BufferedInputStream: Allow jumping backwards to an already processed position

skylot / jadx

Dex to Java decompiler

Apache License 2.0

41.91k stars 4.89k forks source link

BufferedInputStream: Allow jumping backwards to an already processed position #2344

Closed jpstotz closed 1 week ago

jpstotz commented 1 week ago

Some APK resources.arsc seem to use disordered entries, which collides with our approach to read them sequentially from the InputStream.

As a workaround this PR introduces a BufferedInputStream and mark/reset support for ParserStream which allows us to jump back (up to 32k) in stream to read the disordered type chunk entries.

fixes #2343

jpstotz commented 1 week ago

@skylot I checked the usages and in most cases the InputStream came directly from ZIP file. Only one case used BufferedInputStream (which I removed in this PR).

I see. resources.arsc is stored without compression in the ZIP file. So Android directly maps the ZIP file data to memory and operates on it.

skylot commented 1 week ago

in most cases the InputStream came directly from ZIP file

Everything should be from here: https://github.com/skylot/jadx/blob/964bd62d35df610b7a107faba84c26dd2c293f7a/jadx-core/src/main/java/jadx/api/plugins/utils/ZipSecurity.java#L115-L122 otherwise it is not secured/checked and should be fixed.