Bug with cipher of SimpleCache on Android 4.3 #2755
Comments
|
I tried this on a Nexus 7 running Android 4.3 and the crash does not reproduce. I suspect you have more information about the affected devices, for example device model numbers, exact builds of Android 4.3, and possibly device fingerprints (which contain both of these together with additional useful information). Please can you provide this information, if you have it? Also, what % of user devices are you seeing this issue on? Are you sure it's not just happening on devices that have been unlocked and flashed with some random unofficial/broken Android build? |
|
very rare case. we have 76 affected users. it's much less than 1% of auditory maybe you are right that it's broken Android. especially cause 23% of affected devices are rooted |
|
I'm not convinced you can't drill down further into the devices. "samsung" isn't enough information to do anything useful with. Can you not get actual device models, build numbers etc? |
|
@ojw28 latest 300 crashes by devices sorry can't do more - don't see option to upload all info from crashlytics so had to do it manually crash-by-crash :( |
|
Heh, thanks for the info. Looking at the SCH-I535 and SM-N900S specifically, can you see what the exact Android OS build is on those devices, or the full device fingerprint (this is much more specific than just "4.3"). Thanks. |
|
Nope, sorry - crashlytics doesn't log such info. maybe I could add OS build number as custom key lately. but it will be only on next release (need few weeks) can only say that it is russian market so maybe there is some info from manufactorers about build number of OS on their devices by country |
|
@erdemguven - Unsure if there's anything actionable here at this point, but if there's anything obvious we can do, it might be worthwhile :). |
|
Using BouncyCastle provider for @NonNull
private Cipher createCipher() throws NoSuchPaddingException, NoSuchAlgorithmException {
if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN_MR2) {
// https://issuetracker.google.com/issues/36976726
// https://github.com/google/ExoPlayer/issues/2755
try {
return Cipher.getInstance("AES/CBC/PKCS5PADDING", "BC");
} catch (final NoSuchProviderException ignored) {
// ignored
} catch (final NoSuchPaddingException ignored) {
// ignored
} catch (final NoSuchAlgorithmException ignored) {
// ignored
}
}
return Cipher.getInstance("AES/CBC/PKCS5PADDING");
} |
|
That's a great find; thanks. @erdemguven - Let's merge an equivalent change? |
[] Issue: #2755 ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=169249093
|
This is fixed in |
[] Issue: #2755 ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=169249093
[] Issue: #2755 ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=169249093
Issue description
Crash on closing CipherStream that is using in SimpleCache (Android 4.3 only).
Where is a problem:
com/google/android/exoplayer2/upstream/cache/CachedContentIndex.java:90Google similar issue: https://issuetracker.google.com/issues/36976726
Possible cause: https://android-developers.googleblog.com/2013/12/changes-to-secretkeyfactory-api-in.html
Reproduction steps
Can't reproduce - just have some reports from Crashlytics
Link to test content
Can't test :(
Version of ExoPlayer being used
r2.3.1
Device(s) and version(s) of Android being used
Android 4.3 devices
A full bug report captured from the device
The text was updated successfully, but these errors were encountered: