On Fri, Sep 7, 2012 at 2:31 PM, Sebastian Bachmann <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > okay, but thats not very good? > > so the dex doc says about the checksum the following: > adler32 checksum of the rest of the file (everything but magic and > this field); used to detect file corruption > > so why the dalivkvm does not check it? i mean ok, it takes some time > but what if there is a real corruption?
I assume because it takes time. suppose there was a problem in /system, the files are readonly and better not be wrong or else something more serious is wrong that can be fixed after detecting the problem. if there is a problem with an app in /data, the user can uninstall/reinstall. i do think package manager takes other steps to ensure there aren't partially updated files. if the original APK itself is wrong, the app author is just hurting themselves. if your point is that malware is taking valid apks and messing with them and resulting in invalid checksums, it might be an interesting signal, but if we fixed that, they'd just change their tools to just fix the checksum. it's not adding anything really. > so what could probably be done with this? A wrong checksum just forces > a creation of a new odex? nothing more? not a wrong checksum, just a changed checksum. -bri -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
