-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
On 2012-09-08 23:49, Brian Carlstrom wrote: > On Fri, Sep 7, 2012 at 2:31 PM, Sebastian Bachmann > <[email protected]> wrote: >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >> >> okay, but thats not very good? >> >> so the dex doc says about the checksum the following: adler32 >> checksum of the rest of the file (everything but magic and this >> field); used to detect file corruption >> >> so why the dalivkvm does not check it? i mean ok, it takes some >> time but what if there is a real corruption? > > I assume because it takes time. suppose there was a problem in > /system, the files are readonly and better not be wrong or else > something more serious is wrong that can be fixed after detecting > the problem. if there is a problem with an app in /data, the user > can uninstall/reinstall. i do think package manager takes other > steps to ensure there aren't partially updated files. if the > original APK itself is wrong, the app author is just hurting > themselves. if your point is that malware is taking valid apks and > messing with them and resulting in invalid checksums, it might be > an interesting signal, but if we fixed that, they'd just change > their tools to just fix the checksum. it's not adding anything > really. ah okay i see! > >> so what could probably be done with this? A wrong checksum just >> forces a creation of a new odex? nothing more? > > not a wrong checksum, just a changed checksum. yes i meant that :) thank you! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJQTGQuAAoJEAhgHfpCPcybwpEH+wXmjvnl1VoBAryutbw4zYVx qumyc3sa2fOhRLOwoe69gvL1yL1RSGZ1DMMzVdDLVLnCYajV71KBFHkd2CuPk9EX AR9Tg5RvwoErI6Bww4KBRmRQuN/M/CccWSur9l71PQqwkwKO2c9kT4mLutEuQAyh bVQFhiBI9KX7UpocW8h5B5n11ifmV4M6HwCimi96tNg/brOI4ywKv0QNNOVXlaJG 2ZnwEOBUqutYWUsj6QwiUaXinS7W1v4auVnGDjOFzDtaR1AQq+8q6Q9u0L/h7X0M L/3W30+SURvP9E4HghIv45yfpurf6ee27SfyF+uOhszQ7u1Hit8mMyKKrwZmN5I= =W2M/ -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
