Info Call to dynamic code loading API

Description

List of all dynamic code loading API calls in the application. Loading code from untrsuted sources could allow the execution of malicious code in the context of the current application.

Recommendation

This entry is informative, no recommendations applicable.

Technical details

Method org.qtproject.qt5.android.bindings.QtLoader.startApp() calling method java.lang.System.getProperty()


    public void startApp(boolean p13)
    {
        int v2_0 = 0;
        try {
            if (!this.m_contextInfo.metaData.containsKey("android.app.qt_sources_resource_id")) {
                if (this.m_contextInfo.metaData.containsKey("android.app.repository")) {
                    this.m_repository = this.m_contextInfo.metaData.getString("android.app.repository");
                }
                if (this.m_contextInfo.metaData.containsKey("android.app.qt_libs_resource_id")) {
                    this.m_qtLibs = this.m_context.getResources().getStringArray(this.m_contextInfo.metaData.getInt("android.app.qt_libs_resource_id"));
                }
                if ((!this.m_contextInfo.metaData.containsKey("android.app.use_local_qt_libs")) || (this.m_contextInfo.metaData.getInt("android.app.use_local_qt_libs") != 1)) {
                    try {
                        if (!this.m_context.bindService(new android.content.Intent(org.kde.necessitas.ministro.IMinistro.getCanonicalName()), this.m_ministroConnection, 1)) {
                            throw new SecurityException("");
                        }
                    } catch (String v0) {
                        if (!p13) {
                            this.ministroNotFound();
                        } else {
                            String v0_144 = "This application requires Ministro service. Would you like to install it?";
                            if (this.m_contextInfo.metaData.containsKey("android.app.ministro_needed_msg")) {
                                v0_144 = this.m_contextInfo.metaData.getString("android.app.ministro_needed_msg");
                            }
                            this.downloadUpgradeMinistro(v0_144);
                        }
                    }
                } else {
                    String v7_0;
                    String v8_2 = new java.util.ArrayList();
                    int v4_50 = new java.io.File(this.m_context.getApplicationInfo().publicSourceDir);
                    if ((!v4_50.exists()) || (!java.util.Arrays.asList(this.SYSTEM_APP_PATHS).contains(new StringBuilder().append(v4_50.getParentFile().getAbsolutePath()).append("/").toString()))) {
                        v7_0 = 0;
                    } else {
                        v7_0 = 1;
                    }
                    String v5_5;
                    if (v7_0 == null) {
                        String v0_10 = new StringBuilder().append(this.m_context.getApplicationInfo().nativeLibraryDir).append("/").toString();
                        int v4_11 = new java.io.File(v0_10);
                        if ((!v4_11.exists()) || ((!v4_11.isDirectory()) || (v4_11.list().length <= 0))) {
                            v5_5 = 0;
                        } else {
                            v5_5 = v0_10;
                        }
                    } else {
                        String v0_11 = "/system/lib/";
                        if (!this.m_contextInfo.metaData.containsKey("android.app.system_libs_prefix")) {
                            android.util.Log.e("Qt", "It looks like app deployed as system app. It may be necessary to specify path to system lib directory using android.app.system_libs_prefix metadata variable in your AndroidManifest.xml");
                            android.util.Log.e("Qt", "Using /system/lib/ as default path");
                        } else {
                            v0_11 = this.m_contextInfo.metaData.getString("android.app.system_libs_prefix");
                        }
                        int v4_23 = new java.io.File(v0_11);
                        if ((!v4_23.exists()) || ((!v4_23.isDirectory()) || (v4_23.list().length <= 0))) {
                            v0_11 = 0;
                        }
                        v5_5 = v0_11;
                    }
                    if ((v7_0 == null) || (v5_5 != null)) {
                        int v4_26 = "/data/local/tmp/qt/";
                        if (this.m_contextInfo.metaData.containsKey("android.app.libs_prefix")) {
                            v4_26 = this.m_contextInfo.metaData.getString("android.app.libs_prefix");
                        }
                        if ((!this.m_contextInfo.metaData.containsKey("android.app.bundle_local_qt_libs")) || (this.m_contextInfo.metaData.getInt("android.app.bundle_local_qt_libs") != 1)) {
                            String v6_3 = 0;
                            int v3_1 = v4_26;
                        } else {
                            String v0_33 = new StringBuilder().append(new java.io.File(this.m_context.getApplicationInfo().dataDir).getCanonicalPath()).append("/").toString();
                            v4_26 = new StringBuilder().append(v0_33).append("qt-reserved-files/").toString();
                            if (v5_5 != null) {
                                this.cleanOldCacheIfNecessary(v0_33, v4_26);
                                this.extractBundledPluginsAndImports(v4_26, v5_5);
                                v6_3 = 1;
                                v3_1 = v0_33;
                            } else {
                                throw new Exception("");
                            }
                        }
                        if (this.m_qtLibs != null) {
                            String v0_40;
                            if (v7_0 == null) {
                                v0_40 = new StringBuilder().append(v3_1).append("lib/lib").toString();
                            } else {
                                v0_40 = new StringBuilder().append(v5_5).append("lib").toString();
                            }
                            String v5_13 = 0;
                            while (v5_13 < this.m_qtLibs.length) {
                                v8_2.add(new StringBuilder().append(v0_40).append(this.m_qtLibs[v5_13]).append(".so").toString());
                                v5_13++;
                            }
                        }
                        if (this.m_contextInfo.metaData.containsKey("android.app.load_local_libs")) {
                            String v7_3 = this.m_contextInfo.metaData.getString("android.app.load_local_libs").split(":");
                            boolean v9_0 = v7_3.length;
                            String v5_17 = 0;
                            while (v5_17 < v9_0) {
                                StringBuilder v10_6 = v7_3[v5_17];
                                if (v10_6.length() > 0) {
                                    String v0_128;
                                    StringBuilder v11_1 = new StringBuilder();
                                    if (!v10_6.startsWith("lib/")) {
                                        v0_128 = v4_26;
                                    } else {
                                        v0_128 = v3_1;
                                    }
                                    v8_2.add(v11_1.append(v0_128).append(v10_6).toString());
                                }
                                v5_17++;
                            }
                        }
                        String v0_54 = new String();
                        String v5_19 = System.getProperty("path.separator", ":");
                        if ((v6_3 == null) && (this.m_contextInfo.metaData.containsKey("android.app.load_local_jars"))) {
                            String v6_11 = this.m_contextInfo.metaData.getString("android.app.load_local_jars").split(":");
                            String v7_8 = v6_11.length;
                            while (v2_0 < v7_8) {
                                boolean v9_1 = v6_11[v2_0];
                                if (v9_1.length() > 0) {
                                    if (v0_54.length() > 0) {
                                        v0_54 = new StringBuilder().append(v0_54).append(v5_19).toString();
                                    }
                                    v0_54 = new StringBuilder().append(v0_54).append(v3_1).append(v9_1).toString();
                                }
                                v2_0++;
                            }
                        }
                        int v2_2 = new android.os.Bundle();
                        v2_2.putInt("error.code", 0);
                        v2_2.putString("dex.path", v0_54);
                        v2_2.putString("loader.class.name", this.loaderClassName());
                        if (this.m_contextInfo.metaData.containsKey("android.app.static_init_classes")) {
                            v2_2.putStringArray("static.init.classes", this.m_contextInfo.metaData.getString("android.app.static_init_classes").split(":"));
                        }
                        v2_2.putStringArrayList("native.libraries", v8_2);
                        int v3_14 = new StringBuilder().append(this.m_context.getApplicationInfo().dataDir).append("/qt-reserved-files/android-style/").toString();
                        String v5_25 = new StringBuilder().append(v3_14).append(this.m_displayDensity).append("/").toString();
                        String v0_75 = "full";
                        if (this.m_contextInfo.metaData.containsKey("android.app.extract_android_style")) {
                            v0_75 = this.m_contextInfo.metaData.getString("android.app.extract_android_style");
                            if ((!v0_75.equals("full")) && ((!v0_75.equals("minimal")) && (!v0_75.equals("none")))) {
                                android.util.Log.e("Qt", new StringBuilder().append("Invalid extract_android_style option \"").append(v0_75).append("\", defaulting to full").toString());
                                v0_75 = "full";
                            }
                        }
                        if ((!new java.io.File(v5_25).exists()) && (!v0_75.equals("none"))) {
                            v2_2.putString("extract.android.style", v5_25);
                            v2_2.putBoolean("extract.android.style.option", v0_75.equals("minimal"));
                        }
                        if (v0_75.equals("full")) {
                            this.ENVIRONMENT_VARIABLES = new StringBuilder().append(this.ENVIRONMENT_VARIABLES).append("\tQT_USE_ANDROID_NATIVE_STYLE=1").toString();
                        }
                        String v0_102;
                        this.ENVIRONMENT_VARIABLES = new StringBuilder().append(this.ENVIRONMENT_VARIABLES).append("\tMINISTRO_ANDROID_STYLE_PATH=").append(v5_25).append("\tQT_ANDROID_THEMES_ROOT_PATH=").append(v3_14).toString();
                        v2_2.putString("environment.variables", new StringBuilder().append(this.ENVIRONMENT_VARIABLES).append("\tQML2_IMPORT_PATH=").append(v4_26).append("/qml\tQML_IMPORT_PATH=").append(v4_26).append("/imports\tQT_PLUGIN_PATH=").append(v4_26).append("/plugins").toString());
                        if (this.APPLICATION_PARAMETERS == null) {
                            v0_102 = 0;
                        } else {
                            v0_102 = this.APPLICATION_PARAMETERS;
                        }
                        String v1_2;
                        String v1_1 = this.getIntent();
                        if (v1_1 == null) {
                            v1_2 = v0_102;
                        } else {
                            v1_2 = v1_1.getStringExtra("applicationArguments");
                            if (v1_2 == null) {
                            } else {
                                if (v0_102 != null) {
                                    v1_2 = new StringBuilder().append(v0_102).append(9).append(v1_2).toString();
                                }
                            }
                        }
                        String v0_111;
                        if (!this.m_contextInfo.metaData.containsKey("android.app.arguments")) {
                            v0_111 = v1_2;
                        } else {
                            v0_111 = this.m_contextInfo.metaData.getString("android.app.arguments");
                            if (v1_2 != null) {
                                v0_111 = new StringBuilder().append(v1_2).append(9).append(v0_111).toString();
                            }
                        }
                        if (v0_111 != null) {
                            v2_2.putString("application.parameters", v0_111.replace(32, 9).trim());
                        }
                        this.loadApplication(v2_2);
                    } else {
                        throw new Exception("");
                    }
                }
            } else {
                this.m_sources = this.m_context.getResources().getStringArray(this.m_contextInfo.metaData.getInt("android.app.qt_sources_resource_id"));
            }
        } catch (String v0_138) {
            android.util.Log.e("Qt", "Can\'t create main activity", v0_138);
        }
        return;
    }

Method com.google.a.c.l.<clinit>() calling method java.lang.System.getProperty()


    static l()
    {
        int v0_2;
        com.google.a.c.l.a = System.getProperty("file.encoding");
        if ((!"SJIS".equalsIgnoreCase(com.google.a.c.l.a)) && (!"EUC_JP".equalsIgnoreCase(com.google.a.c.l.a))) {
            v0_2 = 0;
        } else {
            v0_2 = 1;
        }
        com.google.a.c.l.b = v0_2;
        return;
    }

Method org.qtproject.qt5.android.QtActivityDelegate.onKeyUp() calling method java.lang.System.getenv()


    public boolean onKeyUp(int p6, android.view.KeyEvent p7)
    {
        int v0 = 0;
        if ((this.m_started) && (((p6 != 24) && ((p6 != 25) && (p6 != 91))) || (System.getenv("QT_ANDROID_VOLUME_KEYS") != null))) {
            if ((p6 != 4) || (this.m_backKeyPressedSent)) {
                this.m_metaState = android.text.method.MetaKeyKeyListener.handleKeyUp(this.m_metaState, p6, p7);
                long v2_7 = p7.getUnicodeChar();
                int v3 = p7.getMetaState();
                if (p7.getRepeatCount() > 0) {
                    v0 = 1;
                }
                org.qtproject.qt5.android.QtNative.keyUp(p6, v2_7, v3, v0);
                v0 = 1;
            } else {
                this.hideSoftwareKeyboard();
                this.setKeyboardVisibility(0, System.nanoTime());
                v0 = 1;
            }
        }
        return v0;
    }

Method org.qtproject.qt5.android.QtActivityDelegate.onKeyDown() calling method java.lang.System.getenv()


    public boolean onKeyDown(int p9, android.view.KeyEvent p10)
    {
        int v2 = 0;
        if (this.m_started) {
            int v3_1;
            this.m_metaState = android.text.method.MetaKeyKeyListener.handleKeyDown(this.m_metaState, p9, p10);
            int v4_0 = p10.getUnicodeChar((android.text.method.MetaKeyKeyListener.getMetaState(this.m_metaState) | p10.getMetaState()));
            this.m_metaState = android.text.method.MetaKeyKeyListener.adjustMetaAfterKeypress(this.m_metaState);
            if ((-2147483648 & v4_0) == 0) {
                v3_1 = v4_0;
            } else {
                v3_1 = android.view.KeyEvent.getDeadChar(this.m_lastChar, (2147483647 & v4_0));
            }
            if (((p9 != 24) && ((p9 != 25) && (p9 != 91))) || (System.getenv("QT_ANDROID_VOLUME_KEYS") != null)) {
                this.m_lastChar = v4_0;
                if (p9 == 4) {
                    boolean v0_15;
                    if (this.m_keyboardIsVisible) {
                        v0_15 = 0;
                    } else {
                        v0_15 = 1;
                    }
                    this.m_backKeyPressedSent = v0_15;
                    if (!this.m_backKeyPressedSent) {
                        v2 = 1;
                        return v2;
                    }
                }
                boolean v0_17 = p10.getMetaState();
                if (p10.getRepeatCount() > 0) {
                    v2 = 1;
                }
                org.qtproject.qt5.android.QtNative.keyDown(p9, v3_1, v0_17, v2);
                v2 = 1;
            }
        }
        return v2;
    }

Method org.qtproject.qt5.android.QtNative$5.run() calling method java.lang.System.load()


    public void run()
    {
        try {
            System.load(this.val$mainLibraryPath);
        } catch (int v0_2) {
            android.util.Log.i("Qt JAVA", new StringBuilder().append("Can\'t load \'").append(this.val$mainLibraryPath).append("\'").toString(), v0_2);
        }
        this.val$res[0] = org.qtproject.qt5.android.QtNative.startQtAndroidPlugin(this.val$qtParams, this.val$environment);
        org.qtproject.qt5.android.QtNative.setDisplayMetrics(org.qtproject.qt5.android.QtNative.access$100(), org.qtproject.qt5.android.QtNative.access$200(), org.qtproject.qt5.android.QtNative.access$300(), org.qtproject.qt5.android.QtNative.access$400(), org.qtproject.qt5.android.QtNative.access$500(), org.qtproject.qt5.android.QtNative.access$600(), org.qtproject.qt5.android.QtNative.access$700(), org.qtproject.qt5.android.QtNative.access$800());
        return;
    }

Method org.qtproject.qt5.android.QtNative$3.run() calling method java.lang.System.load()


    public void run()
    {
        if (this.val$libraries != null) {
            java.util.Iterator v4 = this.val$libraries.iterator();
            while (v4.hasNext()) {
                String v0_1 = ((String) v4.next());
                try {
                    java.io.File v1_14;
                    String v5_1 = new StringBuilder().append("lib").append(v0_1).append(".so").toString();
                    String v2_4 = new java.io.File(new StringBuilder().append(this.val$nativeLibraryDir).append(v5_1).toString());
                } catch (java.io.File v1_1) {
                    android.util.Log.i("Qt JAVA", new StringBuilder().append("Can\'t load \'").append(v0_1).append("\'").toString(), v1_1);
                }
                if (v2_4.exists()) {
                    v1_14 = v2_4;
                } else {
                    android.util.Log.i("Qt JAVA", new StringBuilder().append("Can\'t find \'").append(v2_4.getAbsolutePath()).toString());
                    try {
                        String v3_13;
                        String v3_12 = org.qtproject.qt5.android.QtNative.access$000().getPackageManager().getActivityInfo(org.qtproject.qt5.android.QtNative.access$000().getComponentName(), 128);
                    } catch (java.io.File v1) {
                        v1_14 = v2_4;
                    }
                    if (!v3_12.metaData.containsKey("android.app.system_libs_prefix")) {
                        v3_13 = "/system/lib/";
                    } else {
                        v3_13 = v3_12.metaData.getString("android.app.system_libs_prefix");
                    }
                    v1_14 = new java.io.File(new StringBuilder().append(v3_13).append(v5_1).toString());
                }
                if (!v1_14.exists()) {
                    android.util.Log.i("Qt JAVA", new StringBuilder().append("Can\'t find \'").append(v1_14.getAbsolutePath()).toString());
                } else {
                    System.load(v1_14.getAbsolutePath());
                }
            }
        }
        return;
    }

Method org.qtproject.qt5.android.QtNative$2.run() calling method java.lang.System.load()


    public void run()
    {
        if (this.val$libraries != null) {
            java.util.Iterator v2 = this.val$libraries.iterator();
            while (v2.hasNext()) {
                String v0_1 = ((String) v2.next());
                try {
                    if (new java.io.File(v0_1).exists()) {
                        System.load(v0_1);
                    }
                } catch (Exception v1_4) {
                    android.util.Log.i("Qt JAVA", new StringBuilder().append("Can\'t load \'").append(v0_1).append("\'").toString(), v1_4);
                } catch (Exception v1_3) {
                    android.util.Log.i("Qt JAVA", new StringBuilder().append("Can\'t load \'").append(v0_1).append("\'").toString(), v1_3);
                }
            }
        }
        return;
    }

Method org.qtproject.qt5.android.bindings.QtLoader.loadApplication() calling method dalvik.system.DexClassLoader.<init>()


    private void loadApplication(android.os.Bundle p9)
    {
        try {
            Exception v0_23 = p9.getInt("error.code");
        } catch (Exception v0_18) {
            v0_18.printStackTrace();
            Exception v0_21 = new android.app.AlertDialog$Builder(this.m_context).create();
            if (!this.m_contextInfo.metaData.containsKey("android.app.fatal_error_msg")) {
                v0_21.setMessage("Fatal error, your application can\'t be started.");
            } else {
                v0_21.setMessage(this.m_contextInfo.metaData.getString("android.app.fatal_error_msg"));
            }
            v0_21.setButton(this.m_context.getResources().getString(17039370), new org.qtproject.qt5.android.bindings.QtLoader$2(this));
            v0_21.show();
            return;
        }
        if (v0_23 == null) {
            Exception v0_34 = new java.util.ArrayList();
            if (this.m_contextInfo.metaData.containsKey("android.app.bundled_libs_resource_id")) {
                v0_34.addAll(java.util.Arrays.asList(this.m_context.getResources().getStringArray(this.m_contextInfo.metaData.getInt("android.app.bundled_libs_resource_id"))));
            }
            if (this.m_contextInfo.metaData.containsKey("android.app.lib_name")) {
                p9.putString("main.library", this.m_contextInfo.metaData.getString("android.app.lib_name"));
            }
            Exception v0_31;
            p9.putStringArrayList("bundled.libraries", v0_34);
            p9.putInt("necessitas.api.level", 2);
            Object v2_14 = p9.getString("dex.path");
            Class[] v3_4 = this.m_context.getDir("outdex", 0).getAbsolutePath();
            if (!p9.containsKey("lib.path")) {
                v0_31 = 0;
            } else {
                v0_31 = p9.getString("lib.path");
            }
            String v1_37 = new dalvik.system.DexClassLoader(v2_14, v3_4, v0_31, this.m_context.getClassLoader());
            Object v2_15 = v1_37.loadClass(p9.getString("loader.class.name")).newInstance();
            Exception v0_37 = v2_15.getClass();
            int v4_4 = new Class[3];
            v4_4[0] = this.contextClassName();
            v4_4[1] = ClassLoader;
            v4_4[2] = android.os.Bundle;
            Exception v0_38 = v0_37.getMethod("loadApplication", v4_4);
            Class[] v3_7 = new Object[3];
            v3_7[0] = this.m_context;
            v3_7[1] = v1_37;
            v3_7[2] = p9;
            if (((Boolean) v0_38.invoke(v2_15, v3_7)).booleanValue()) {
                org.qtproject.qt5.android.bindings.QtApplication.setQtContextDelegate(this.m_delegateClass, v2_15);
                Class[] v3_1 = new Class[0];
                String v1_3 = new Object[0];
                if (((Boolean) v2_15.getClass().getMethod("startApplication", v3_1).invoke(v2_15, v1_3)).booleanValue()) {
                    return;
                } else {
                    throw new Exception("");
                }
            } else {
                throw new Exception("");
            }
        } else {
            if (v0_23 != 1) {
                Exception v0_15 = new android.app.AlertDialog$Builder(this.m_context).create();
                v0_15.setMessage(p9.getString("error.message"));
                v0_15.setButton(this.m_context.getResources().getString(17039370), new org.qtproject.qt5.android.bindings.QtLoader$1(this));
                v0_15.show();
                return;
            } else {
                this.downloadUpgradeMinistro(p9.getString("error.message"));
                return;
            }
        }
    }