Info Call to XML parsing API

Description

Improper XML parsing could lead to several vulnerabilities which could to arbitrary file access (External XML Entities injection, XML injection) or denial of service (Billion laughs, quadratic blowup).

Recommendation

This entry is informative, no recommendations applicable.

Technical details

Method android.support.v7.internal.widget.ActivityChooserModel$PersistHistoryAsyncTask.doInBackground() calling method android.util.Xml.newSerializer()


    public varargs Void doInBackground(Object[] p14)
    {
        java.util.List v1_1 = ((java.util.List) p14[0]);
        String v3_1 = ((String) p14[1]);
        try {
            java.io.FileOutputStream v5 = android.support.v7.internal.widget.ActivityChooserModel.access$200(this.this$0).openFileOutput(v3_1, 0);
            String v6_2 = android.util.Xml.newSerializer();
            try {
                v6_2.setOutput(v5, 0);
                v6_2.startDocument("UTF-8", Boolean.valueOf(1));
                v6_2.startTag(0, "historical-records");
                String v7_4 = v1_1.size();
                int v8_5 = 0;
            } catch (java.io.IOException v0_4) {
                android.support.v7.internal.widget.ActivityChooserModel.access$502(this.this$0, 1);
                if (v5 != null) {
                    try {
                        v5.close();
                    } catch (java.io.IOException v2) {
                    }
                }
                throw v0_4;
            } catch (java.io.IOException v0_2) {
                String v7_0 = android.support.v7.internal.widget.ActivityChooserModel.access$300();
                int v8_2 = new StringBuilder();
                v8_2.append("Error writing historical recrod file: ");
                v8_2.append(android.support.v7.internal.widget.ActivityChooserModel.access$400(this.this$0));
                android.util.Log.e(v7_0, v8_2.toString(), v0_2);
                android.support.v7.internal.widget.ActivityChooserModel.access$502(this.this$0, 1);
                if (v5 == null) {
                    return 0;
                } else {
                    v5.close();
                    return 0;
                }
            } catch (java.io.IOException v0_10) {
                String v7_6 = android.support.v7.internal.widget.ActivityChooserModel.access$300();
                int v8_10 = new StringBuilder();
                v8_10.append("Error writing historical recrod file: ");
                v8_10.append(android.support.v7.internal.widget.ActivityChooserModel.access$400(this.this$0));
                android.util.Log.e(v7_6, v8_10.toString(), v0_10);
                android.support.v7.internal.widget.ActivityChooserModel.access$502(this.this$0, 1);
                if (v5 == null) {
                    return 0;
                } else {
                    v5.close();
                    return 0;
                }
            } catch (java.io.IOException v0_8) {
                String v7_5 = android.support.v7.internal.widget.ActivityChooserModel.access$300();
                int v8_7 = new StringBuilder();
                v8_7.append("Error writing historical recrod file: ");
                v8_7.append(android.support.v7.internal.widget.ActivityChooserModel.access$400(this.this$0));
                android.util.Log.e(v7_5, v8_7.toString(), v0_8);
                android.support.v7.internal.widget.ActivityChooserModel.access$502(this.this$0, 1);
                if (v5 == null) {
                    return 0;
                } else {
                    v5.close();
                    return 0;
                }
            } catch (java.io.IOException v0) {
                return 0;
            }
            while (v8_5 < v7_4) {
                android.support.v7.internal.widget.ActivityChooserModel$HistoricalRecord v9_4 = ((android.support.v7.internal.widget.ActivityChooserModel$HistoricalRecord) v1_1.remove(0));
                v6_2.startTag(0, "historical-record");
                v6_2.attribute(0, "activity", v9_4.activity.flattenToString());
                v6_2.attribute(0, "time", String.valueOf(v9_4.time));
                v6_2.attribute(0, "weight", String.valueOf(v9_4.weight));
                v6_2.endTag(0, "historical-record");
                v8_5++;
            }
            v6_2.endTag(0, "historical-records");
            v6_2.endDocument();
            android.support.v7.internal.widget.ActivityChooserModel.access$502(this.this$0, 1);
            if (v5 == null) {
                return 0;
            } else {
                v5.close();
                return 0;
            }
        } catch (java.io.IOException v0_5) {
            java.io.IOException v2_0 = android.support.v7.internal.widget.ActivityChooserModel.access$300();
            String v6_4 = new StringBuilder();
            v6_4.append("Error writing historical recrod file: ");
            v6_4.append(v3_1);
            android.util.Log.e(v2_0, v6_4.toString(), v0_5);
            return 0;
        }
    }