def compute_base

def compute_base_score()

in ioXt/uraniborg/scripts/python/risk_analyzer.py [0:0]
44 lines of code
10 McCabe index (conditional complexity)

  def compute_base_score(self, hubble, normalize):
    logger = self.logger
    num_sources = 0
    num_platform_signed = 0

    packages = hubble.packages
    whitelist = PackageWhitelists.get_whitelist(hubble.get_oem())
    baseline = BaselinePackages.get_instance(hubble.get_api_level())
    gms_packages = GMS.PACKAGES if self.google_discount else []
    platform_signature = hubble.get_platform_signature()
    for package in packages:
      package_name = package["name"]

      if "android.permission.INSTALL_PACKAGES" not in package[
          "permissionsGranted"]:
        continue

      if package_name in whitelist.INSTALLER_PACKAGES:
        logger.debug("^%s is an official installer app. Skipping...",
                     package_name)
        continue

      if normalize:
        fuzzy_matched_package = PackageWhitelists.package_name_fuzzy_match(
            logger, package_name, baseline.get_all_packages())
        if fuzzy_matched_package:
          logger.debug("^%s skipping - fuzzy matched to GSI package %s",
                       package_name, fuzzy_matched_package)
          continue

      if package_name in gms_packages:
        if GMS.is_gms_package(package):
          logger.debug("^%s is GMS package. Skipping...", package_name)
          continue
        else:
          logger.warning("%s's signature does not match actual GMS package!",
                         package_name)

      self.installer_apps.append(package_name)
      signer_cert = package["certIds"][0]
      self.installer_apps_certs.add(signer_cert)
      logger.debug("+%s signed by %s can install other packages.", package_name,
                   signer_cert)
      if signer_cert == platform_signature:
        logger.warning("!%s's signer is platform key!", package_name)
        num_platform_signed += 1

    num_sources = len(self.installer_apps_certs)
    logger.debug("There are %d different sources of %d installer app",
                 num_sources, len(self.installer_apps))
    return num_sources + num_platform_signed