-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[core] AndroidManifest protectionLevel flags decoding issue #1156
Comments
You are correct this is a bug. 0x11 should decode to 0x10 =
|
Fixed in PR #1157 |
If you try your fix with Here's what I managed to do on my end (may be a bit dirty, but it should give you an idea): for (Map.Entry<Long, String> entry : attr.getValues().entrySet()) {
if (value == entry.getKey()) {
sb = new StringBuilder(entry.getValue() + '|');
break;
} else if (attrName.equals("protectionLevel") && entry.getKey() < 0x10) {
if ((value & 0xf) == entry.getKey())
sb.append(entry.getValue()).append('|');
} else if ((value & entry.getKey()) == entry.getKey()) {
sb.append(entry.getValue()).append('|');
}
} |
@Ha0ris Looks like you found another problem. But you can't hardcode attributes in there because this method is used for all XML decoding of flags and int resources. And the deprecated |
I think So there can be only one base permission type at a time:
So the first 4 bits of Also, the |
I am sure what you write is correct for the My approach would look like this:
The two major points are that the attribute values are processed in descending order and that if a matching flag is found those value will be removed from value ( However it does not solve the |
I understand the need to keep generic code here. So your solution looks pretty good. |
Hi.
I think there is an issue when decoding the
android:protectionLevel
attribute of permission nodes from AndroidManifest.xml file.For example, if the value of the attribute is
0x11
, jadx will displaynormal|dangerous|system
. A normal permission that is also dangerous doesn't make sense.May be I am wrong, but I think the flags that are mentioned to be Base permission type here should be mutually exclusive.
See: ManifestAttributes.java#L179
The text was updated successfully, but these errors were encountered: