We write a music player app. The info on Stagefright 2:
https://blog.zimperium.com/zimperium...-mp3mp4-media/
says that third party music players that use Android's standard media playing libraries are vulnerable. OS patches are on their way but we'd like to do our bit, we support down to 2.1.
But dev-level details on the exploit seem to be hard to find right now.
It's something to do with the metadata of the file, is that just id3 tags? If so it would be relatively simple to edit the file to sanitise them before passing them to MediaPlayer, maybe raising an error if the file can't be written to. Might have to use a third-party library to do that rather than Android's parser which might trigger the exploit.
It mentions 'Android previewing the file' - what does 'previewing' mean? Is that the browser calling MediaPlayer.setDataSource() or MediaPlayer.prepare()?
It also mentions 'libutils' - is that MediaPlayer accessing libutils or does the app need to access libutils in some other way? I'm guessing it's not only MediaCodecInfo and friends as they are API 16+.
https://blog.zimperium.com/zimperium...-mp3mp4-media/
says that third party music players that use Android's standard media playing libraries are vulnerable. OS patches are on their way but we'd like to do our bit, we support down to 2.1.
But dev-level details on the exploit seem to be hard to find right now.
It's something to do with the metadata of the file, is that just id3 tags? If so it would be relatively simple to edit the file to sanitise them before passing them to MediaPlayer, maybe raising an error if the file can't be written to. Might have to use a third-party library to do that rather than Android's parser which might trigger the exploit.
It mentions 'Android previewing the file' - what does 'previewing' mean? Is that the browser calling MediaPlayer.setDataSource() or MediaPlayer.prepare()?
It also mentions 'libutils' - is that MediaPlayer accessing libutils or does the app need to access libutils in some other way? I'm guessing it's not only MediaCodecInfo and friends as they are API 16+.
No comments:
Post a Comment