This is the .patch for bug #1257:
http://redmine.replicant.us/issues/1257
I've merged the patch from here:
https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/2b3202c3ff18469b294629bf1416118f12492173
to the Replicant sources and successfully recompiled Replicant after
that for my device.
After flashing the patched Replicant, I've tested my productive device
several weeks without any misbehavior.
Furthermore I've successfully checked, that Replicant isn't vulnerale to
the "Installer Hijacking Vulnerability" anymore.
Please review the patch, inline attached below, and apply it if you
like:
###
From 247913ca358693f44c66ad603c600e229b43a6c1 Mon Sep 17 00:00:00 2001
From: Kenny Root <[email protected]>
Date: Thu, 14 Mar 2013 09:41:18 -0700
Subject: [PATCH] Add manifest to verification params
Change-Id: I088ab981cb56d4f156b6ff910d6a2270e3302dc4
Signed-off-by: Kenny Root <[email protected]> Signed-off-by: Moritz
Bandemer <[email protected]>
---
src/com/android/packageinstaller/InstallAppProgress.java | 6
+++++-
src/com/android/packageinstaller/PackageInstallerActivity.java | 4 ++++
src/com/android/packageinstaller/PackageUtil.java | 1 +
3 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/com/android/packageinstaller/InstallAppProgress.java
b/src/com/android/packageinstaller/InstallAppProgress.java
index fc82078..71c792e 100755
--- a/src/com/android/packageinstaller/InstallAppProgress.java
+++ b/src/com/android/packageinstaller/InstallAppProgress.java
@@ -24,6 +24,7 @@ import
android.content.DialogInterface.OnCancelListener;
import android.content.Intent;
import android.content.pm.ApplicationInfo;
import android.content.pm.IPackageInstallObserver;
+import android.content.pm.ManifestDigest;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.PackageManager.NameNotFoundException;
@@ -54,6 +55,8 @@ import java.util.List;
public class InstallAppProgress extends Activity implements
View.OnClickListener, OnCancelListener {
private final String TAG="InstallAppProgress";
private boolean localLOGV = false;
+ static final String EXTRA_MANIFEST_DIGEST =
+ "com.android.packageinstaller.extras.manifest_digest";
private ApplicationInfo mAppInfo;
private Uri mPackageURI;
private ProgressBar mProgressBar;
@@ -254,8 +257,9 @@ public class InstallAppProgress extends Activity
implements View.OnClickListener
Uri referrer =
getIntent().getParcelableExtra(Intent.EXTRA_REFERRER);
int originatingUid =
getIntent().getIntExtra(Intent.EXTRA_ORIGINATING_UID,
VerificationParams.NO_UID);
+ ManifestDigest manifestDigest =
getIntent().getParcelableExtra(EXTRA_MANIFEST_DIGEST);
VerificationParams verificationParams = new
VerificationParams(null, originatingURI,
- referrer, originatingUid, null);
+ referrer, originatingUid, manifestDigest);
PackageInstallObserver observer = new PackageInstallObserver();
if ("package".equals(mPackageURI.getScheme())) {
diff --git
a/src/com/android/packageinstaller/PackageInstallerActivity.java
b/src/com/android/packageinstaller/PackageInstallerActivity.java
index 4a6db21..4d7b0c0 100644
--- a/src/com/android/packageinstaller/PackageInstallerActivity.java
+++ b/src/com/android/packageinstaller/PackageInstallerActivity.java
@@ -26,6 +26,7 @@ import
android.content.DialogInterface.OnCancelListener;
import android.content.Intent;
import android.content.SharedPreferences;
import android.content.pm.ApplicationInfo;
+import android.content.pm.ManifestDigest;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.PackageUserState;
@@ -69,6 +70,7 @@ public class PackageInstallerActivity extends Activity
implements OnCancelListen
private Uri mOriginatingURI;
private Uri mReferrerURI;
private int mOriginatingUid = VerificationParams.NO_UID;
+ private ManifestDigest mPkgDigest;
private boolean localLOGV = false;
PackageManager mPm;
@@ -520,6 +522,7 @@ public class PackageInstallerActivity extends
Activity implements OnCancelListen
mPkgInfo = PackageParser.generatePackageInfo(parsed, null,
PackageManager.GET_PERMISSIONS, 0, 0, null,
new PackageUserState());
+ mPkgDigest = parsed.manifestDigest;
as = PackageUtil.getAppSnippet(this,
mPkgInfo.applicationInfo, sourceFile);
}
@@ -656,6 +659,7 @@ public class PackageInstallerActivity extends
Activity implements OnCancelListen
mPkgInfo.applicationInfo);
newIntent.setData(mPackageURI);
newIntent.setClass(this, InstallAppProgress.class);
+
newIntent.putExtra(InstallAppProgress.EXTRA_MANIFEST_DIGEST,
mPkgDigest);
String installerPackageName =
getIntent().getStringExtra(
Intent.EXTRA_INSTALLER_PACKAGE_NAME);
if (mOriginatingURI != null) {
diff --git a/src/com/android/packageinstaller/PackageUtil.java
b/src/com/android/packageinstaller/PackageUtil.java
index 8681bfc..20dce43 100644
--- a/src/com/android/packageinstaller/PackageUtil.java
+++ b/src/com/android/packageinstaller/PackageUtil.java
@@ -72,6 +72,7 @@ public class PackageUtil {
metrics.setToDefaults();
PackageParser.Package pkg =
packageParser.parsePackage(sourceFile,
archiveFilePath, metrics, 0);
+ packageParser.collectCertificates(pkg, 0);
// Nuke the parser reference.
packageParser = null;
return pkg;
--
2.1.4
_______________________________________________
Replicant mailing list
[email protected]
http://lists.osuosl.org/mailman/listinfo/replicant
