Describe the bug
When trying to view or edit SQLite databases within the Android system, I was getting error messages. A temporary fix is described below.
To Reproduce
Steps to reproduce the behavior:
Set up Android 11 VM with Android Studio w/o Play Services
When there's a mmssms.db-journal or other -journal file on the target but it is 0 bytes, instead of copying 0 bytes (invalid size) from the target to the host, the file should either be ignored or an empty file should be created on the host.
Evidence / Logs / Screenshots
% objection -g com.android.phone explore
Using USB device `Android Emulator 5554`
Agent injected and responds ok!
_ _ _ _
___| |_|_|___ ___| |_|_|___ ___
| . | . | | -_| _| _| | . | |
|___|___| |___|___|_| |_|___|_|_|
|___|(object)inject(ion) v1.11.0
Runtime Mobile Exploration
by: @leonjza from @sensepost
[tab] for command suggestions
com.android.phone on (Android: 11) [usb] # sqlite connect /data/user/0/com.android.providers.telephony/databases/mmssms.d
b
Caching local copy of database file...
Downloading /data/user/0/com.android.providers.telephony/databases/mmssms.db to /var/folders/1m/ks7m_thd3yj8yztxqnrqxpt80000gn/T/tmpaspor47x.sqlite
Streaming file from device...
reading file of size 118784
Writing bytes to destination...
Successfully downloaded /data/user/0/com.android.providers.telephony/databases/mmssms.db to /var/folders/1m/ks7m_thd3yj8yztxqnrqxpt80000gn/T/tmpaspor47x.sqlite
... caching local copy of database "journal" file...
Downloading /data/user/0/com.android.providers.telephony/databases/mmssms.db-journal to /var/folders/1m/ks7m_thd3yj8yztxqnrqxpt80000gn/T/tmpaspor47x.sqlite-journal
Streaming file from device...
reading file of size 0
A Frida agent exception has occurred.
Error: invalid size
at value (frida/runtime/core.js:190)
at readFileSync (/script1.js:4129)
at <anonymous> (/script1.js:18477)
at androidFileDownload (/script1.js:22597)
at apply (native)
at <anonymous> (frida/runtime/message-dispatcher.js:13)
at c (frida/runtime/message-dispatcher.js:23)
Python stack trace: Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/objection/console/repl.py", line 371, in start_repl
self.run_command(document)
File "/usr/local/lib/python3.9/site-packages/objection/console/repl.py", line 185, in run_command
exec_method(arguments)
File "/usr/local/lib/python3.9/site-packages/objection/commands/sqlite.py", line 90, in connect
download([db_location + '-journal', local_path + '-journal'])
File "/usr/local/lib/python3.9/site-packages/objection/commands/filemanager.py", line 400, in download
_download_android(source, destination)
File "/usr/local/lib/python3.9/site-packages/objection/commands/filemanager.py", line 466, in _download_android
file_data = api.android_file_download(path)
File "/usr/local/lib/python3.9/site-packages/frida/core.py", line 468, in method
return script._rpc_request('call', js_name, args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/frida/core.py", line 26, in wrapper
return f(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/frida/core.py", line 400, in _rpc_request
raise result[2]
frida.core.RPCException: Error: invalid size
at value (frida/runtime/core.js:190)
at readFileSync (/script1.js:4129)
at <anonymous> (/script1.js:18477)
at androidFileDownload (/script1.js:22597)
at apply (native)
at <anonymous> (frida/runtime/message-dispatcher.js:13)
at c (frida/runtime/message-dispatcher.js:23)
com.android.phone on (Android: 11) [usb] #
I changed the agent.js script to print the file size in readFileSync. As you can see, for the mmssms.db the file size is 118784 bytes, but for the -journal, it is 0 bytes.
The issue can be fixed by patching commands/sqlite.py and removing the lines that request the -journal file. However, I don't know how important the role of the -journal file is, so just removing this seems a bad fix to me. Should a 0 byte -journal file still be created or can it be ignored?
Describe the bug When trying to view or edit SQLite databases within the Android system, I was getting error messages. A temporary fix is described below.
To Reproduce Steps to reproduce the behavior:
objection -g com.android.phone exploresqlite connect /data/user/0/com.android.providers.telephony/databases/mmssms.dbExpected behavior
When there's a
mmssms.db-journalor other-journalfile on the target but it is 0 bytes, instead of copying 0 bytes (invalid size) from the target to the host, the file should either be ignored or an empty file should be created on the host.Evidence / Logs / Screenshots
I changed the
agent.jsscript to print the file size inreadFileSync. As you can see, for themmssms.dbthe file size is 118784 bytes, but for the-journal, it is 0 bytes.The issue can be fixed by patching
commands/sqlite.pyand removing the lines that request the-journalfile. However, I don't know how important the role of the-journalfile is, so just removing this seems a bad fix to me. Should a 0 byte-journalfile still be created or can it be ignored?