From 490b6f8aeee8d1e04439e90a19223af71c0fd792 Mon Sep 17 00:00:00 2001 From: Connor Tumbleson Date: Mon, 24 Jul 2023 06:23:25 -0400 Subject: [PATCH] fix: handle larger axml namespace headers than known (#3210) --- .../brut/androlib/res/decoder/AXmlResourceParser.java | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/brut.apktool/apktool-lib/src/main/java/brut/androlib/res/decoder/AXmlResourceParser.java b/brut.apktool/apktool-lib/src/main/java/brut/androlib/res/decoder/AXmlResourceParser.java index a335db23..4058858c 100644 --- a/brut.apktool/apktool-lib/src/main/java/brut/androlib/res/decoder/AXmlResourceParser.java +++ b/brut.apktool/apktool-lib/src/main/java/brut/androlib/res/decoder/AXmlResourceParser.java @@ -676,12 +676,13 @@ public class AXmlResourceParser implements XmlResourceParser { } int chunkType; + int headerSize = 0; if (event == START_DOCUMENT) { // Fake event, see CHUNK_XML_START_TAG handler. chunkType = ARSCHeader.RES_XML_START_ELEMENT_TYPE; } else { chunkType = mIn.readShort(); - mIn.skipShort(); // headerSize + headerSize = mIn.readShort(); } if (chunkType == ARSCHeader.RES_XML_RESOURCE_MAP_TYPE) { @@ -718,6 +719,14 @@ public class AXmlResourceParser implements XmlResourceParser { mIn.skipInt(); // uri mNamespaces.pop(); } + + // Check for larger header than we read. We know the current header is 0x10 bytes, but some apps + // are packed with a larger header of unknown data. + if (headerSize > 0x10) { + int bytesToSkip = headerSize - 0x10; + LOGGER.warning(String.format("AXML header larger than 0x10 bytes, skipping %d bytes.", bytesToSkip)); + mIn.skipBytes(bytesToSkip); + } continue; }