v36_30 = v0_64;
                v36_30[0] = v12_0.getMessage();
                com.adobe.mobile.StaticMethods.logDebugFormat("Messages - unable to load message from local notification (%s)", v36_30);
            }
            if (v23 == com.adobe.mobile.Messages.MESSAGE_LOCAL_IDENTIFIER.intValue()) {
                if (v14 != null) {
                    try {
                        android.app.Activity v10 = com.adobe.mobile.StaticMethods.getCurrentActivity();
                        try {
                            android.content.Context v32 = com.adobe.mobile.StaticMethods.getSharedContext();
                            try {
                                android.app.Activity v17 = com.adobe.mobile.StaticMethods.getCurrentActivity();
                            } catch (Exception v12) {
                                android.app.NotificationManager v0_96 = new Object[0];
                                com.adobe.mobile.StaticMethods.logErrorFormat("Messages - unable to find activity for your notification, using default", v0_96);
                            }
                            if ((v11 == null) || (v11.isEmpty())) {
                                if (v17 == null) {
                                    android.content.Intent v24 = p42;
                                } else {
                                    v24 = v17.getIntent();
                                }
                            } else {
                                v24 = new android.content.Intent;
                                v24("android.intent.action.VIEW");
                                v24.setData(android.net.Uri.parse(v11));
                            }
                            v24.setFlags(603979776);
                            v24.putExtra("adb_m_l_id", v15);
                            v24.putExtra("userData", v34);
                            int v7 = android.os.Build$VERSION.SDK_INT;
                            try {
                                android.app.PendingIntent v25 = android.app.PendingIntent.getActivity(v32, v22, v24, 134217728);
                            } catch (Exception v12_4) {
                                android.app.NotificationManager v0_82 = new Object[1];
                                Class[] v36_39 = v0_82;
                                v36_39[0] = v12_4.getMessage();
                                com.adobe.mobile.StaticMethods.logErrorFormat("Messages - error posting notification, class not found (%s)", v36_39);
                            } catch (Exception v12_3) {
                                android.app.NotificationManager v0_80 = new Object[1];
                                Class[] v36_37 = v0_80;
                                v36_37[0] = v12_3.getMessage();
                                com.adobe.mobile.StaticMethods.logErrorFormat("Messages - error posting notification, method not found (%s)", v36_37);
                            } catch (Exception v12_2) {
                                android.app.NotificationManager v0_78 = new Object[1];
                                Class[] v36_35 = v0_78;
                                v36_35[0] = v12_2.getMessage();
                                com.adobe.mobile.StaticMethods.logErrorFormat("Messages - error posting notification (%s)", v36_35);
                            } catch (Exception v12_1) {
                                android.app.NotificationManager v0_76 = new Object[1];
                                Class[] v36_33 = v0_76;
                                v36_33[0] = v12_1.getMessage();
                                com.adobe.mobile.StaticMethods.logErrorFormat("Messages - unexpected error posting notification (%s)", v36_33);
                            }
                            if (v25 != null) {
                                android.app.Notification v16_0;
                                if (v7 < 11) {
                                    android.app.Notification v33_1 = new android.app.Notification();
                                    android.app.NotificationManager v0_5 = new Class[4];
                                    String v37_1 = v0_5;
                                    v37_1[0] = android.content.Context;
                                    v37_1[1] = String;
                                    v37_1[2] = String;
                                    v37_1[3] = android.app.PendingIntent;
                                    reflect.Method v5 = android.app.Notification.getDeclaredMethod("setLatestEventInfo", v37_1);
                                    android.app.NotificationManager v0_7 = new Object[4];
                                    int v35_6 = v0_7;
                                    v35_6[0] = v32;
                                    v35_6[1] = this.getAppName();
                                    v35_6[2] = v14;
                                    v35_6[3] = v25;
                                    v5.invoke(v33_1, v35_6);
                                    android.app.Notification.getField("icon").set(v33_1, Integer.valueOf(this.getSmallIcon()));
                                    v33_1.flags = 16;
                                    v16_0 = v33_1;
                                } else {
                                    Class v19 = android.content.BroadcastReceiver.getClassLoader().loadClass("android.app.Notification$Builder");
                                    android.app.NotificationManager v0_14 = new Class[1];
                                    int v35_15 = v0_14;
                                    v35_15[0] = android.content.Context;
                                    reflect.Constructor v20 = v19.getConstructor(v35_15);
                                    v20.setAccessible(1);
                                    android.app.NotificationManager v0_18 = new Object[1];
                                    int v35_19 = v0_18;
                                    v35_19[0] = com.adobe.mobile.StaticMethods.getSharedContext();
                                    Object v18 = v20.newInstance(v35_19);
                                    android.app.NotificationManager v0_22 = new Class[1];
                                    Class[] v36_9 = v0_22;
                                    v36_9[0] = Integer.TYPE;
                                    reflect.Method v31 = v19.getDeclaredMethod("setSmallIcon", v36_9);
                                    android.app.NotificationManager v0_25 = new Object[1];
                                    int v35_22 = v0_25;
                                    v35_22[0] = Integer.valueOf(this.getSmallIcon());
                                    v31.invoke(v18, v35_22);
                                    android.app.NotificationManager v0_28 = new Class[1];
                                    Class[] v36_12 = v0_28;
                                    v36_12[0] = android.graphics.Bitmap;
                                    reflect.Method v30 = v19.getDeclaredMethod("setLargeIcon", v36_12);
                                    android.app.NotificationManager v0_32 = new Object[1];
                                    int v35_26 = v0_32;
                                    v35_26[0] = this.getLargeIcon();
                                    v30.invoke(v18, v35_26);
                                    android.app.NotificationManager v0_35 = new Class[1];
                                    Class[] v36_15 = v0_35;
                                    v36_15[0] = CharSequence;
                                    reflect.Method v29 = v19.getDeclaredMethod("setContentTitle", v36_15);
                                    android.app.NotificationManager v0_38 = new Object[1];
                                    int v35_30 = v0_38;
                                    v35_30[0] = this.getAppName();
                                    v29.invoke(v18, v35_30);
                                    android.app.NotificationManager v0_41 = new Class[1];
                                    Class[] v36_18 = v0_41;
                                    v36_18[0] = CharSequence;
                                    reflect.Method v28 = v19.getDeclaredMethod("setContentText", v36_18);
                                    android.app.NotificationManager v0_44 = new Object[1];
                                    int v35_35 = v0_44;
                                    v35_35[0] = v14;
                                    v28.invoke(v18, v35_35);
                                    android.app.NotificationManager v0_48 = new Class[1];
                                    Class[] v36_21 = v0_48;
                                    v36_21[0] = android.app.PendingIntent;
                                    reflect.Method v27 = v19.getDeclaredMethod("setContentIntent", v36_21);
                                    android.app.NotificationManager v0_51 = new Object[1];
                                    int v35_38 = v0_51;
                                    v35_38[0] = v25;
                                    v27.invoke(v18, v35_38);
                                    android.app.NotificationManager v0_54 = new Class[1];
                                    Class[] v36_24 = v0_54;
                                    v36_24[0] = Boolean.TYPE;
                                    reflect.Method v26 = v19.getDeclaredMethod("setAutoCancel", v36_24);
                                    android.app.NotificationManager v0_57 = new Object[1];
                                    int v35_42 = v0_57;
                                    v35_42[0] = Boolean.valueOf(1);
                                    v26.invoke(v18, v35_42);
                                    if (v7 < 16) {
                                        android.app.NotificationManager v0_62 = new Class[0];
                                        android.app.NotificationManager v0_66 = new Object[0];
                                        v16_0 = v19.getDeclaredMethod("getNotification", v0_62).invoke(v18, v0_66);
                                    } else {
                                        android.app.NotificationManager v0_69 = new Class[0];
                                        android.app.NotificationManager v0_72 = new Object[0];
                                        v16_0 = v19.getDeclaredMethod("build", v0_69).invoke(v18, v0_72);
                                    }
                                    if (v16_0 == null) {
                                        return;
                                    }
                                }
                                ((android.app.NotificationManager) v10.getSystemService("notification")).notify(new java.security.SecureRandom().nextInt(), ((android.app.Notification) v16_0));
                            } else {
                                android.app.NotificationManager v0_86 = new Object[0];
                                com.adobe.mobile.StaticMethods.logDebugFormat("Messages - could not retrieve sender from broadcast, unable to post notification", v0_86);
                            }
                        } catch (Exception v12_6) {
                            android.app.NotificationManager v0_94 = new Object[0];
                            com.adobe.mobile.StaticMethods.logErrorFormat(v12_6.getMessage(), v0_94);
                        }
                    } catch (Exception v12_5) {
                        android.app.NotificationManager v0_92 = new Object[0];
                        com.adobe.mobile.StaticMethods.logErrorFormat(v12_5.getMessage(), v0_92);
                    }
                } else {
                    android.app.NotificationManager v0_88 = new Object[0];
                    com.adobe.mobile.StaticMethods.logDebugFormat("Messages - local notification message was empty ", v0_88);
                }
            }
        } else {
            android.app.NotificationManager v0_90 = new Object[0];
            com.adobe.mobile.StaticMethods.logDebugFormat("Messages - unable to load extras from local notification intent", v0_90);
        }
        return;
    }

Method com.adobe.mobile.MessageLocalNotification.show() calling method java.security.SecureRandom.<init>()


    protected void show()
    {
        super.show();
        try {
            android.app.Activity v2 = com.adobe.mobile.StaticMethods.getCurrentActivity();
            int v6 = new java.security.SecureRandom().nextInt();
            java.util.Calendar v1 = java.util.Calendar.getInstance();
            v1.add(13, this.localNotificationDelay.intValue());
            android.content.Intent v5_1 = new android.content.Intent("android.intent.action.VIEW");
            v5_1.setClass(v2, com.adobe.mobile.MessageNotificationHandler);
            v5_1.putExtra("adbMessageCode", com.adobe.mobile.Messages.MESSAGE_LOCAL_IDENTIFIER);
            v5_1.putExtra("adb_m_l_id", this.messageId);
            v5_1.putExtra("requestCode", v6);
            v5_1.putExtra("userData", this.userInfo);
            v5_1.putExtra("adb_deeplink", this.deeplink);
            v5_1.putExtra("alarm_message", this.content);
            try {
                ((android.app.AlarmManager) com.adobe.mobile.StaticMethods.getSharedContext().getSystemService("alarm")).set(0, v1.getTimeInMillis(), android.app.PendingIntent.getBroadcast(com.adobe.mobile.StaticMethods.getSharedContext(), v6, v5_1, 134217728));
            } catch (com.adobe.mobile.StaticMethods$NullContextException v3) {
                Object[] v9_11 = new Object[1];
                v9_11[0] = v3.getMessage();
                com.adobe.mobile.StaticMethods.logErrorFormat("Messaging - Error scheduling local notification (%s)", v9_11);
            }
            return;
        } catch (com.adobe.mobile.StaticMethods$NullActivityException v4) {
            Object[] v9_7 = new Object[0];
            com.adobe.mobile.StaticMethods.logErrorFormat(v4.getMessage(), v9_7);
            return;
        }
    }

Method com.adobe.mobile.AnalyticsWorker.<clinit>() calling method java.security.SecureRandom.<init>()


    static AnalyticsWorker()
    {
        com.adobe.mobile.AnalyticsWorker.randomGen = new java.security.SecureRandom();
        com.adobe.mobile.AnalyticsWorker._instance = 0;
        com.adobe.mobile.AnalyticsWorker._instanceMutex = new Object();
        com.adobe.mobile.AnalyticsWorker.analyticsGetBaseURL_pred = 1;
        return;
    }