TheArchive/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2024-11-27 20:15:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Force app version not lower than daemon

Browse Source
This commit is contained in:
vvb2060 2022-06-09 12:23:49 +08:00 committed by John Wu
parent a250e2b56c
commit b9c93c66f6
3 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
native/jni/core/cert.cpp
View File

@ -1,4 +1,5 @@
#include <base.hpp> #include <base.hpp>
#include <flags.h>
using namespace std; using namespace std;
@ -95,7 +96,7 @@ struct EOCD {
* This method extracts the first certificate of the first signer * This method extracts the first certificate of the first signer
* within the APK v2 signature block. * within the APK v2 signature block.
*/ */
string read_certificate(int fd) { string read_certificate(int fd, bool check_version) {
uint32_t size4; uint32_t size4;
uint64_t size8; uint64_t size8;
@ -129,6 +130,19 @@ string read_certificate(int fd) {
} }
read(fd, &central_dir_off, sizeof(central_dir_off)); read(fd, &central_dir_off, sizeof(central_dir_off));
// Read comment
if (check_version) {
uint16_t comment_sz = 0;
read(fd, &comment_sz, sizeof(comment_sz));
string comment;
comment.resize(comment_sz);
read(fd, comment.data(), comment_sz);
if (MAGISK_VER_CODE > parse_int(comment)) {
// Older version of magisk app is not supported
return {};
}
}
// Next, find the start of the APK signing block // Next, find the start of the APK signing block
{ {
constexpr int off = sizeof(signing_block::block_sz_) + sizeof(signing_block::magic); constexpr int off = sizeof(signing_block::block_sz_) + sizeof(signing_block::magic);

2
native/jni/core/core.hpp
View File

@ -21,7 +21,7 @@ void reboot();
void start_log_daemon(); void start_log_daemon();
void setup_logfile(bool reset); void setup_logfile(bool reset);
void magisk_logging(); void magisk_logging();
std::string read_certificate(int fd); std::string read_certificate(int fd, bool check_version = false);
// Module stuffs // Module stuffs
void handle_modules(); void handle_modules();

4
native/jni/core/package.cpp
View File

@ -105,7 +105,7 @@ int get_manager(int user_id, string *pkg, bool install) {
int dyn = open(app_path, O_RDONLY | O_CLOEXEC); int dyn = open(app_path, O_RDONLY | O_CLOEXEC);
if (dyn < 0) if (dyn < 0)
return false; return false;
bool mismatch = default_cert && read_certificate(dyn) != *default_cert; bool mismatch = default_cert && read_certificate(dyn, true) != *default_cert;
close(dyn); close(dyn);
if (mismatch) { if (mismatch) {
LOGE("pkg: dyn APK signature mismatch: %s\n", app_path); LOGE("pkg: dyn APK signature mismatch: %s\n", app_path);
@ -226,7 +226,7 @@ int get_manager(int user_id, string *pkg, bool install) {
#if ENFORCE_SIGNATURE #if ENFORCE_SIGNATURE
string apk = find_apk_path(JAVA_PACKAGE_NAME); string apk = find_apk_path(JAVA_PACKAGE_NAME);
int fd = xopen(apk.data(), O_RDONLY | O_CLOEXEC); int fd = xopen(apk.data(), O_RDONLY | O_CLOEXEC);
string cert = read_certificate(fd); string cert = read_certificate(fd, true);
close(fd); close(fd);
if (default_cert && cert != *default_cert) { if (default_cert && cert != *default_cert) {
// Found APK with invalid signature, force replace with stub // Found APK with invalid signature, force replace with stub