You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The underlying problem is a ridiculous API change in the file API which lets me question the competence of the entire Android team at Google. (not that we ever considered them really competent considering how bad of an experience coding for Android is with working around weird bugs everywhere)
The problem is that they changed the meaning of the "w" open mode. "w" is on every operating system: "Truncate file and open for write".
Android changed this to "Open for write". So existing content is not truncated. That means if you open a 100 kbyte savegame and the new savegame is only 10 kbyte then the remaining 90 kbyte of the old savegame stay intact. This means any tool you use can Android could keep old data in the file. This is a security hole because it can leak private data.
This is obviously a gigantic security issue and nobody reviewing this change noticed this when they introduced this in 2021!
They also won't fix it as this is not a security issue: "We cannot make any changes to Android 10 and Android 11 anymore, so the behavior cannot change on these versions."
You have probably heard about Acropalypse: The Google Screenshot tool keeps old image data in a picture when it is cropped. See also: https://twitter.com/ItsSimonTime/status/1636857478263750656
The underlying problem is a ridiculous API change in the file API which lets me question the competence of the entire Android team at Google. (not that we ever considered them really competent considering how bad of an experience coding for Android is with working around weird bugs everywhere)
The problem is that they changed the meaning of the "w" open mode. "w" is on every operating system: "Truncate file and open for write".
Android changed this to "Open for write". So existing content is not truncated. That means if you open a 100 kbyte savegame and the new savegame is only 10 kbyte then the remaining 90 kbyte of the old savegame stay intact. This means any tool you use can Android could keep old data in the file. This is a security hole because it can leak private data.
This is obviously a gigantic security issue and nobody reviewing this change noticed this when they introduced this in 2021!
They also won't fix it as this is not a security issue: "We cannot make any changes to Android 10 and Android 11 anymore, so the behavior cannot change on these versions."
https://issuetracker.google.com/issues/180526528
RPG_RT will reject such savegames. liblcf does not seem to care so the savegame is still loadable in EasyRPG Player.
The text was updated successfully, but these errors were encountered: