Bug on android M

Question

Bug on android M

absidibe opened this issue 9 years ago · 1 comments

My method hook works fine with your librairy when I used android L but after upgrade my nexus to android M, my app crash with
errors and stack traces are followings :

0-200/? A/DEBUG﹕ *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
10-30 15:36:30.863      200-200/? A/DEBUG﹕ Build fingerprint: 'google/hammerhead/hammerhead:6.0/MRA58K/2256973:user/release-keys'
10-30 15:36:30.863      200-200/? A/DEBUG﹕ Revision: '0'
10-30 15:36:30.863      200-200/? A/DEBUG﹕ ABI: 'arm'
10-30 15:36:30.863      200-200/? A/DEBUG﹕ pid: 3672, tid: 3672, name: wapps.fasdktest  >>> com.followapps.fasdktest <<<
10-30 15:36:30.863      200-200/? A/DEBUG﹕ signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xfffffffb
10-30 15:36:30.876      200-200/? A/DEBUG﹕ r0 b4d0a0f0  r1 00000000  r2 b4d0a0f0  r3 00000000
10-30 15:36:30.877      200-200/? A/DEBUG﹕ r4 b4d16ae0  r5 00100019  r6 00000004  r7 fffffffb
10-30 15:36:30.877      200-200/? A/DEBUG﹕ r8 12e44920  r9 b4d36a00  sl 12e4d9d0  fp 00000000
10-30 15:36:30.877      200-200/? A/DEBUG﹕ ip 00000000  sp becb3db8  lr b4a9de6b  pc b441c280  cpsr 800f0030
10-30 15:36:30.879      200-200/? A/DEBUG﹕ backtrace:
10-30 15:36:30.879      200-200/? A/DEBUG﹕ #00 pc 00001280  /data/app/com.followapps.fasdktest-1/lib/arm/libarthook_native.so (Java_com_followanalytics_android_eventhandler_Native_memget+43)
10-30 15:36:30.879      200-200/? A/DEBUG﹕ #01 pc 00bc0367  /data/app/com.followapps.fasdktest-1/oat/arm/base.odex (offset 0xaa8000)
10-30 15:36:31.170      200-200/? A/DEBUG﹕ Tombstone written to: /data/tombstones/tombstone_04
10-30 15:36:31.170      200-200/? E/DEBUG﹕ AM write failed: Broken pipe
10-30 15:36:32.860     779-4259/? E/Surface﹕ getSlotFromBufferLocked: unknown buffer: 0x92d51f60
10-30 15:36:33.162    3712-3712/? A/libc﹕ Fatal signal 11 (SIGSEGV), code 1, fault addr 0xfffffffb in tid 3712 (wapps.fasdktest)

I thing the hook.c file must be update ?

Answer 1 · 2024-04-21T20:58:37.000Z

I would like to reproduce ArtHook hooking process. I have a Samsung Galaxy Tab SM-T700 with Android 6.0.1.
I used DroidMate2 to create an inlined apk for built by me, simple and oriented to testing the hooking of the (commented) URL sensitive API from DroidMate. After inlining, it gives me the following error. Do you have any idea about why it is breaking? App works okay without inlining.

``---------------------------- PROCESS ENDED (11916) for package com.forensicbites.sdk23_droidmate_test ----------------------------
2024-01-01 16:42:53.980 2836-2836 SDAgentPac...teReceiver system_server E Not going to handle 'com.forensicbites.sdk23_droidmate_test'!
2024-01-01 16:42:54.335 3466-3466 Launcher.Model com.sec.android.app.launcher E onPackageRemoved :com.forensicbites.sdk23_droidmate_test
2024-01-01 16:42:56.340 2836-2836 SDAgentPac...teReceiver system_server E Not going to handle 'com.forensicbites.sdk23_droidmate_test'!
2024-01-01 16:42:56.395 2836-2924 MARsDBManager system_server E insertPackage com.forensicbites.sdk23_droidmate_test uri = content://com.samsung.android.sm/AppFreezer/261
2024-01-01 16:42:56.920 3466-3466 Launcher.Model com.sec.android.app.launcher E onPackageAdded :com.forensicbites.sdk23_droidmate_test
2024-01-01 16:42:58.410 12642-12642 SPPClientService com.sec.spp.push E [PackageInfoChangeReceiver] [handlePkgRemovedEvent] PackageName : com.forensicbites.sdk23_droidmate_test
---------------------------- PROCESS STARTED (20840) for package com.forensicbites.sdk23_droidmate_test ----------------------------
2024-01-01 16:47:05.235 20840-20840 System.out com...sicbites.sdk23_droidmate_test I Extracting lib/armeabi-v7a/libarthook_native.so to: /data/user/0/com.forensicbites.sdk23_droidmate_test/files/appguard_monitor_libs/libarthook_native.so
2024-01-01 16:47:05.250 20840-20840 System.out com...sicbites.sdk23_droidmate_test I Extracting lib/armeabi/libarthook_native.so to: /data/user/0/com.forensicbites.sdk23_droidmate_test/files/appguard_monitor_libs/libarthook_native.so
2024-01-01 16:47:16.765 20879-20879 dex2oat dex2oat E : oat location is not valid /data/user/0/com.forensicbites.sdk23_droidmate_test/files/appguard_monitor_odex/monitor.dex
2024-01-01 16:47:16.835 20840-20840 BaseAppGuardApplication com...sicbites.sdk23_droidmate_test W Error while initializing monitor.
java.lang.InstantiationException: java.lang.Class<org.droidmate.monitor.Monitor> has no zero argument constructor
at java.lang.Class.newInstance(Native Method)
at com.srt.appguard.loader.MonitorLoader.startAppGuardMonitor(MonitorLoader.java:39)
at com.srt.appguard.loader.MonitorLoaderApplication.attachBaseContext(MonitorLoaderApplication.java:13)
at android.app.Application.attach(Application.java:211)
at android.app.Instrumentation.newApplication(Instrumentation.java:1021)
at android.app.Instrumentation.newApplication(Instrumentation.java:1005)
at android.app.LoadedApk.makeApplication(LoadedApk.java:670)
at android.app.ActivityThread.handleBindApplication(ActivityThread.java:6401)
at android.app.ActivityThread.access$1800(ActivityThread.java:229)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1887)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:148)
at android.app.ActivityThread.main(ActivityThread.java:7331)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120)
2024-01-01 16:47:16.870 20840-20840 AndroidRuntime com...sicbites.sdk23_droidmate_test D Shutting down VM
2024-01-01 16:47:16.870 20840-20840 AndroidRuntime com...sicbites.sdk23_droidmate_test E FATAL EXCEPTION: main
Process: com.forensicbites.sdk23_droidmate_test, PID: 20840
java.lang.NoClassDefFoundError: Failed resolution of: Lcom/forensicbites/sdk23_droidmate_test/R$layout;
at com.forensicbites.sdk23_droidmate_test.MainActivity.onCreate(MainActivity.java:19)
at android.app.Activity.performCreate(Activity.java:6904)
at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1136)
at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3266)
at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3415)
at android.app.ActivityThread.access$1100(ActivityThread.java:229)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1821)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:148)
at android.app.ActivityThread.main(ActivityThread.java:7331)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120)
Caused by: java.lang.ClassNotFoundException: Didn't find class "com.forensicbites.sdk23_droidmate_test.R$layout" on path: DexPathList[[zip file "/data/app/com.forensicbites.sdk23_droidmate_test-1/base.apk"],nativeLibraryDirectories=[/data/app/com.forensicbites.sdk23_droidmate_test-1/lib/arm, /vendor/lib, /system/lib]]
at dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:56)
at java.lang.ClassLoader.loadClass(ClassLoader.java:511)
at java.lang.ClassLoader.loadClass(ClassLoader.java:469)
at com.forensicbites.sdk23_droidmate_test.MainActivity.onCreate(MainActivity.java:19)
at android.app.Activity.performCreate(Activity.java:6904)
at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1136)
at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3266)
at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3415)
at android.app.ActivityThread.access$1100(ActivityThread.java:229)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1821)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:148)
at android.app.ActivityThread.main(ActivityThread.java:7331)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120)
Suppressed: java.lang.ClassNotFoundException: com.forensicbites.sdk23_droidmate_test.R$layout
at java.lang.Class.classForName(Native Method)
at java.lang.BootClassLoader.findClass(ClassLoader.java:781)
at java.lang.BootClassLoader.loadClass(ClassLoader.java:841)
at java.lang.ClassLoader.loadClass(ClassLoader.java:504)
... 14 more
Caused by: java.lang.NoClassDefFoundError: Class not found using the boot class loader; no stack trace available
2024-01-01 16:47:19.640 20840-20848 art com...sicbites.sdk23_droidmate_test I Debugger is no longer active
---------------------------- PROCESS ENDED (20840) for package com.forensicbites.sdk23_droidmate_test ----------------------------
2024-01-01 16:52:44.935 2836-2836 SDAgentPac...teReceiver system_server E Not going to handle 'com.forensicbites.sdk23_droidmate_test'!
2024-01-01 16:52:45.245 3466-3466 Launcher.Model com.sec.android.app.launcher E onPackageRemoved :com.forensicbites.sdk23_droidmate_test
2024-01-01 16:52:57.675 31456-31456 SPPClientService com.sec.spp.push E [PackageInfoChangeReceiver] [handlePkgRemovedEvent] PackageName : com.forensicbites.sdk23_droidmate_test