bytedance · firmianay · Dec 17, 2023
diff --git a/src/main/kotlin/net/bytedance/security/app/RuleData.kt b/src/main/kotlin/net/bytedance/security/app/RuleData.kt
@@ -127,6 +127,8 @@ data class RuleData(
 
     val targetSdk: String = "",     // 规则适用的targetSdk版本
     val runtimeSdk: String = "",    // 规则适用的运行时系统版本
+
+    val exportedCompos: Boolean? = null,    // 是否过滤导出组件
 )
 
 val defaultSourceReturn = SourceReturn()

diff --git a/src/main/kotlin/net/bytedance/security/app/result/OutputSecResults.kt b/src/main/kotlin/net/bytedance/security/app/result/OutputSecResults.kt
@@ -24,8 +24,10 @@ import net.bytedance.security.app.Log
 import net.bytedance.security.app.PLUtils
 import net.bytedance.security.app.PreAnalyzeContext
 import net.bytedance.security.app.android.AndroidUtils
+import net.bytedance.security.app.android.ComponentDescription
 import net.bytedance.security.app.getConfig
 import net.bytedance.security.app.result.model.*
+import net.bytedance.security.app.rules.AbstractRule
 import net.bytedance.security.app.util.Json
 import net.bytedance.security.app.util.TaskQueue
 import net.bytedance.security.app.util.profiler
@@ -151,6 +153,23 @@ object OutputSecResults {
         return map.values.toList()
     }
 
+    /**
+     * filter results based on "exportedCompos" field
+     */
+    private fun filterExportedCompos(securityVulnerabilityItems: List<SecurityVulnerabilityItem>):
+            List<SecurityVulnerabilityItem> {
+        return securityVulnerabilityItems.filter {
+            it.details?.get("Manifest")?.let { manifest ->
+                val exported = (manifest as ComponentDescription).exported
+                when ((it.rule as AbstractRule).exportedCompos) {
+                    true -> exported
+                    false -> !exported
+                    null -> true
+                }
+            } ?: false
+        }
+    }
+
     /**
      * group the results by the category
      */
@@ -196,7 +215,7 @@ object OutputSecResults {
             insertPerm()
             insertMani()
             addManifest(ctx)
-            groupResult(removeDup())
+            groupResult(filterExportedCompos(removeDup()))
             val jsonName =
                 "results_" + AndroidUtils.PackageName + "_" + java.lang.Long.toHexString(System.nanoTime() + (Math.random() * 100).toLong())
             val outputPath = getConfig().outPath + "/results.json"

diff --git a/src/main/kotlin/net/bytedance/security/app/rules/AbstractRule.kt b/src/main/kotlin/net/bytedance/security/app/rules/AbstractRule.kt
@@ -21,9 +21,6 @@ import net.bytedance.security.app.RuleData
 import net.bytedance.security.app.RuleDescription
 
 abstract class AbstractRule(override val name: String, ruleData: RuleData) : IRule {
-    final override val desc: RuleDescription
-
-    init {
-        desc = ruleData.desc
-    }
-}
+    final override val desc: RuleDescription = ruleData.desc
+    val exportedCompos: Boolean? = ruleData.exportedCompos
+}