WebAPK Comment check should check 'gaps' in apk. |
|||
Issue descriptionAPKs are build on top of jar files which are essentially zip files. The zip file format is flexible and gaps can exist in the zip that are ignored when uncompressing the archive. The danger is that code could potentially be stored in these 'gaps' and loaded dynamically and then executed. Specific cases are: * Gap before start of zip. * Gap at the end of the the zip. * Gap before the EOCD. * Gap before the Central Directory. * Gap between zip files. The apksigner (v2 signing) stores some signing info before the central directory, so that gap should still be supported (up to a point), but only if its signature is detected. The Comment signed verification code still needs to be performant.
,
May 25 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/7451dfbdb556c67f808234f6ec9a76df1a259b18 commit 7451dfbdb556c67f808234f6ec9a76df1a259b18 Author: scottkirkwood <scottkirkwood@chromium.org> Date: Thu May 25 14:36:13 2017 Fix bug in one conditional. Add more apk test files. BUG= 721530 Review-Url: https://codereview.chromium.org/2896273005 Cr-Commit-Position: refs/heads/master@{#474648} [modify] https://crrev.com/7451dfbdb556c67f808234f6ec9a76df1a259b18/chrome/android/webapk/libs/client/junit/src/org/chromium/webapk/lib/client/WebApkValidatorTest.java [modify] https://crrev.com/7451dfbdb556c67f808234f6ec9a76df1a259b18/chrome/android/webapk/libs/client/src/org/chromium/webapk/lib/client/WebApkVerifySignature.java [add] https://crrev.com/7451dfbdb556c67f808234f6ec9a76df1a259b18/chrome/test/data/webapks/extra-field-too-large.apk [add] https://crrev.com/7451dfbdb556c67f808234f6ec9a76df1a259b18/chrome/test/data/webapks/v2-signed-ok.apk [add] https://crrev.com/7451dfbdb556c67f808234f6ec9a76df1a259b18/chrome/test/data/webapks/v2-signed-too-large.apk
,
May 25 2017
Anything left here or can it be closed?
,
May 25 2017
Still missing gaps between files in a zip. Not sure how I'll do it, either sorting or using a map since the order of the files isn't guaranteed to be in file offset order.
,
Jun 8 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e65976a47f9e9fb009879446015845a336c5a816 commit e65976a47f9e9fb009879446015845a336c5a816 Author: scottkirkwood <scottkirkwood@chromium.org> Date: Thu Jun 08 12:09:05 2017 Check for gaps between file blocks in zip. This is the last remaining additional check on the zip I was planning to perform. BUG= 721530 Review-Url: https://codereview.chromium.org/2925903005 Cr-Commit-Position: refs/heads/master@{#477946} [modify] https://crrev.com/e65976a47f9e9fb009879446015845a336c5a816/chrome/android/webapk/libs/client/junit/src/org/chromium/webapk/lib/client/WebApkValidatorTest.java [modify] https://crrev.com/e65976a47f9e9fb009879446015845a336c5a816/chrome/android/webapk/libs/client/junit/src/org/chromium/webapk/lib/client/WebApkVerifySignatureTest.java [modify] https://crrev.com/e65976a47f9e9fb009879446015845a336c5a816/chrome/android/webapk/libs/client/src/org/chromium/webapk/lib/client/WebApkVerifySignature.java [add] https://crrev.com/e65976a47f9e9fb009879446015845a336c5a816/chrome/test/data/webapks/block-middle.apk
,
Jun 8 2017
|
|||
►
Sign in to add a comment |
|||
Comment 1 by bugdroid1@chromium.org
, May 19 2017