Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p><code>System.loadLibrary</code> is a high-level method designed for ease of use: as far as I know, it searches through the <code>lib</code> folder of your app (on the Android filesystem), which corresponds to the <code>libs</code> folder of your Eclipse project.</p> <p>This means that, in order to mess up with your app by loading the wrong library using <code>System.loadLibrary</code>, the attacker would have to be able to either override your own libs in this <code>lib</code> folder, or to add a library with the same name in this <code>lib</code> folder in some way. I have absolutely no idea if that is possible (I hope and guess not!), but assuming it is, this means that the <code>lib</code> folder can't be considered safe.</p> <p>This implies that in order to protect your app against such an attack, you'll want to put your library files somewhere else, and thus that you have your own logic for writing the library files on disk, somewhere. In such a case, somewhere in this logic, you have your hand on the absolute path of your libs.</p> <p>Having the path to your libs, you can add your library using <a href="http://developer.android.com/reference/java/lang/System.html#load%28java.lang.String%29" rel="nofollow"><code>System.load</code></a> which takes the full path to the library to load as argument.</p> <p>In short, 2 options:</p> <ul> <li>either the <code>lib</code> folder is attackable, you can't put your libraries there, so you have your own logic for storing them and you can load them using <code>System.load</code></li> <li>or the <code>lib</code> folder is indeed safe, and then there is no risk of attack on it: you can use the more standard <code>System.loadLibrary</code>.</li> </ul> <p>Hope this helps!</p>
    singulars
    1. This table or related slice is empty.
    1. POHow to load native library securely in Android?
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USmbrenon
    1. USmbrenon
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COhow can we specify the full path for an NDK library in such a way that this path is valid for every Android version/device?
      singulars
      1. PO
      1. USCosti Muraru
    2. COEdited my answer for more details.
      singulars
      1. PO
      1. USmbrenon
    3. CONot exactly - I suspect that System.loadLibrary() will search some system directories in addition to the app's lib folder. However, anyone who can attack these can presumably attack the lib folder as well (or else the app is being run on a severely broken device which has writable system directories). You are unlikely to find a location any safer than your own app's lib folder, especially as that folder is not even writable by your app, wheras anywhere else you could put it would have to be.
      singulars
      1. PO
      1. USChris Stratton
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload