Skip to content
This repository has been archived by the owner on Oct 26, 2022. It is now read-only.

Security vulnerability #8

Closed
hameno opened this issue Oct 22, 2013 · 2 comments
Closed

Security vulnerability #8

hameno opened this issue Oct 22, 2013 · 2 comments

Comments

@hameno
Copy link

hameno commented Oct 22, 2013

I just got an email from Google Play regarding the In-Ap-Billing API v3:

Hello,

If you previously used the In-app billing sample code to build your in-app billing 
system, please use the recently-updated sample code as it addresses an 
exploitable flaw we recently discovered (note that this only affects the helper sample 
code; the core system and in-app billing service itself was not affected).

The affected applications are those that use the in-app billing sample library 
(specifically, the IabHelper and the Security classes in the util directory of the in-app 
billing V3 sample) and do not perform server-side verification.

An update to the sample and library that fixes this vulnerability is now available at 
code.google.com/p/marketbilling and also through the Android SDK Manager.

To apply the security update:

1. Download the updated source code for the in-app billing sample and library from 
the Android SDK Manager, which is part of the Android SDK. The in-app billing 
package is located under Extras -> Google Play Billing Library. Make sure to update 
to Revision 5. (or, alternatively, download the updated source code from the public 
repository at code.google.com/p/marketbilling).

2. Merge the new code for IabHelper.java and Security.java into your application, 
replacing the existing code.

If you prefer to apply the code changes manually, you can browse the diff at 
https://code.google.com/p/marketbilling/source/detail?
r=7bc191a004483a1034b758e1df0bda062088d840 and merge the modifications into 
the appropriate parts of your code.

Thank you for your continued support of Google Play.

Regards,
The Google Play Team
@dschuermann
Copy link

I was the one informing Google Security Team about these security bugs.
If no big sites write about this problem, you have time to fix this until 6 November, as I granted Google 4 weeks.
I will then do public disclosure of these bugs with a working exploit.

@dschuermann
Copy link

see http://sufficientlysecure.org/index.php/2013/10/29/google-play-billing-hacked/

hameno added a commit to sprylab/pay-me that referenced this issue Oct 30, 2013
@hameno
Fix security vulnerability
8b7aa60 
As discussed in jberkel#8 Googles implementation of the In-app-billing sample has some serious security flaws. This commit applies the suggested fixes https://code.google.com/p/marketbilling/source/detail?r=7bc191a004483a1034b758e1df0bda062088d840.
@hameno hameno mentioned this issue Oct 30, 2013
Closed
@jberkel jberkel closed this as completed Mar 3, 2014
hameno added a commit to sprylab/pay-me that referenced this issue Nov 13, 2014
@hameno
Fix security vulnerability
0cb4cdb 
As discussed in jberkel#8 Googles implementation of the In-app-billing sample has some serious security flaws. This commit applies the suggested fixes https://code.google.com/p/marketbilling/source/detail?r=7bc191a004483a1034b758e1df0bda062088d840.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jberkel @dschuermann @hameno