Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Workaround for verifying large APKs." into nyc-dev

Browse Source 
am: 026cf53fe4

* commit '026cf53fe46a3da512088212f22a2989993eb963':
  Workaround for verifying large APKs.
This commit is contained in:
Alex Klyubin
2016-03-11 23:54:20 +00:00
committed by android-build-merger
parent fc1ff817ff 026cf53fe4
commit ea9917a570
1 changed files with 33 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
View File

@@ -84,8 +84,19 @@ public class ApkSignatureSchemeV2Verifier {
if (fileSize > Integer.MAX_VALUE) { if (fileSize > Integer.MAX_VALUE) {
return false; return false;
} }
MappedByteBuffer apkContents = MappedByteBuffer apkContents;
apk.getChannel().map(FileChannel.MapMode.READ_ONLY, 0, fileSize); try {
apkContents = apk.getChannel().map(FileChannel.MapMode.READ_ONLY, 0, fileSize);
} catch (IOException e) {
if (e.getCause() instanceof OutOfMemoryError) {
// TODO: Remove this temporary workaround once verifying large APKs is
// supported. Very large APKs cannot be memory-mapped. This verification code
// needs to change to use a different approach for verifying such APKs.
return false; // Pretend that this APK does not have a v2 signature.
} else {
throw new IOException("Failed to memory-map APK", e);
}
}
// ZipUtils and APK Signature Scheme v2 verifier expect little-endian byte order. // ZipUtils and APK Signature Scheme v2 verifier expect little-endian byte order.
apkContents.order(ByteOrder.LITTLE_ENDIAN); apkContents.order(ByteOrder.LITTLE_ENDIAN);
@@ -134,11 +145,26 @@ public class ApkSignatureSchemeV2Verifier {
if (fileSize > Integer.MAX_VALUE) { if (fileSize > Integer.MAX_VALUE) {
throw new IOException("File too large: " + apk.length() + " bytes"); throw new IOException("File too large: " + apk.length() + " bytes");
} }
MappedByteBuffer apkContents = MappedByteBuffer apkContents;
apk.getChannel().map(FileChannel.MapMode.READ_ONLY, 0, fileSize); try {
// Attempt to preload the contents into memory for faster overall verification (v2 and apkContents = apk.getChannel().map(FileChannel.MapMode.READ_ONLY, 0, fileSize);
// older) at the expense of somewhat increased latency for rejecting malformed APKs. // Attempt to preload the contents into memory for faster overall verification (v2 and
apkContents.load(); // older) at the expense of somewhat increased latency for rejecting malformed APKs.
apkContents.load();
} catch (IOException e) {
if (e.getCause() instanceof OutOfMemoryError) {
// TODO: Remove this temporary workaround once verifying large APKs is supported.
// Very large APKs cannot be memory-mapped. This verification code needs to change
// to use a different approach for verifying such APKs.
// This workaround pretends that this APK does not have a v2 signature. This works
// fine provided the APK is not actually v2-signed. If the APK is v2 signed, v2
// signature stripping protection inside v1 signature verification code will reject
// this APK.
throw new SignatureNotFoundException("Failed to memory-map APK", e);
} else {
throw new IOException("Failed to memory-map APK", e);
}
}
return verify(apkContents); return verify(apkContents);
} }