talsec / Free-RASP-Flutter

Flutter library for improving app security and threat monitoring on Android and iOS mobile devices.
https://github.com/talsec/Free-RASP-Community
MIT License
194 stars 20 forks source link

Your app contains content that isn’t compliant with the Broken Functionality policy. App loads, but crashes #141

Open AhmedHammad0900 opened 1 month ago

AhmedHammad0900 commented 1 month ago

Describe the bug When I try to upload my app update to Google Play I get this error :- Your app contains content that isn’t compliant with the Broken Functionality policy. App loads, but crashes

my code is :-

    isProd: true,
 ..... // closure 
  final callback = ThreatCallback(
    onAppIntegrity: () => exit(0),
    onObfuscationIssues: () => exit(0),
    onDebug: () => exit(0),
    onDeviceBinding: () => exit(0),
    onHooks: () => exit(0),
    onPrivilegedAccess: () => exit(0),
    onSecureHardwareNotAvailable: () => exit(0),
    onSimulator: () => exit(0),
    onSystemVPN: () => exit(0),
    onUnofficialStore: () => exit(0),
  );

and I am using this command to build the app

flutter build appbundle--release --obfuscate --split-debug-info=build/app/outputs/symbols

I tried to build apk to test it on my phone and it worked fine without crashing after removing this part of code for sure :- onUnofficialStore: () => exit(0),

I used :- flutter build apk --release --obfuscate --split-debug-info=build/app/outputs/symbols

Console of Google don't show additional information but the only thing I did is adding freeRasp to my code then uploading it as update so no another code errors and app works fine my local device after removign store part ..

I want refer to that "signingCertHashes" include the SHA of store too with release and debug SHA

AhmedHammad0900 commented 1 month ago

any help on this ..

msikyna commented 1 month ago

Hello,

does the APK of the application, which is resigned by Google work on your device as well? Does the beta or internal testing version work as well? Btw using exit(0) is not an appropriate killing of the application on Android devices, see https://stackoverflow.com/questions/45109557/flutter-how-to-programmatically-exit-the-app

Kind regards, Talsec team

github-actions[bot] commented 2 weeks ago

Hello! This issue has been marked as inactive. If there is no further activity within the next 14 days, this issue will be automatically closed. If you believe this issue is still relevant and requires attention, please comment or provide additional information.

xprikryl2 commented 2 weeks ago

Hello @AhmedHammad0900,

There was one more bug (causing ANR) that was recently resolved that could help you with your issue. If your issue still persists, please try to update to the newest version of freeRASP.

Note: The exit(0) is not an appropriate killing mechanism. Also, processing and logging of found threats could help you understand why is your application being killed.

Best regards, Ondrej from Talsec