From c28e8142f479fd7785749ca934cabda2fee4605b Mon Sep 17 00:00:00 2001
From: Skylot <skylot@gmail.com>
Date: Wed, 21 Apr 2021 11:08:21 +0100
Subject: [PATCH] chore: fix warnings reported by snyk

---
 jadx-plugins/jadx-dex-input/build.gradle           | 11 +++++++++--
 .../java/jadx/plugins/input/dex/DexFileLoader.java | 14 +++++++++++---
 jadx-plugins/jadx-smali-input/build.gradle         | 10 ++++++++--
 3 files changed, 28 insertions(+), 7 deletions(-)

diff --git a/jadx-plugins/jadx-dex-input/build.gradle b/jadx-plugins/jadx-dex-input/build.gradle
index 344dfef78..b86a63db5 100644
--- a/jadx-plugins/jadx-dex-input/build.gradle
+++ b/jadx-plugins/jadx-dex-input/build.gradle
@@ -7,7 +7,14 @@ dependencies {
 
 	// TODO: finish own smali printer
 	implementation 'org.smali:baksmali:2.5.2'
-	implementation 'com.google.guava:guava:30.1-jre' // force latest version for smali
+	// force latest version for smali
+	constraints {
+		implementation 'com.google.guava:guava:30.1-jre'
+		implementation 'com.beust:jcommander:1.81'
+	}
 
-	testImplementation 'org.smali:smali:2.5.2' // compile smali files in tests
+	// compile smali files in tests
+	testImplementation('org.smali:smali:2.5.2') {
+		exclude(group: 'junit', module: 'junit') // ignore junit 4 transitive dependency
+	}
 }
diff --git a/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/DexFileLoader.java b/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/DexFileLoader.java
index 65bfedba7..9773f56c6 100644
--- a/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/DexFileLoader.java
+++ b/jadx-plugins/jadx-dex-input/src/main/java/jadx/plugins/input/dex/DexFileLoader.java
@@ -1,6 +1,7 @@
 package jadx.plugins.input.dex;
 
 import java.io.BufferedInputStream;
+import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
@@ -15,8 +16,6 @@ import java.util.stream.Collectors;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import com.google.common.io.ByteStreams;
-
 import jadx.api.plugins.utils.ZipSecurity;
 import jadx.plugins.input.dex.sections.DexConsts;
 
@@ -93,7 +92,16 @@ public class DexFileLoader {
 	}
 
 	private static byte[] readAllBytes(InputStream in) throws IOException {
-		return ByteStreams.toByteArray(in);
+		ByteArrayOutputStream buf = new ByteArrayOutputStream();
+		byte[] data = new byte[8192];
+		while (true) {
+			int read = in.read(data);
+			if (read == -1) {
+				break;
+			}
+			buf.write(data, 0, read);
+		}
+		return buf.toByteArray();
 	}
 
 	private static int getNextUniqId() {
diff --git a/jadx-plugins/jadx-smali-input/build.gradle b/jadx-plugins/jadx-smali-input/build.gradle
index ff1ec09e6..07dd5928a 100644
--- a/jadx-plugins/jadx-smali-input/build.gradle
+++ b/jadx-plugins/jadx-smali-input/build.gradle
@@ -7,6 +7,12 @@ dependencies {
 
 	implementation(project(":jadx-plugins:jadx-dex-input"))
 
-	implementation 'org.smali:smali:2.5.2'
-	implementation 'com.google.guava:guava:30.1-jre' // force latest version for smali
+	implementation('org.smali:smali:2.5.2') {
+		exclude(group: 'junit', module: 'junit') // ignore junit 4 transitive dependency
+	}
+	// force latest version for smali
+	constraints {
+		implementation 'com.google.guava:guava:30.1-jre'
+		implementation 'com.beust:jcommander:1.81'
+	}
 }