Merge pull request #81 from nowsecure/bug_fix/cve_misnomer

Fuzion24 · Fuzion24 · commit c24a423d6f8e · 2015-11-23T16:00:38.000-05:00
CVE-2015-1474 was misnamed as CVE-2014-1528
diff --git a/app/src/main/assets/vuln_map.json b/app/src/main/assets/vuln_map.json
@@ -52,6 +52,25 @@
     ],
     "cvedate": "09/30/2015"
   },
+  "CVE-2015-1474": {
+    "cve": "CVE-2015-1474",
+    "altnames": [
+    ],
+    "description": "Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial of service (memory corruption) via vectors that trigger a large number of (1) file descriptors or (2) integer values.",
+    "impact": "Local unprivileged app to system app escalation + accesible via the network",
+    "external_links": [
+          "http://seclists.org/fulldisclosure/2015/Mar/63",
+          "https://github.com/p1gl3t/CVE-2015-1474_poc",
+          "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1474",
+          "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1474"
+    ],
+    "cvssv2": 9.3,
+    "patch": [
+      "https://android.googlesource.com/platform/frameworks/native/+/e6f7a44e835d320593fa33052f35ea52948ff0b2",
+      "https://android.googlesource.com/platform/frameworks/native/+/796aaf7fb160fea12bddc8406d7f006ce811eb43"
+    ],
+    "cvedate": "09/30/2015"
+  },
   "JarBug13678484": {
     "cve": "JarBug13678484",
     "altnames": [
diff --git a/app/src/main/java/fuzion24/device/vulnerability/test/adapter/RecyclerAdapter.java b/app/src/main/java/fuzion24/device/vulnerability/test/adapter/RecyclerAdapter.java
@@ -31,11 +31,16 @@
 public class RecyclerAdapter extends RecyclerView.Adapter<RecyclerView.ViewHolder> {
 
     private static final String TAG = "RecycleAdapter";
-    final private List<Pair<VulnerabilityTestResult, VulnerabilityDescriptor>> mResults;
+    private List<Pair<VulnerabilityTestResult, VulnerabilityDescriptor>> mResults;
     private Context mContext;
 
     public RecyclerAdapter(Context context, List<VulnerabilityTestResult> itemList) {
         this.mContext = context;
+        this.mResults = buildResultDescriptionMap(context, itemList);
+    }
+
+
+    private static List<Pair<VulnerabilityTestResult, VulnerabilityDescriptor>> buildResultDescriptionMap(Context context, List<VulnerabilityTestResult> itemList){
         List<Pair<VulnerabilityTestResult, VulnerabilityDescriptor>> res = new ArrayList<>();
 
         try {
@@ -61,7 +66,14 @@ public int compare(Pair<VulnerabilityTestResult, VulnerabilityDescriptor> lhs, P
         }catch(Exception e){
             e.printStackTrace();
         }
-        mResults = res;
+        return res;
+
+    }
+
+
+    public void updateResults(List<VulnerabilityTestResult> itemList){
+        mResults = buildResultDescriptionMap(mContext, itemList);
+        notifyDataSetChanged();
     }
 
     @Override
diff --git a/app/src/main/java/fuzion24/device/vulnerability/test/ui/MainActivity.java b/app/src/main/java/fuzion24/device/vulnerability/test/ui/MainActivity.java
@@ -125,7 +125,7 @@ public boolean onOptionsItemSelected(MenuItem item) {
         switch (itemId) {
             case R.id.menu_export_results:
             case R.id.menu_share_results:
-                if (testResults == null) {
+                if (testResults == null || testResults.isEmpty()) {
                     Snackbar.make(coordinatorLayout, R.string.run_tests, Snackbar.LENGTH_LONG).setAction(R.string.start, new View.OnClickListener() {
                         @Override
                         public void onClick(View v) {
@@ -206,7 +206,6 @@ private JSONObject serializeResults(List<VulnerabilityTestResult> results, Devic
         return combinedResults;
     }
 
-
     private void runTestsSuit() {
         new VulnerabilityTestRunner(MainActivity.this, true, new ResultsCallback() {
             @Override
@@ -217,7 +216,7 @@ public void finished(final List<VulnerabilityTestResult> results) {
                 testResults.addAll(results);
 
                 emptyView.setVisibility(View.GONE);
-                recyclerAdapter.notifyDataSetChanged();
+                recyclerAdapter.updateResults(results);
             }
         }).execute();
     }
diff --git a/app/src/main/java/fuzion24/device/vulnerability/util/DeviceInfo.java b/app/src/main/java/fuzion24/device/vulnerability/util/DeviceInfo.java
@@ -61,7 +61,6 @@ private DeviceInfo(String kVer,
     }
 
     public static DeviceInfo getDeviceInfo() {
-
         String kVer               = readKernelVersion();
         String bManufac           = Build.MANUFACTURER;
         String bBrand             = Build.BRAND;
diff --git a/app/src/main/java/fuzion24/device/vulnerability/vulnerabilities/framework/graphics/GraphicBufferTest.java b/app/src/main/java/fuzion24/device/vulnerability/vulnerabilities/framework/graphics/GraphicBufferTest.java
@@ -39,7 +39,7 @@ public int getIntCode(){
 
     @Override
     public String getCVEorID() {
-        return "CVE-2015-1528";
+        return "CVE-2015-1474";
     }
 
     @Override
@@ -57,7 +57,6 @@ public List<CPUArch> getSupportedArchitectures() {
     public boolean isVulnerable(Context context) throws Exception {
         int checkVal;
 
-
         if(Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT && Build.VERSION.SDK_INT < Build.VERSION_CODES.M) {
             Log.d(TAG, "Running with KK and Lollipop types");
             checkVal = checkGraphicsBuffer(AndroidVersions.KITKAT_AND_LOLLIPOP.getIntCode());

Original file line number	Diff line number	Diff line change
`@@ -61,7 +61,6 @@ private DeviceInfo(String kVer,`
`61`	`61`	`}`
`62`	`62`
`63`	`63`	`public static DeviceInfo getDeviceInfo() {`
`64`		`-`
`65`	`64`	`String kVer = readKernelVersion();`
`66`	`65`	`String bManufac = Build.MANUFACTURER;`
`67`	`66`	`String bBrand = Build.BRAND;`