From 5d0aaf42dbc6bc3e492c3dd19ff66458baccb587 Mon Sep 17 00:00:00 2001
From: Cole Faust <colefaust@google.com>
Date: Mon, 29 Jan 2024 13:49:14 -0800
Subject: [PATCH] Prevent disabling checks via flags property

strict_updatability_linting currently only checks that updatability
checks aren't disabled via disabled_checks / warning_checks, you could
get around it using the `flags` property. Only allow controlling checks
via the *_checks properties.

Bug: 322802379
Test: m nothing --no-skip-soong-tests
Change-Id: Ia311622e1409f9cc201ab55f8749f2d13fccf551
---
 java/lint.go      |  6 ++++++
 java/lint_test.go | 19 +++++++++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/java/lint.go b/java/lint.go
index c3d723b40..31e7f353d 100644
--- a/java/lint.go
+++ b/java/lint.go
@@ -370,6 +370,12 @@ func (l *linter) lint(ctx android.ModuleContext) {
 		return
 	}
 
+	for _, flag := range l.properties.Lint.Flags {
+		if strings.Contains(flag, "--disable") || strings.Contains(flag, "--enable") || strings.Contains(flag, "--check") {
+			ctx.PropertyErrorf("lint.flags", "Don't use --disable, --enable, or --check in the flags field, instead use the dedicated disabled_checks, warning_checks, error_checks, or fatal_checks fields")
+		}
+	}
+
 	if l.minSdkVersion.CompareTo(l.compileSdkVersion) == -1 {
 		l.extraMainlineLintErrors = append(l.extraMainlineLintErrors, updatabilityChecks...)
 		// Skip lint warning checks for NewApi warnings for libcore where they come from source
diff --git a/java/lint_test.go b/java/lint_test.go
index b7e6aad8e..751b139e7 100644
--- a/java/lint_test.go
+++ b/java/lint_test.go
@@ -260,3 +260,22 @@ func TestJavaLintDatabaseSelectionFull(t *testing.T) {
 		}
 	}
 }
+
+func TestCantControlCheckSeverityWithFlags(t *testing.T) {
+	bp := `
+		java_library {
+			name: "foo",
+			srcs: [
+				"a.java",
+			],
+			min_sdk_version: "29",
+			sdk_version: "current",
+			lint: {
+				flags: ["--disabled", "NewApi"],
+			},
+		}
+	`
+	PrepareForTestWithJavaDefaultModules.
+		ExtendWithErrorHandler(android.FixtureExpectsOneErrorPattern("Don't use --disable, --enable, or --check in the flags field, instead use the dedicated disabled_checks, warning_checks, error_checks, or fatal_checks fields")).
+		RunTestWithBp(t, bp)
+}