For some reason, the parser stopped working intermittently, even
though the format has been the same since aapt 23 or earlier. Then
also, some of the test cases pointed to symlinks that were no longer
generated, and one test app now has a blank versionName.
Strange that this wasn't caught in the gitlab-ci runs. !484
FAIL: test_get_api_id_aapt (__main__.CommonTest)
----------------------------------------------------------------------
Traceback (most recent call last):
File "./common.TestCase", line 578, in testA_get_api_id_aapt
self.assertEqual(versionName, vn)
AssertionError: '0.1' != "0.1' platformBuildVersionName='4.3.1-1425645"
- 0.1
+ 0.1' platformBuildVersionName='4.3.1-1425645
This file is written freshly each time before use, so it does not need
to be ekpt around. It was the only file making the fdroiddata.git
repo dirty on the f-droid.org infrastructure.
This also adds stricter file permissions to avoid an attacker changing
those settings during operation.
fixes de35f1b05b:
Traceback (most recent call last):
File "/home/hans/code/fdroid/server/fdroid", line 164, in <module>
main()
File "/home/hans/code/fdroid/server/fdroid", line 138, in main
mod.main()
File "/export/share/code/fdroid/server/fdroidserver/update.py", line 1932, in main
apks, cachechanged = process_apks(apkcache, repodirs[0], knownapks, options.use_date_from_apk)
File "/export/share/code/fdroid/server/fdroidserver/update.py", line 1459, in process_apks
use_date_from_apk, ada, True)
File "/export/share/code/fdroid/server/fdroidserver/update.py", line 1332, in process_apk
apk = scan_apk(apkfile)
File "/export/share/code/fdroid/server/fdroidserver/update.py", line 1051, in scan_apk
scan_apk_androguard(apk, apk_file)
File "/export/share/code/fdroid/server/fdroidserver/update.py", line 1220, in scan_apk_androguard
res_id = arsc.get_id(apk['packageName'], res_id)[1]
TypeError: 'NoneType' object is not subscriptable
For example https://f-droid.org/archive/com.abitsinc.andr_5.apk:
$ aapt dump badging archive/com.abitsinc.andr_5.apk |head -1
package: name='com.abitsinc.andr' versionCode='5' versionName='5' platformBuildVersionName='2.3.3'
Instead of just crashing, first try to use the versionName as written in the
build metadata, otherwise just let it be blank. A blank versionName will
cause fdroidclient < 1.3 to crash. Blank versionNames are not allowed in
the .txt metadata format, only .yml.
closes#477closes#478
closes fdroidclient#1416
closes fdroidclient#1417
closes fdroidclient#1418
fdroiddata!3061
Fixes the following crash:
```
$ fdroid update --create-metadata --rename-apks
WARNING: Using Java's jarsigner, not recommended for verifying APKs! Use apksigner
CRITICAL: Unknown exception found!
Traceback (most recent call last):
File "/home/jonas/miniconda3/bin/fdroid", line 164, in <module>
main()
File "/home/jonas/miniconda3/bin/fdroid", line 138, in main
mod.main()
File "/home/jonas/miniconda/lib/python3.6/site-packages/fdroidserver/update.py", line 1927, in main
apks, cachechanged = process_apks(apkcache, repodirs[0], knownapks, options.use_date_from_apk)
File "/home/jonas/miniconda/lib/python3.6/site-packages/fdroidserver/update.py", line 1454, in process_apks
use_date_from_apk, ada, True)
File "/home/jonas/miniconda/lib/python3.6/site-packages/fdroidserver/update.py", line 1327, in process_apk
apk = scan_apk(apkfile)
File "/home/jonas/miniconda/lib/python3.6/site-packages/fdroidserver/update.py", line 1056, in scan_apk
scan_apk_aapt(apk, apk_file)
File "/home/jonas/miniconda/lib/python3.6/site-packages/fdroidserver/update.py", line 1184, in scan_apk_aapt
apk['icons_src'] = _get_apk_icons_src(apkfile, icon_name)
File "/home/jonas/miniconda/lib/python3.6/site-packages/fdroidserver/update.py", line 1089, in _get_apk_icons_src
density_re = re.compile('^res/(.*)/' + icon_name + '\.(png|xml)$')
TypeError: must be str, not NoneType
```
aapt --rename-manifest-package changes the applicationId for an app without
changing the packageName listed in AndroidManifest.xml under
<application android:package="">
repo/ch.swift.willi_417101.apk had a C/Java comment in the
AndroidManifest.xml rather than an XML comment:
<uses-sdk android:minSdkVersion="16" android:targetSdkVersion="26">
</uses-sdk>
// Remove permissions introduced by the appsflyer library
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION">
</uses-permission>
One key security property of the F-Droid ecosystem is that the sensitive
code is all stored forever in git repos and source tarballs. That means
we can easily go back and see if there where exploits and where they came
from. Therefore, checkupdates should require everything in fdroiddata be
committed to git before running.
This provides --allow-dirty to override that behavior.
"SVN follows HTTP 301 redirects to svn+ssh:// URLs. As a result, an
innocent looking HTTP URL can be used to trigger a Command Execution with a
301 redirect."
https://blog.recurity-labs.com/2017-08-10/scm-vulns.html#third-round-svn-and-mercurial
I scanned fdroiddata and found no suspicious redirects. Here's how:
grep -A1 '^Repo *Type: *git-svn' *.txt *.yml| sed -n 's,.*Repo:\(.*\),\1,p' > /tmp/urls.txt
import requests
with open('/tmp/urls.txt') as fp:
for line in fp:
try:
r = requests.head(line.strip())
print(r.status_code, line)
except requests.exceptions.SSLError:
print('SSLError', line)
For androguard, @thezero already developed a way to get all the icons after
only extracting the icon name. So this uses that for the aapt-based scans
also, to make them less brittle.
This should fix the problem where `fdroid update` was choosing the XML icon
for apps that include one, like NewPipe.
closesfdroid/fdroid-website#192
This should have less of a change of matching bad things.
thanks to @stf for the report. I ran tests comparing the original vs these
new patterns, and it was a 100% match. So at least it didn't make things
worse.
Here's the test script:
#!/usr/bin/env python3
import os
import re
old_vcsearch_g = re.compile(r'''.*[Vv]ersionCode[ =]+["']*([0-9]+)["']*''').search
old_vnsearch_g = re.compile(r'.*[Vv]ersionName *=* *(["\'])((?:(?=(\\?))\3.)*?)\1.*').search
old_psearch_g = re.compile(r'.*(packageName|applicationId) *=* *["\']([^"]+)["\'].*').search
new_vcsearch_g = re.compile(r'''.*[Vv]ersionCode\s*=?\s*["']*([0-9]+)["']*''').search
new_vnsearch_g = re.compile(r'''.*[Vv]ersionName\s*=?\s*(["'])((?:(?=(\\?))\3.)*?)\1.*''').search
new_psearch_g = re.compile(r'''.*(packageName|applicationId)\s*=*\s*["']([^"']+)["'].*''').search
old = re.compile(r'.*(packageName|applicationId) *=* *["\']([^"]+)["\'].*').search
new = re.compile(r'''.*(packageName|applicationId)\s*=*\s*["']([^"']+)["'].*''').search
for root, dirs, files in os.walk('build'):
for f in files:
if f.endswith('.gradle'):
with open(os.path.join(root, f)) as fp:
for line in fp:
for old, new in ((old_vcsearch_g, new_vcsearch_g),
(old_vnsearch_g, new_vnsearch_g),
(old_psearch_g, new_psearch_g)):
found_old = old(line)
found_new = new(line)
oldresult = None
newresult = None
if found_old or found_new:
if found_old:
oldresult = found_old.groups()
#print('OLD', oldresult)
if found_new:
newresult = found_new.groups()
#print('NEW', newresult)
if oldresult != newresult:
print('--------------------------------')
print(f, oldresult, newresult)
In order to test that aapt defaults minSdkVersion to 3, I ran this script
then compared the output with meld:
cd $ANDROID_HOME/build-tools
for d in *.*; do echo $d; $ANDROID_HOME/build-tools/$d/aapt dump badging /home/hans/code/fdroid/server/tests/repo/com.politedroid_3.apk > /tmp/${d}.txt; done
meld /tmp/17.0.0.txt /tmp/26.0.2.txt /tmp/27.0.3.txt
