Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error decompiling Hangouts v.20+ #1534

Closed
PerLycke opened this issue Jun 19, 2017 · 4 comments · Fixed by #1568
Closed

Error decompiling Hangouts v.20+ #1534

PerLycke opened this issue Jun 19, 2017 · 4 comments · Fixed by #1568
Assignees
@iBotPeaches
Labels
Bug
Milestone
2.3.0

Comments

@PerLycke
Copy link

Information

  1. 2.2.4-acb004-SNAPSHOT (and 2.2.3)
  2. Mac
  3. Play Store

Stacktrace/Logcat

I: Using Apktool 2.2.4-acb004-SNAPSHOT on Hangouts.apk
I: Loading resource table...
Exception in thread "main" brut.androlib.AndrolibException: Could not decode arsc file
	at brut.androlib.res.decoder.ARSCDecoder.decode(ARSCDecoder.java:52)
	at brut.androlib.res.AndrolibResources.getResPackagesFromApk(AndrolibResources.java:562)
	at brut.androlib.res.AndrolibResources.loadMainPkg(AndrolibResources.java:72)
	at brut.androlib.res.AndrolibResources.getResTable(AndrolibResources.java:64)
	at brut.androlib.Androlib.getResTable(Androlib.java:68)
	at brut.androlib.ApkDecoder.setTargetSdkVersion(ApkDecoder.java:207)
	at brut.androlib.ApkDecoder.decode(ApkDecoder.java:109)
	at brut.apktool.Main.cmdDecode(Main.java:166)
	at brut.apktool.Main.main(Main.java:81)
Caused by: java.io.IOException: Expected: 0x00000008, got: 0x00000202
	at brut.util.ExtDataInput.skipCheckShort(ExtDataInput.java:56)
	at brut.androlib.res.decoder.ARSCDecoder.readValue(ARSCDecoder.java:309)
	at brut.androlib.res.decoder.ARSCDecoder.readEntry(ARSCDecoder.java:241)
	at brut.androlib.res.decoder.ARSCDecoder.readTableType(ARSCDecoder.java:226)
	at brut.androlib.res.decoder.ARSCDecoder.readTableTypeSpec(ARSCDecoder.java:156)
	at brut.androlib.res.decoder.ARSCDecoder.readTablePackage(ARSCDecoder.java:118)
	at brut.androlib.res.decoder.ARSCDecoder.readTableHeader(ARSCDecoder.java:80)
	at brut.androlib.res.decoder.ARSCDecoder.decode(ARSCDecoder.java:47)
	... 8 more

Steps to Reproduce

  1. apktool d Hangouts.apk
@iBotPeaches iBotPeaches self-assigned this Jun 20, 2017
@iBotPeaches iBotPeaches added this to the 2.2.4 milestone Jun 20, 2017
@iBotPeaches
Copy link
Owner

Confirmed.

@iBotPeaches iBotPeaches modified the milestones: 2.2.5, 2.2.4 Jul 25, 2017
@iBotPeaches
Copy link
Owner

Started looking into this. It failed on resource 0x7f0e0449 which was supposed to be an id type attribute.

➜  Bug1534 aapt d resources hangouts.apk | grep '0x7f0e0449'                                                             
      INVALID TYPE CONFIG FOR RESOURCE 0x7f0e0449
        INVALID RESOURCE 0x7f0e0449: t=0x00 d=0x0000016c (s=0x0202 r=0x10)

This group has 1098 resources. We have 1097. Will need to create some work-around for this.

@iBotPeaches
Copy link
Owner

iBotPeaches commented Jul 26, 2017
edited
Loading

The ResChunk_header on every chunk has the size of the entire chunk. We are reading too much data, hence the error. We incorrectly trusted that entrySize correctly reflected the amount of resources.

So at the 1098 resource we are at position 8567862 in the file, however with the max size according to the "chunk" is 8567860.

We are exceeded the chunk. We need to add a check if position is equal to the max, then quit that chunk.

@iBotPeaches
Copy link
Owner 

➜  Bug1534 apktool debug d hangouts.apk -f
Listening for transport dt_socket at address: 5005
I: Using Apktool 2.2.4-98138b-SNAPSHOT on hangouts.apk
I: Loading resource table...
I: Decoding AndroidManifest.xml with resources...
I: Loading resource table from file: /Users/connortumbleson/Library/apktool/framework/1.apk
I: Regular manifest package...
I: Decoding file-resources...
I: Decoding values */* XMLs...
I: Baksmaling classes.dex...
I: Baksmaling classes2.dex...
I: Copying assets and libs...
I: Copying unknown files...
I: Copying original files...
➜  Bug1534 apktool b hangouts
I: Using Apktool 2.2.4-98138b-SNAPSHOT
I: Checking whether sources has changed...
I: Smaling smali folder into classes.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes2 folder into classes2.dex...
I: Checking whether resources has changed...
I: Building resources...
I: Copying libs... (/lib)
I: Building apk file...
I: Copying unknown files/dir...
➜  Bug1534

:) Patch up soon. Will be in 2.2.4 release slated for next week.

iBotPeaches added a commit that referenced this issue Jul 26, 2017
@iBotPeaches
Don't read more data than entryChunk has
eda95b3 
 - fixes #1534
@iBotPeaches iBotPeaches mentioned this issue Jul 26, 2017
Merged
alebcay added a commit to alebcay/opengapps that referenced this issue Jul 31, 2017
@alebcay
Update APKtool to 2.2.3
1b99a98 
- Android O Final Dev Preview support (iBotPeaches/Apktool#1520)
- SnakeYAML 1.1.8 Android Support (iBotPeaches/Apktool#591)
- Fix issue with APKs taking longer than usual to parse resources (iBotPeaches/Apktool#1489)
- Fix issue with internal binaries not accessible in a Spring boot environment. (iBotPeaches/Apktool#1543)
- Fix issues with rebuilding applications originally built with aapt2. (iBotPeaches/Apktool#1520)
- Patch aapt to support the $ character in resource filenames. (iBotPeaches/Apktool#1532)
- Fix issue where apktool was holding locks onto files during execution. (iBotPeaches/Apktool#1561)
- Fix issue with APKs that last resource in pool is INVALID_TYPE_CONFIG. (iBotPeaches/Apktool#1534)
- Fix issue with APKs that are including malformed characters to break parser. (iBotPeaches/Apktool#1564)
- Only exit with 0 error code during version commands.
- Enforce license header on all source files.
- [Security] Prevent malicous directory traversal with unknown files.
- [Security] Prevent XXE vulnerability when given a malicious AndroidManifest.xml
- Upgrade to gradle 4.0.
alebcay added a commit to alebcay/opengapps that referenced this issue Jul 31, 2017
@alebcay
Update APKtool to 2.2.4
625cc6d 
- Android O Final Dev Preview support (iBotPeaches/Apktool#1520)
- SnakeYAML 1.1.8 Android Support (iBotPeaches/Apktool#591)
- Fix issue with APKs taking longer than usual to parse resources (iBotPeaches/Apktool#1489)
- Fix issue with internal binaries not accessible in a Spring boot environment. (iBotPeaches/Apktool#1543)
- Fix issues with rebuilding applications originally built with aapt2. (iBotPeaches/Apktool#1520)
- Patch aapt to support the $ character in resource filenames. (iBotPeaches/Apktool#1532)
- Fix issue where apktool was holding locks onto files during execution. (iBotPeaches/Apktool#1561)
- Fix issue with APKs that last resource in pool is INVALID_TYPE_CONFIG. (iBotPeaches/Apktool#1534)
- Fix issue with APKs that are including malformed characters to break parser. (iBotPeaches/Apktool#1564)
- Only exit with 0 error code during version commands.
- Enforce license header on all source files.
- [Security] Prevent malicous directory traversal with unknown files.
- [Security] Prevent XXE vulnerability when given a malicious AndroidManifest.xml
- Upgrade to gradle 4.0.
@alebcay alebcay mentioned this issue Jul 31, 2017
Merged
mfonville pushed a commit to opengapps/opengapps that referenced this issue Jul 31, 2017
@alebcay @mfonville
Update APKtool to 2.2.4
b14b9fe 
- Android O Final Dev Preview support (iBotPeaches/Apktool#1520)
- SnakeYAML 1.1.8 Android Support (iBotPeaches/Apktool#591)
- Fix issue with APKs taking longer than usual to parse resources (iBotPeaches/Apktool#1489)
- Fix issue with internal binaries not accessible in a Spring boot environment. (iBotPeaches/Apktool#1543)
- Fix issues with rebuilding applications originally built with aapt2. (iBotPeaches/Apktool#1520)
- Patch aapt to support the $ character in resource filenames. (iBotPeaches/Apktool#1532)
- Fix issue where apktool was holding locks onto files during execution. (iBotPeaches/Apktool#1561)
- Fix issue with APKs that last resource in pool is INVALID_TYPE_CONFIG. (iBotPeaches/Apktool#1534)
- Fix issue with APKs that are including malformed characters to break parser. (iBotPeaches/Apktool#1564)
- Only exit with 0 error code during version commands.
- Enforce license header on all source files.
- [Security] Prevent malicous directory traversal with unknown files.
- [Security] Prevent XXE vulnerability when given a malicious AndroidManifest.xml
- Upgrade to gradle 4.0.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@iBotPeaches iBotPeaches

Labels
Bug
Projects
None yet
Milestone
2.3.0
Development

Successfully merging a pull request may close this issue.

Don't read more data than entryChunk has iBotPeaches/Apktool
2 participants
@iBotPeaches @PerLycke