Info Call to XML parsing API

Description

Improper XML parsing could lead to several vulnerabilities which could to arbitrary file access (External XML Entities injection, XML injection) or denial of service (Billion laughs, quadratic blowup).

Recommendation

This entry is informative, no recommendations applicable.

Technical details

Method android.support.v7.widget.ActivityChooserModel$PersistHistoryAsyncTask.doInBackground() calling method android.util.Xml.newSerializer()


    public varargs Void doInBackground(Object[] p13)
    {
        int v2_0 = 0;
        java.io.IOException v0_4 = ((java.util.List) p13[0]);
        try {
            StringBuilder v3_0 = this.this$0.mContext.openFileOutput(((String) p13[1]), 0);
            String v4_0 = android.util.Xml.newSerializer();
            try {
                v4_0.setOutput(v3_0, 0);
                v4_0.startDocument("UTF-8", Boolean.valueOf(1));
                v4_0.startTag(0, "historical-records");
                int v5_3 = v0_4.size();
            } catch (java.io.IOException v0_10) {
                android.util.Log.e(android.support.v7.widget.ActivityChooserModel.LOG_TAG, new StringBuilder().append("Error writing historical record file: ").append(this.this$0.mHistoryFileName).toString(), v0_10);
                this.this$0.mCanReadHistoricalData = 1;
                if (v3_0 == null) {
                    return 0;
                } else {
                    try {
                        v3_0.close();
                    } catch (java.io.IOException v0) {
                    }
                    return 0;
                }
            } catch (java.io.IOException v0_8) {
                android.util.Log.e(android.support.v7.widget.ActivityChooserModel.LOG_TAG, new StringBuilder().append("Error writing historical record file: ").append(this.this$0.mHistoryFileName).toString(), v0_8);
                this.this$0.mCanReadHistoricalData = 1;
                if (v3_0 == null) {
                    return 0;
                } else {
                    try {
                        v3_0.close();
                    } catch (java.io.IOException v0) {
                    }
                    return 0;
                }
            } catch (java.io.IOException v0_6) {
                android.util.Log.e(android.support.v7.widget.ActivityChooserModel.LOG_TAG, new StringBuilder().append("Error writing historical record file: ").append(this.this$0.mHistoryFileName).toString(), v0_6);
                this.this$0.mCanReadHistoricalData = 1;
                if (v3_0 == null) {
                    return 0;
                } else {
                    try {
                        v3_0.close();
                    } catch (java.io.IOException v0) {
                    }
                    return 0;
                }
            } catch (java.io.IOException v0_0) {
                this.this$0.mCanReadHistoricalData = 1;
                if (v3_0 != null) {
                    try {
                        v3_0.close();
                    } catch (String v1) {
                    }
                }
                throw v0_0;
            }
            while (v2_0 < v5_3) {
                String v1_3 = ((android.support.v7.widget.ActivityChooserModel$HistoricalRecord) v0_4.remove(0));
                v4_0.startTag(0, "historical-record");
                v4_0.attribute(0, "activity", v1_3.activity.flattenToString());
                v4_0.attribute(0, "time", String.valueOf(v1_3.time));
                v4_0.attribute(0, "weight", String.valueOf(v1_3.weight));
                v4_0.endTag(0, "historical-record");
                v2_0++;
            }
            v4_0.endTag(0, "historical-records");
            v4_0.endDocument();
            this.this$0.mCanReadHistoricalData = 1;
            if (v3_0 == null) {
                return 0;
            } else {
                try {
                    v3_0.close();
                } catch (java.io.IOException v0) {
                }
                return 0;
            }
        } catch (java.io.IOException v0_1) {
            android.util.Log.e(android.support.v7.widget.ActivityChooserModel.LOG_TAG, new StringBuilder().append("Error writing historical record file: ").append(0).toString(), v0_1);
            return 0;
        }
    }