Malformed AndroidManifest.xml can crash Android smartphones and tablets
Have you ever come across an Android smartphone or tablet which is in a continuous reboot loop rendering it virtually useless to the user. Well if so, than the APK you last downloaded must have a malformed AndroidManifest.xml file.
Researchers at Trend Micro Labs have discovered that a malformed AndroidManifest.xml file can crash any Android device and/or make it go in a continuous reboot loop.
Androidmanifest.xml forms a important constituent of any Android App or APK. The AndroidManifest.xml file is always present in the root directory of the App and presents important information about the App to the Android operating system. With the AndroidManifest.xml, Android cannot run any of the App codes.
The AndroidManifest.xml does the following for any app to run
- It names the Java package for the application. The package name serves as a unique identifier for the application.
- It describes the components of the application — the activities, services, broadcast receivers, and content providers that the application is composed of. It names the classes that implement each of the components and publishes their capabilities (for example, which Intent messages they can handle). These declarations let the Android system know what the components are and under what conditions they can be launched.
- It determines which processes will host application components.
- It declares which permissions the application must have in order to access protected parts of the API and interact with other applications.
- It also declares the permissions that others are required to have in order to interact with the application’s components.
It lists the Instrumentation classes that provide profiling and other information as the application is running. These declarations are present in the manifest only while the application is being developed and tested; they’re removed before the application is published.
- It declares the minimum level of the Android API that the application requires.
- It lists the libraries that the application must be linked against.
Trend Micro Labs researchers have discovered a critical vulnerability that can cause any Android smartphone to crash. Trend Micro Blog says that, “We came across a vulnerability related to the manifest file that may cause an affected device to experience a continuous cycle of rebooting—rendering the device nearly useless to the user.”
The researchers say that the vulnerability can cause the OS to crash through two different ways. First of which involves very long strings and memory allocation. Some apps may contain huge strings in their .XML files, using document type definition (DTD) technology. When this string reference is assigned to some of the tags in AndroidManifest.xml (e.g., permission name, label, name of activity), the Package Parser will require memory to parse this .XML file.
Researcher say that when the Package Parser requires more memory than is allocated to it, it will crash and cause a chain reaction in the Android system run time environment. The chain reaction will stop all the running services and reboot the system.
The second way described by Trend Micro researchers involves .APK files and a specific intent-filter, which declares what a service or activity can do. An icon will be created in the launcher if the manifest file contains an activity definition with this specific intent-filter:
Normally the number of activities defined in this intent-filter is within limit and the same number of icons will be created on the home page after installation.
In case of a malformed intent-filter can define more activities and the same number of icons will be created in the home page after installation. Trend Micro researchers say that if this number is too large, the .APK file will trigger a loop of rebooting.
The results of a specific intent filter in case of activities defined is more than 10000 will be
- For Android OS version 4.4, the launcher process will undergo the reboot.
- For version L, the PackageParser crashes and reboots. The malformed .APK will be installed by no icon will be displayed.
If the number of activities is larger than 100,000, the devices will undergo the loop of rebooting.
Not a security risk
The above vulnerability can be named as a security risk unless and until someone specifically introduces a malformed AndroidManifest.xml into the APK. But if cyber criminals were to put up APKs in the wild with such a vulnerability it can cause huge problems for Android users.
Once such a malformed xml file is introduced into the system via the App it will leave the device pretty much in reboot loop and the user helpless.
The only way to rescue a malformed AndroidManifest.xml device is to have activated/enabled Debug Bridge (ADB) on the Android smartphone. The Android user can then connect the smartphone to to a computer, boot the phone in fastboot mode, and flash the ROM.
However all users are not technically efficient to use such kind of system devices and in hands of a novice using the ADB could potential brick the device.
If you come in contact with a continuous rebooting smartphone you should contact customer service or a reputable repair shop.
Another way to stop such a file being introduced in the system is to only download verified and reviewed Apps and avoid APKs found on untrusted websites.
Trend Micro has notified Google about this issue and a patch may be released soon.
Resource : Trend Micro Labs.