Headline
CVE-2023-5321: Patched improper input validation vulnerability · Hamza417/Inure@57fda91
Missing Authorization in GitHub repository hamza417/inure prior to build94.
@@ -1,11 +1,13 @@ package app.simple.inure.activities.association
import android.annotation.SuppressLint import android.os.Bundle import android.util.Log import app.simple.inure.R import app.simple.inure.extensions.activities.BaseActivity import app.simple.inure.ui.association.Text import app.simple.inure.util.ConditionUtils.invert import app.simple.inure.util.NullSafety.isNotNull import app.simple.inure.util.NullSafety.isNull
class TextViewerActivity : BaseActivity() { Expand All @@ -14,8 +16,6 @@ class TextViewerActivity : BaseActivity() { super.onCreate(savedInstanceState) setContentView(R.layout.activity_main)
Log.d("TextViewerActivity", “onCreate: ${intent.data?.path}”)
if (savedInstanceState.isNull()) { if (hasAppPath().invert()) { supportFragmentManager.beginTransaction() Expand All @@ -27,7 +27,16 @@ class TextViewerActivity : BaseActivity() { } }
@SuppressLint(“SdCardPath”) private fun hasAppPath(): Boolean { return intent.data?.path?.contains(“data/data/$packageName”)!! if (intent.data.isNotNull()) { val appDataPath = “/data/data/$packageName/” val normalizedIntentPath = intent.data?.path?.replace("//+".toRegex(), “/”) // Normalize multiple slashes Log.d("TAG", “hasAppPath: $appDataPath”) Log.d("TAG", “hasAppPath: $normalizedIntentPath”) return normalizedIntentPath?.contains(appDataPath) == true }
return false } }