Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Decoding only manifest without remaining resources corrupts APK wrt signing #3389

Open
auermich93 opened this issue Oct 9, 2023 · 3 comments
Open

[BUG] Decoding only manifest without remaining resources corrupts APK wrt signing #3389

auermich93 opened this issue Oct 9, 2023 · 3 comments
Labels
AXML

Comments

@auermich93
Copy link
Contributor

Information

  1. Apktool Version (apktool -version) - 2.9.0
  2. Operating System (Mac, Linux, Windows) - Windows
  3. APK From? (Playstore, ROM, Other) - FDroid
  4. Java Version (java --version) - 15.0.2

Steps to Reproduce

$ java -jar ~/Downloads/apktool_2.9.0.jar d -r --force-manifest com.zola.bmi.apk -f
I: Using Apktool 2.9.0 on com.zola.bmi.apk
I: Copying raw resources...
I: Decoding AndroidManifest.xml with resources...
I: Loading resource table from file: C:\Users\Michael\AppData\Local\apktool\framework\1.apk
I: Sparsely packed resources detected.
W: Could not decode attr value, using undecoded value instead: ns=android, name=theme, value=0x7f0d0005
W: Could not decode attr value, using undecoded value instead: ns=android, name=label, value=0x7f0c0029
W: Could not decode attr value, using undecoded value instead: ns=android, name=icon, value=0x7f070054
W: Could not decode attr value, using undecoded value instead: ns=android, name=label, value=0x7f0c0029
I: Regular manifest package...
I: Baksmaling classes.dex...
I: Copying assets and libs...
I: Copying unknown files...
I: Copying original files...

$ cat AndroidManifest.xml
<?xml version="1.0" encoding="utf-8" standalone="no"?><manifest xmlns:android="http://schemas.android.com/apk/res/android" android:compileSdkVersion="28" android:compileSdkVersionCodename="9" package="com.zola.bmi" platformBuildVersionCode="400" platformBuildVersionName="4.0.0">
    <application android:allowBackup="true" android:appComponentFactory="android.support.v4.app.CoreComponentFactory" android:icon="@2131165268" android:label="@2131492905" android:theme="@2131558405">
        <activity android:label="@2131492905" android:name="com.zola.bmi.BMIMain">
            <intent-filter>
                <action android:name="android.intent.action.MAIN"/>
                <category android:name="android.intent.category.LAUNCHER"/>
            </intent-filter>
        </activity>
    </application>
</manifest>

$ java -jar ~/Downloads/apktool_2.9.0.jar b
I: Using Apktool 2.9.0
I: Checking whether sources has changed...
I: Smaling smali folder into classes.dex...
I: Checking whether resources has changed...
I: Copying raw resources...
I: Building apk file...
I: Copying unknown files/dir...
I: Built apk into: .\dist\com.zola.bmi.apk

$ signAPK dist/com.zola.bmi.apk
Exception in thread "main" com.android.apksig.apk.MinSdkVersionException: Failed to determine APK's minimum supported platform version. Use --min-sdk-version to override
        at com.android.apksigner.ApkSignerTool.sign(ApkSignerTool.java:350)
        at com.android.apksigner.ApkSignerTool.main(ApkSignerTool.java:84)
Caused by: com.android.apksig.apk.MinSdkVersionException: Unable to determine APK's minimum supported Android platform version: malformed binary resource: AndroidManifest.xml
        at com.android.apksig.apk.ApkUtils.getMinSdkVersionFromBinaryAndroidManifest(ApkUtils.java:387)
        at com.android.apksig.ApkSigner.getMinSdkVersionFromApk(ApkSigner.java:912)
        at com.android.apksig.ApkSigner.sign(ApkSigner.java:271)
        at com.android.apksig.ApkSigner.sign(ApkSigner.java:207)
        at com.android.apksigner.ApkSignerTool.sign(ApkSignerTool.java:344)
        ... 1 more
Caused by: com.android.apksig.internal.apk.AndroidBinXmlParser$XmlParserException: No XML chunk in file
        at com.android.apksig.internal.apk.AndroidBinXmlParser.<init>(AndroidBinXmlParser.java:101)
        at com.android.apksig.apk.ApkUtils.getMinSdkVersionFromBinaryAndroidManifest(ApkUtils.java:348)
        ... 5 more
rm: cannot remove 'dist/com.zola.bmi.apk.idsig': No such file or directory

Frameworks

If this APK is from an OEM ROM (Samsung, HTC, LG). Please attach framework files
(.apks that live in /system/framework or /system/priv-app)

APK

If this APK can be freely shared, please upload/attach a link to it.
https://github.com/iBotPeaches/Apktool/files/12774551/com.zola.bmi.apk.zip

Questions to ask before submission

  1. Have you tried apktool d, apktool b without changing anything? YES
  2. If you are trying to install a modified apk, did you resign it? YES
  3. Are you using the latest apktool version? YES

I am not even sure if this is a real bug since decoding only the manifest succeeded as above output showed? Btw, I did not try the suggested option by apksigner to overwrite the min sdk version manually.
@iBotPeaches
Copy link
Owner

I don't think a bug here. If you force manifest decoding (ie you don't decode resources.arsc) we cannot resolve those references.

How it actually built is the odd thing. I'll investigate that and either look towards a doc change or making this actually fail during compilation with a forced manifest.

@ArjunaKumarMohanta
Copy link
Contributor

Here is the decoded AndroidManifest.xml code

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    android:versionCode="400"
    android:versionName="4.0.0"
    android:compileSdkVersion="28"
    android:compileSdkVersionCodename="9"
    package="com.zola.bmi"
    platformBuildVersionCode="400"
    platformBuildVersionName="4.0.0">
    <uses-sdk
        android:minSdkVersion="14"
        android:targetSdkVersion="28" />
    <application
        android:theme="@style/AppTheme"
        android:label="@string/app_name"
        android:icon="@drawable/ic_launcher"
        android:allowBackup="true"
        android:appComponentFactory="android.support.v4.app.CoreComponentFactory">
        <activity
            android:label="@string/app_name"
            android:name="com.zola.bmi.BMIMain">
            <intent-filter>
                <action
                    android:name="android.intent.action.MAIN" />
                <category
                    android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
    </application>
</manifest>

@iBotPeaches
Copy link
Owner

This is so interesting to me that we built an obviously invalid Manifest and aapt2 was fine with it. My guess is all the protections we've ripped out over the years to lessen the strictness of the build has caught up to us.

For example, once its built (without an error). Its clearly invalid.

➜  3389 aapt2 d xmltree com.zola.bmi/dist/com.zola.bmi.apk --file AndroidManifest.xml
ResourceType W 10-10 06:36:21 503121 503121] Bad XML block: header size 28024 or total size 1702240364 is larger than data size 816

com.zola.bmi/dist/com.zola.bmi.apk: error: failed to parse binary AndroidManifest.xml: failed to initialize ResXMLTree.
➜  3389

Not sure what I want to do here yet.

  1. Building an application after a forced manifest decode paired with no resources just simply shouldn't be allowed.
  2. An assembly of an invalid manifest should be rejected during aapt2 build/link

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
AXML
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@iBotPeaches @auermich93 @ArjunaKumarMohanta