Return the correct value when it's vulnerable + add some logging

Author: Fuzion24

app/src/main/java/fuzion24/device/vulnerability/vulnerabilities/system/CVE20151528.java

@@ -1,6 +1,7 @@
 package fuzion24.device.vulnerability.vulnerabilities.system;
 
 import android.content.Context;
+import android.util.Log;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -13,6 +14,8 @@
  */
 public class CVE20151528 implements VulnerabilityTest {
 
+    private final static String TAG = "CVE-2015-1528";
+
     static {
         System.loadLibrary("cve20151528");
     }
@@ -33,6 +36,7 @@ public boolean isVulnerable(Context context) throws Exception {
         }else if(checkVal == 1) {
             return true;
         }else {
+            Log.d(TAG, "Got a return value of " + checkVal);
             //TODO: grab more information about failure, errno and error string
             throw new Exception("Error running test");
         }

app/src/main/jni/Android.mk

@@ -174,6 +174,7 @@ include $(CLEAR_VARS)
 
 LOCAL_MODULE    := cve20151528
 LOCAL_SRC_FILES := cve20151528.c
+LOCAL_LDFLAGS   := -llog
 LOCAL_C_INCLUDES := $(LOCAL_PATH)/include/
 
 include $(BUILD_SHARED_LIBRARY)
@@ -185,7 +186,7 @@ include $(CLEAR_VARS)
 LOCAL_MODULE    := cve20151528check
 LOCAL_SRC_FILES := cve20151528.c
 LOCAL_CFLAGS    := -fpie -pie
-LOCAL_LDFLAGS   := -pie
+LOCAL_LDFLAGS   := -pie -llog
 LOCAL_C_INCLUDES := $(LOCAL_PATH)/include/
 
 include $(BUILD_EXECUTABLE)

app/src/main/jni/cve20151528.c

@@ -9,6 +9,10 @@
 
 //#include <cutils/native_handle.h>
 
+#define LOG_TAG "CVE_2015_1528"
+#define LOG_D(...) do{ __android_log_print( ANDROID_LOG_DEBUG, LOG_TAG, __VA_ARGS__); printf( __VA_ARGS__ ); }while( 0 )
+
+
 int Check_CVE_2015_1528()
 {
     const char *libname = "libcutils.so";
@@ -25,10 +29,10 @@ int Check_CVE_2015_1528()
     if( !native_handle_create )
     {
         printf( "missing native_handle_create\n" );
-        return -1;
+        return -2;
     }
 
-    int ret = -1;
+    int ret = -3;
 
     int numFds = 1025;
     int numInts = 1;
@@ -47,15 +51,16 @@ int Check_CVE_2015_1528()
     case 12://android wear 5.0.2 LWX49K
         if( bla[1] != numFds || bla[2] != numInts )
         {
-            printf( "got back unexpected values\n" );
+            LOG_D( "got back unexpected values\n" );
         }
         else
         {
-            printf( "its vulnerable\n" );
+            LOG_D( "its vulnerable\n" );
+            return 1;
         }
         break;
     default:
-        printf( "failed.  version %d  %d %d\n", bla[0], bla[1], bla[2] );
+        LOG_D( "failed.  version %d  %d %d\n", bla[0], bla[1], bla[2] );
         break;
     }