Potentially Insecure Shared Preferences Permissions

Description

Setting Shared Preferences with insecure permissions either world readable or world writable may expose sensitive information stored in shared preferences to arbitrary read or write by a malicious attacker.

Recommendation

Shared Preferences are XML files to store private primitive data in key-value pairs. Data Types include Booleans, floats, ints, longs, and strings.

Shared preferences must be set with the permission MODE_WORLD_READABLE, unless explicity required for sharing information across apps.

Technical details
[TAINT] Const '1' ==>>> Sink '['Landroid/content/Context;', 'getSharedPreferences', '(Ljava/lang/String; I)Landroid/content/SharedPreferences;', '1', 'SHARED_PREFERENCE_SINK']' [[('Lcom/google/ads/mediation/AbstractAdViewAdapter;', 'requestBannerAd', '(Landroid/content/Context; Lcom/google/android/gms/ads/mediation/MediationBannerListener; Landroid/os/Bundle; Lcom/google/android/gms/ads/AdSize; Lcom/google/android/gms/ads/mediation/MediationAdRequest; Landroid/os/Bundle;)V'), ('Lcom/google/android/gms/ads/AdView;', 'loadAd', '(Lcom/google/android/gms/ads/AdRequest;)V'), ('Lcom/google/android/gms/ads/internal/client/zzy;', 'zza', '(Lcom/google/android/gms/ads/internal/client/zzx;)V'), ('Lcom/google/android/gms/ads/internal/client/zzy;', 'zzcO', '()V'), ('Lcom/google/android/gms/ads/internal/client/zze;', 'zza', '(Landroid/content/Context; Lcom/google/android/gms/ads/internal/client/AdSizeParcel; Ljava/lang/String; Lcom/google/android/gms/internal/zzee;)Lcom/google/android/gms/ads/internal/client/zzr;'), ('Lcom/google/android/gms/ads/internal/zze;', '<init>', '(Landroid/content/Context; Lcom/google/android/gms/ads/internal/client/AdSizeParcel; Ljava/lang/String; Lcom/google/android/gms/internal/zzef; Lcom/google/android/gms/ads/internal/util/client/VersionInfoParcel;)V'), ('Lcom/google/android/gms/ads/internal/zzc;', '<init>', '(Landroid/content/Context; Lcom/google/android/gms/ads/internal/client/AdSizeParcel; Ljava/lang/String; Lcom/google/android/gms/internal/zzef; Lcom/google/android/gms/ads/internal/util/client/VersionInfoParcel;)V'), ('Lcom/google/android/gms/ads/internal/zzb;', '<init>', '(Landroid/content/Context; Lcom/google/android/gms/ads/internal/client/AdSizeParcel; Ljava/lang/String; Lcom/google/android/gms/internal/zzef; Lcom/google/android/gms/ads/internal/util/client/VersionInfoParcel;)V'), ('Lcom/google/android/gms/ads/internal/zzp;', '<init>', '(Landroid/content/Context; Lcom/google/android/gms/ads/internal/client/AdSizeParcel; Ljava/lang/String; Lcom/google/android/gms/ads/internal/util/client/VersionInfoParcel;)V'), ('Lcom/google/android/gms/ads/internal/zzp;', '<init>', '(Landroid/content/Context; Lcom/google/android/gms/ads/internal/client/AdSizeParcel; Ljava/lang/String; Lcom/google/android/gms/ads/internal/util/client/VersionInfoParcel; Lcom/google/android/gms/internal/zzan;)V'), ('Lcom/google/android/gms/internal/zzbz;', 'zzw', '(Landroid/content/Context;)V'), ('Lcom/google/android/gms/internal/zzby;', 'zzw', '(Landroid/content/Context;)V'), ('Lcom/google/android/gms/internal/zzbx;', 'zzv', '(Landroid/content/Context;)Landroid/content/SharedPreferences;'), ('Landroid/content/Context;', 'getSharedPreferences', '(Ljava/lang/String; I)Landroid/content/SharedPreferences;')]]

Call to shared preference method using insecure permission (WORLD_WRITABLE)

Method com.google.ads.mediation.AbstractAdViewAdapter.requestBannerAd():


    public void requestBannerAd(android.content.Context p5, com.google.android.gms.ads.mediation.MediationBannerListener p6, android.os.Bundle p7, com.google.android.gms.ads.AdSize p8, com.google.android.gms.ads.mediation.MediationAdRequest p9, android.os.Bundle p10)
    {
        this.zzaL = new com.google.android.gms.ads.AdView(p5);
        this.zzaL.setAdSize(new com.google.android.gms.ads.AdSize(p8.getWidth(), p8.getHeight()));
        this.zzaL.setAdUnitId(p7.getString("pubid"));
        this.zzaL.setAdListener(new com.google.ads.mediation.AbstractAdViewAdapter$zza(this, p6));
        this.zzaL.loadAd(this.zza(p5, p9, p10, p7));
        return;
    }

Method com.google.android.gms.ads.AdView.loadAd():


    public void loadAd(com.google.android.gms.ads.AdRequest p3)
    {
        this.zznP.zza(p3.zzaF());
        return;
    }

Method com.google.android.gms.ads.internal.client.zzy.zza():


    public void zza(com.google.android.gms.ads.internal.client.zzx p4)
    {
        try {
            if (this.zzsT != null) {
                if (this.zzsT.zza(this.zznH.zza(this.zzsV.getContext(), p4))) {
                    this.zzsR.zzf(p4.zzcJ());
                    return;
                }
            } else {
                this.zzcO();
            }
        } catch (java.util.Map v4_1) {
            com.google.android.gms.ads.internal.util.client.zzb.zzd("Failed to load ad.", v4_1);
        }
        return;
    }

Method com.google.android.gms.ads.internal.client.zzy.zzcO():


    private void zzcO()
    {
        if (((this.zzsr != null) && (this.zzoL != null)) || (this.zzsT != null)) {
            com.google.android.gms.ads.internal.client.zzr v0_20 = this.zzsV.getContext();
            this.zzsT = com.google.android.gms.ads.internal.client.zzk.zzcB().zza(v0_20, new com.google.android.gms.ads.internal.client.AdSizeParcel(v0_20, this.zzsr), this.zzoL, this.zzsR);
            if (this.zzrV != null) {
                this.zzsT.zza(new com.google.android.gms.ads.internal.client.zzc(this.zzrV));
            }
            if (this.zzrU != null) {
                this.zzsT.zza(new com.google.android.gms.ads.internal.client.zzb(this.zzrU));
            }
            if (this.zzsq != null) {
                this.zzsT.zza(new com.google.android.gms.ads.internal.client.zzi(this.zzsq));
            }
            if (this.zzsW != null) {
                this.zzsT.zza(new com.google.android.gms.internal.zzfk(this.zzsW));
            }
            if (this.zzsX != null) {
                this.zzsT.zza(new com.google.android.gms.internal.zzfo(this.zzsX), this.zzsU);
            }
            if (this.zzsY != null) {
                this.zzsT.zza(new com.google.android.gms.internal.zzcj(this.zzsY));
            }
            this.zzsT.zza(com.google.android.gms.ads.internal.client.zzk.zzcC());
            this.zzcN();
            return;
        } else {
            throw new IllegalStateException("The ad size and ad unit ID must be set before loadAd is called.");
        }
    }

Method com.google.android.gms.ads.internal.client.zze.zza():


    public com.google.android.gms.ads.internal.client.zzr zza(android.content.Context p8, com.google.android.gms.ads.internal.client.AdSizeParcel p9, String p10, com.google.android.gms.internal.zzee p11)
    {
        com.google.android.gms.ads.internal.zze v0_1;
        if (!com.google.android.gms.ads.internal.client.zzk.zzcA().zzP(p8)) {
            com.google.android.gms.ads.internal.util.client.zzb.zzay("Using BannerAdManager from the client jar.");
            v0_1 = new com.google.android.gms.ads.internal.zze;
            v0_1(p8, p9, p10, p11, new com.google.android.gms.ads.internal.util.client.VersionInfoParcel(7571000, 7571000, 1));
        } else {
            v0_1 = this.zza(p8, p9, p10, p11, 1);
            if (v0_1 == null) {
            }
        }
        return v0_1;
    }

Method com.google.android.gms.ads.internal.zze.<init>():


    public zze(android.content.Context p1, com.google.android.gms.ads.internal.client.AdSizeParcel p2, String p3, com.google.android.gms.internal.zzef p4, com.google.android.gms.ads.internal.util.client.VersionInfoParcel p5)
    {
        super(p1, p2, p3, p4, p5);
        return;
    }

Method com.google.android.gms.ads.internal.zzc.<init>():


    public zzc(android.content.Context p1, com.google.android.gms.ads.internal.client.AdSizeParcel p2, String p3, com.google.android.gms.internal.zzef p4, com.google.android.gms.ads.internal.util.client.VersionInfoParcel p5)
    {
        super(p1, p2, p3, p4, p5);
        return;
    }

Method com.google.android.gms.ads.internal.zzb.<init>():


    public zzb(android.content.Context p2, com.google.android.gms.ads.internal.client.AdSizeParcel p3, String p4, com.google.android.gms.internal.zzef p5, com.google.android.gms.ads.internal.util.client.VersionInfoParcel p6)
    {
        this(new com.google.android.gms.ads.internal.zzp(p2, p3, p4, p6), p5, 0);
        return;
    }

Method com.google.android.gms.ads.internal.zzp.<init>():


    public zzp(android.content.Context p7, com.google.android.gms.ads.internal.client.AdSizeParcel p8, String p9, com.google.android.gms.ads.internal.util.client.VersionInfoParcel p10)
    {
        this(p7, p8, p9, p10, 0);
        return;
    }

Method com.google.android.gms.ads.internal.zzp.<init>():


    zzp(android.content.Context p3, com.google.android.gms.ads.internal.client.AdSizeParcel p4, String p5, com.google.android.gms.ads.internal.util.client.VersionInfoParcel p6, com.google.android.gms.internal.zzan p7)
    {
        this.zzqf = 0;
        this.zzqg = 0;
        this.zzqh = 0;
        this.zzqi = 0;
        this.zzoU = 0;
        this.zzqj = 0;
        this.zzqk = -1;
        this.zzql = -1;
        com.google.android.gms.internal.zzbz.zzw(p3);
        this.zzpF = java.util.UUID.randomUUID().toString();
        if ((!p4.zzsn) && (!p4.zzsp)) {
            this.zzpK = new com.google.android.gms.ads.internal.zzp$zza(p3);
            this.zzpK.setMinimumWidth(p4.widthPixels);
            this.zzpK.setMinimumHeight(p4.heightPixels);
            this.zzpK.setVisibility(4);
        } else {
            this.zzpK = 0;
        }
        if ((p3 != null) && (((p3 instanceof android.app.Activity)) && (this.zzpK != null))) {
            com.google.android.gms.ads.internal.zzo.zzbv().zza(((android.app.Activity) p3), this);
            com.google.android.gms.ads.internal.zzo.zzbv().zza(((android.app.Activity) p3), this);
        }
        this.zzpN = p4;
        this.zzpG = p5;
        this.zzpH = p3;
        this.zzpJ = p6;
        if (p7 == null) {
            p7 = new com.google.android.gms.internal.zzan(new com.google.android.gms.ads.internal.zzg(this));
        }
        this.zzpI = p7;
        this.zzqm = new com.google.android.gms.internal.zzhq(200);
        this.zzqa = new com.google.android.gms.internal.zzkw();
        return;
    }

Method com.google.android.gms.internal.zzbz.zzw():


    public static void zzw(android.content.Context p1)
    {
        com.google.android.gms.ads.internal.zzo.zzbE().zzw(p1);
        return;
    }

Method com.google.android.gms.internal.zzby.zzw():


    public void zzw(android.content.Context p3)
    {
        try {
            if (!this.zzpb) {
                int v3_3 = com.google.android.gms.common.GooglePlayServicesUtil.getRemoteContext(p3);
                if (v3_3 != 0) {
                    this.zztB = com.google.android.gms.ads.internal.zzo.zzbC().zzv(v3_3);
                    this.zzpb = 1;
                    return;
                } else {
                    return;
                }
            } else {
                return;
            }
        } catch (int v3_2) {
            throw v3_2;
        }
    }

Method com.google.android.gms.internal.zzbx.zzv():


    public android.content.SharedPreferences zzv(android.content.Context p3)
    {
        return p3.getSharedPreferences("google_ads_flags", 1);
    }

Method android.content.Context.getSharedPreferences() not found.

[TAINT] Const '1' ==>>> Sink '['Landroid/content/Context;', 'getSharedPreferences', '(Ljava/lang/String; I)Landroid/content/SharedPreferences;', '1', 'SHARED_PREFERENCE_SINK']' [[('Lcom/google/ads/mediation/AbstractAdViewAdapter;', 'requestInterstitialAd', '(Landroid/content/Context; Lcom/google/android/gms/ads/mediation/MediationInterstitialListener; Landroid/os/Bundle; Lcom/google/android/gms/ads/mediation/MediationAdRequest; Landroid/os/Bundle;)V'), ('Lcom/google/android/gms/ads/InterstitialAd;', 'loadAd', '(Lcom/google/android/gms/ads/AdRequest;)V'), ('Lcom/google/android/gms/ads/internal/client/zzz;', 'zza', '(Lcom/google/android/gms/ads/internal/client/zzx;)V'), ('Lcom/google/android/gms/ads/internal/client/zzz;', 'zzL', '(Ljava/lang/String;)V'), ('Lcom/google/android/gms/ads/internal/client/zze;', 'zzb', '(Landroid/content/Context; Lcom/google/android/gms/ads/internal/client/AdSizeParcel; Ljava/lang/String; Lcom/google/android/gms/internal/zzee;)Lcom/google/android/gms/ads/internal/client/zzr;'), ('Lcom/google/android/gms/ads/internal/zzj;', '<init>', '(Landroid/content/Context; Lcom/google/android/gms/ads/internal/client/AdSizeParcel; Ljava/lang/String; Lcom/google/android/gms/internal/zzef; Lcom/google/android/gms/ads/internal/util/client/VersionInfoParcel;)V'), ('Lcom/google/android/gms/ads/internal/zzc;', '<init>', '(Landroid/content/Context; Lcom/google/android/gms/ads/internal/client/AdSizeParcel; Ljava/lang/String; Lcom/google/android/gms/internal/zzef; Lcom/google/android/gms/ads/internal/util/client/VersionInfoParcel;)V'), ('Lcom/google/android/gms/ads/internal/zzb;', '<init>', '(Landroid/content/Context; Lcom/google/android/gms/ads/internal/client/AdSizeParcel; Ljava/lang/String; Lcom/google/android/gms/internal/zzef; Lcom/google/android/gms/ads/internal/util/client/VersionInfoParcel;)V'), ('Lcom/google/android/gms/ads/internal/zzp;', '<init>', '(Landroid/content/Context; Lcom/google/android/gms/ads/internal/client/AdSizeParcel; Ljava/lang/String; Lcom/google/android/gms/ads/internal/util/client/VersionInfoParcel;)V'), ('Lcom/google/android/gms/ads/internal/zzp;', '<init>', '(Landroid/content/Context; Lcom/google/android/gms/ads/internal/client/AdSizeParcel; Ljava/lang/String; Lcom/google/android/gms/ads/internal/util/client/VersionInfoParcel; Lcom/google/android/gms/internal/zzan;)V'), ('Lcom/google/android/gms/internal/zzbz;', 'zzw', '(Landroid/content/Context;)V'), ('Lcom/google/android/gms/internal/zzby;', 'zzw', '(Landroid/content/Context;)V'), ('Lcom/google/android/gms/internal/zzbx;', 'zzv', '(Landroid/content/Context;)Landroid/content/SharedPreferences;'), ('Landroid/content/Context;', 'getSharedPreferences', '(Ljava/lang/String; I)Landroid/content/SharedPreferences;')]]

Call to shared preference method using insecure permission (WORLD_WRITABLE)

Method com.google.ads.mediation.AbstractAdViewAdapter.requestInterstitialAd():


    public void requestInterstitialAd(android.content.Context p3, com.google.android.gms.ads.mediation.MediationInterstitialListener p4, android.os.Bundle p5, com.google.android.gms.ads.mediation.MediationAdRequest p6, android.os.Bundle p7)
    {
        this.zzaM = new com.google.android.gms.ads.InterstitialAd(p3);
        this.zzaM.setAdUnitId(p5.getString("pubid"));
        this.zzaM.setAdListener(new com.google.ads.mediation.AbstractAdViewAdapter$zzb(this, p4));
        this.zzaM.loadAd(this.zza(p3, p6, p7, p5));
        return;
    }

Method com.google.android.gms.ads.InterstitialAd.loadAd():


    public void loadAd(com.google.android.gms.ads.AdRequest p3)
    {
        this.zznQ.zza(p3.zzaF());
        return;
    }

Method com.google.android.gms.ads.internal.client.zzz.zza():


    public void zza(com.google.android.gms.ads.internal.client.zzx p4)
    {
        try {
            if (this.zzsT != null) {
                if (this.zzsT.zza(this.zznH.zza(this.mContext, p4))) {
                    this.zzsR.zzf(p4.zzcJ());
                    return;
                }
            } else {
                this.zzL("loadAd");
            }
        } catch (java.util.Map v4_1) {
            com.google.android.gms.ads.internal.util.client.zzb.zzd("Failed to load ad.", v4_1);
        }
        return;
    }

Method com.google.android.gms.ads.internal.client.zzz.zzL():


    private void zzL(String p5)
    {
        if (this.zzoL == null) {
            this.zzM(p5);
        }
        this.zzsT = com.google.android.gms.ads.internal.client.zzk.zzcB().zzb(this.mContext, new com.google.android.gms.ads.internal.client.AdSizeParcel(), this.zzoL, this.zzsR);
        if (this.zzrV != null) {
            this.zzsT.zza(new com.google.android.gms.ads.internal.client.zzc(this.zzrV));
        }
        if (this.zzrU != null) {
            this.zzsT.zza(new com.google.android.gms.ads.internal.client.zzb(this.zzrU));
        }
        if (this.zzsq != null) {
            this.zzsT.zza(new com.google.android.gms.ads.internal.client.zzi(this.zzsq));
        }
        if (this.zzsW != null) {
            this.zzsT.zza(new com.google.android.gms.internal.zzfk(this.zzsW));
        }
        if (this.zzsX != null) {
            this.zzsT.zza(new com.google.android.gms.internal.zzfo(this.zzsX), this.zzsU);
        }
        if (this.zzsY != null) {
            this.zzsT.zza(new com.google.android.gms.internal.zzcj(this.zzsY));
        }
        return;
    }

Method com.google.android.gms.ads.internal.client.zze.zzb():


    public com.google.android.gms.ads.internal.client.zzr zzb(android.content.Context p8, com.google.android.gms.ads.internal.client.AdSizeParcel p9, String p10, com.google.android.gms.internal.zzee p11)
    {
        com.google.android.gms.ads.internal.zzj v0_1;
        if (!com.google.android.gms.ads.internal.client.zzk.zzcA().zzP(p8)) {
            com.google.android.gms.ads.internal.util.client.zzb.zzaC("Using InterstitialAdManager from the client jar.");
            v0_1 = new com.google.android.gms.ads.internal.zzj;
            v0_1(p8, p9, p10, p11, new com.google.android.gms.ads.internal.util.client.VersionInfoParcel(7571000, 7571000, 1));
        } else {
            v0_1 = this.zza(p8, p9, p10, p11, 2);
            if (v0_1 == null) {
            }
        }
        return v0_1;
    }

Method com.google.android.gms.ads.internal.zzj.<init>():


    public zzj(android.content.Context p1, com.google.android.gms.ads.internal.client.AdSizeParcel p2, String p3, com.google.android.gms.internal.zzef p4, com.google.android.gms.ads.internal.util.client.VersionInfoParcel p5)
    {
        super(p1, p2, p3, p4, p5).zzoT = 0;
        return;
    }

Method com.google.android.gms.ads.internal.zzc.<init>():


    public zzc(android.content.Context p1, com.google.android.gms.ads.internal.client.AdSizeParcel p2, String p3, com.google.android.gms.internal.zzef p4, com.google.android.gms.ads.internal.util.client.VersionInfoParcel p5)
    {
        super(p1, p2, p3, p4, p5);
        return;
    }

Method com.google.android.gms.ads.internal.zzb.<init>():


    public zzb(android.content.Context p2, com.google.android.gms.ads.internal.client.AdSizeParcel p3, String p4, com.google.android.gms.internal.zzef p5, com.google.android.gms.ads.internal.util.client.VersionInfoParcel p6)
    {
        this(new com.google.android.gms.ads.internal.zzp(p2, p3, p4, p6), p5, 0);
        return;
    }

Method com.google.android.gms.ads.internal.zzp.<init>():


    public zzp(android.content.Context p7, com.google.android.gms.ads.internal.client.AdSizeParcel p8, String p9, com.google.android.gms.ads.internal.util.client.VersionInfoParcel p10)
    {
        this(p7, p8, p9, p10, 0);
        return;
    }

Method com.google.android.gms.ads.internal.zzp.<init>():


    zzp(android.content.Context p3, com.google.android.gms.ads.internal.client.AdSizeParcel p4, String p5, com.google.android.gms.ads.internal.util.client.VersionInfoParcel p6, com.google.android.gms.internal.zzan p7)
    {
        this.zzqf = 0;
        this.zzqg = 0;
        this.zzqh = 0;
        this.zzqi = 0;
        this.zzoU = 0;
        this.zzqj = 0;
        this.zzqk = -1;
        this.zzql = -1;
        com.google.android.gms.internal.zzbz.zzw(p3);
        this.zzpF = java.util.UUID.randomUUID().toString();
        if ((!p4.zzsn) && (!p4.zzsp)) {
            this.zzpK = new com.google.android.gms.ads.internal.zzp$zza(p3);
            this.zzpK.setMinimumWidth(p4.widthPixels);
            this.zzpK.setMinimumHeight(p4.heightPixels);
            this.zzpK.setVisibility(4);
        } else {
            this.zzpK = 0;
        }
        if ((p3 != null) && (((p3 instanceof android.app.Activity)) && (this.zzpK != null))) {
            com.google.android.gms.ads.internal.zzo.zzbv().zza(((android.app.Activity) p3), this);
            com.google.android.gms.ads.internal.zzo.zzbv().zza(((android.app.Activity) p3), this);
        }
        this.zzpN = p4;
        this.zzpG = p5;
        this.zzpH = p3;
        this.zzpJ = p6;
        if (p7 == null) {
            p7 = new com.google.android.gms.internal.zzan(new com.google.android.gms.ads.internal.zzg(this));
        }
        this.zzpI = p7;
        this.zzqm = new com.google.android.gms.internal.zzhq(200);
        this.zzqa = new com.google.android.gms.internal.zzkw();
        return;
    }

Method com.google.android.gms.internal.zzbz.zzw():


    public static void zzw(android.content.Context p1)
    {
        com.google.android.gms.ads.internal.zzo.zzbE().zzw(p1);
        return;
    }

Method com.google.android.gms.internal.zzby.zzw():


    public void zzw(android.content.Context p3)
    {
        try {
            if (!this.zzpb) {
                int v3_3 = com.google.android.gms.common.GooglePlayServicesUtil.getRemoteContext(p3);
                if (v3_3 != 0) {
                    this.zztB = com.google.android.gms.ads.internal.zzo.zzbC().zzv(v3_3);
                    this.zzpb = 1;
                    return;
                } else {
                    return;
                }
            } else {
                return;
            }
        } catch (int v3_2) {
            throw v3_2;
        }
    }

Method com.google.android.gms.internal.zzbx.zzv():


    public android.content.SharedPreferences zzv(android.content.Context p3)
    {
        return p3.getSharedPreferences("google_ads_flags", 1);
    }

Method android.content.Context.getSharedPreferences() not found.