search

auxility / better-apk-expansion

Community maintained Android APK Expansion library
Apache License 2.0
27 stars 14 forks source link

NPE in com.google.android.vending.licensing.AESObfuscator.<init>(AESObfuscator.java:59) #11

Open Antonz0 opened 6 years ago

Antonz0 commented 6 years ago

Hi!

After migrating to better-apk-expansion from default Google's implementation the one of our top bugs in Crashlytics looks like this:

Android 4.0.3 - 6 (API 15-23): Fatal Exception: java.lang.NullPointerException: salt == null at javax.crypto.spec.PBEKeySpec.<init>(PBEKeySpec.java:76) at com.google.android.vending.licensing.AESObfuscator.<init>(AESObfuscator.java:59) at com.google.android.vending.expansion.downloader.impl.DownloaderService$LVLRunnable.run(DownloaderService.java:730) at android.os.Handler.handleCallback(Handler.java:815) at android.os.Handler.dispatchMessage(Handler.java:104) at android.os.Looper.loop(Looper.java:207) at android.app.ActivityThread.main(ActivityThread.java:5728) at java.lang.reflect.Method.invoke(Method.java) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:789) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:679)

Android 7.x (API 24-25) : Fatal Exception: java.lang.NullPointerException: the salt parameter must be non-null at javax.crypto.spec.PBEKeySpec.<init>(PBEKeySpec.java:115) at com.google.android.vending.licensing.AESObfuscator.<init>(AESObfuscator.java:59) at com.google.android.vending.expansion.downloader.impl.DownloaderService$LVLRunnable.run(DownloaderService.java:730) at android.os.Handler.handleCallback(Handler.java:761) at android.os.Handler.dispatchMessage(Handler.java:98) at android.os.Looper.loop(Looper.java:156) at android.app.ActivityThread.main(ActivityThread.java:6577) at java.lang.reflect.Method.invoke(Method.java) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:986) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:876)

It seems that Android 8.x (API 26+) is not affected.

It looks that cause of this error - null salt that is passed to LVLRunnable on creating and this can happen when it's null in Intent extra (or there's no such extra key). I'm trying to figure out the reason but nothing helps yet...

Antonz0 commented 6 years ago

It seems that the only way when startService() Intent is charged without salt (and Public Key too) is when it's called from requestContinueDownload() . By at this stage there's should not be LVL checks... I cannot see them in my debug sessions. Or not?