Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 96946579 authored by Alex Klyubin's avatar Alex Klyubin
Browse files

Permit 65535 byte ZIP comments and empty Central Directory 

This fixes two cosmetic issues in APK Signature Scheme v2 signature
verifier in Android Package Manager:
* Accept APKs with ZIP End of Central Directory comment of length
  65535. Previously, only comments of length 65534 were accepted due
  to a off by one bug.
* Accept APKs with empty ZIP Central Directory.

These issues should not affect actual APKs because they cannot have an
empty ZIP Central Directory (they must contain at least the
AndroidManifest.xml entry) and shouldn't contain any comments in ZIP
End of Central Directory.

Test: cts-tradefed run singleCommand cts --skip-device-info --skip-preconditions --skip-connectivity-check --abi arm64-v8a --module CtsAppSecurityHostTestCases -t android.appsecurity.cts.PkgInstallSignatureVerificationTest
Change-Id: I461c43472fa97c04e7579d129a6053e44233adb7
parent 9ab94e15

core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java

+1 −1
Original line number Diff line number Diff line
@@ -579,7 +579,7 @@ public class ApkSignatureSchemeV2Verifier { 
            throws SignatureNotFoundException {

        // Look up the offset of ZIP Central Directory.

        long centralDirOffset = ZipUtils.getZipEocdCentralDirectoryOffset(eocd);

        if (centralDirOffset >= eocdOffset) {

        if (centralDirOffset > eocdOffset) {

            throw new SignatureNotFoundException(

                    "ZIP Central Directory offset out of range: " + centralDirOffset

                    + ". ZIP End of Central Directory offset: " + eocdOffset);

core/java/android/util/apk/ZipUtils.java

+1 −1
Original line number Diff line number Diff line
@@ -160,7 +160,7 @@ abstract class ZipUtils { 
        }

        int maxCommentLength = Math.min(archiveSize - ZIP_EOCD_REC_MIN_SIZE, UINT16_MAX_VALUE);

        int eocdWithEmptyCommentStartPosition = archiveSize - ZIP_EOCD_REC_MIN_SIZE;

        for (int expectedCommentLength = 0; expectedCommentLength < maxCommentLength;

        for (int expectedCommentLength = 0; expectedCommentLength <= maxCommentLength;

                expectedCommentLength++) {

            int eocdStartPos = eocdWithEmptyCommentStartPosition - expectedCommentLength;

            if (zipContents.getInt(eocdStartPos) == ZIP_EOCD_REC_SIG) {