implement CVE-2015-3860 test and add licenses activity

app/src/main/AndroidManifest.xml

@@ -11,40 +11,43 @@
         android:icon="@drawable/ic_launcher"
         android:label="@string/app_name"
         android:theme="@style/AppTheme" >
-
         <activity
             android:name="fuzion24.device.vulnerability.test.ui.SplashScreenActivity"
             android:configChanges="orientation|screenSize|keyboardHidden"
-            android:launchMode="singleTask"
-            android:label="@string/app_name" >
+            android:label="@string/app_name"
+            android:launchMode="singleTask" >
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
 
                 <category android:name="android.intent.category.LAUNCHER" />
             </intent-filter>
         </activity>
+        <activity android:name="fuzion24.device.vulnerability.test.ui.MainActivity" />
+        <activity android:name="fuzion24.device.vulnerability.test.ui.AppIntroActivity" />
 
-        <activity android:name="fuzion24.device.vulnerability.test.ui.MainActivity"/>
-        <activity android:name="fuzion24.device.vulnerability.test.ui.AppIntroActivity"/>
-
-        <receiver android:name="fuzion24.device.vulnerability.broadcastreceiver.ApplicationUpdateBroadcastReceiver">
+        <receiver android:name="fuzion24.device.vulnerability.broadcastreceiver.ApplicationUpdateBroadcastReceiver" >
             <intent-filter>
-                <action android:name="android.intent.action.PACKAGE_REPLACED"/>
-                <data android:scheme="package"  />
-            </intent-filter>
+                <action android:name="android.intent.action.PACKAGE_REPLACED" />
 
+                <data android:scheme="package" />
+            </intent-filter>
             <intent-filter>
-                <action android:name="android.intent.action.PACKAGE_ADDED"/>
-                <data android:scheme="package"  />
+                <action android:name="android.intent.action.PACKAGE_ADDED" />
+
+                <data android:scheme="package" />
             </intent-filter>
         </receiver>
-
-        <receiver android:name="fuzion24.device.vulnerability.broadcastreceiver.ScanRunnerBroadcastReceiver">
+        <receiver android:name="fuzion24.device.vulnerability.broadcastreceiver.ScanRunnerBroadcastReceiver" >
             <intent-filter>
-                <action android:name="com.android.vts.RUN_SCAN"/>
+                <action android:name="com.android.vts.RUN_SCAN" />
             </intent-filter>
         </receiver>
 
+        <activity
+            android:name="fuzion24.device.vulnerability.test.ui.OpenSourceLicencesActivity"
+            android:label="@string/title_activity_open_source_licences"
+            android:theme="@style/AppTheme" >
+        </activity>
     </application>
 
 </manifest>

app/src/main/assets/vuln_map.json

@@ -531,5 +531,21 @@
              "https://android.googlesource.com/platform%2Fexternal%2Flibavc/+/2ee0c1bced131ffb06d1b430b08a202cd3a52005"
     ],
     "cvedate": "10/12/2015"
+  },
+  "CVE-2015-3860": {
+    "cve": "CVE-2015-3860",
+    "altnames": [
+      "ANDROID-22214934"
+    ],
+    "description": "Elevation of Privilege Vulnerability in Lockscreen",
+    "impact": "An elevation of privilege vulnerability in Lockscreen could allow a malicious user to bypass the lockscreen by causing it to crash. This issue is classified as a vulnerability only on Android 5.0 and 5.1. While it's possible to cause the System UI to crash from the lockscreen in a similar way on 4.4, the home screen cannot be accessed and the device must be rebooted to recover.    This issue is rated as a Moderate severity because it potentially allows someone with physical access to a device to install third-party apps without the device's owner approving the permissions. It can also allow the attacker to view contact data, phone logs, SMS messages, and other data that is normally protected with a \"dangerous\" level permission.",
+    "external_links": [
+      "https://source.android.com/security/bulletin/2015-09-01.html"
+    ],
+    "cvssv2": 7.2,
+    "patch": [
+      "https://android.googlesource.com/platform/frameworks/base/+/8fba7e6931245a17215e0e740e78b45f6b66d590"
+    ],
+    "cvedate": "09/30/2015"
   }
 }

app/src/main/java/fr/xgouchet/axml/Attribute.java

@@ -0,0 +1,84 @@
+/*
+* Copyright (C) 2012 by Xavier GOUCHET (http://xgouchet.fr, [email protected]) MIT Licence / Expat
+*
+* Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
+* associated documentation files (the "Software"), to deal in the Software without restriction,
+* including without limitation the rights to use, copy, modify, merge, publish, distribute,
+* sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is
+* furnished to do so, subject to the following conditions:
+*
+* The above copyright notice and this permission notice shall be included in all copies or
+* substantial portions of the Software.
+*
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT
+* NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS ( XAVIER GOUCHET ) BE LIABLE FOR ANY CLAIM, DAMAGES
+* OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
+* IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+package fr.xgouchet.axml;
+
+public class Attribute {
+
+	/**
+	 * @return the name
+	 */
+	public String getName() {
+		return mName;
+	}
+
+	/**
+	 * @return the prefix
+	 */
+	public String getPrefix() {
+		return mPrefix;
+	}
+
+	/**
+	 * @return the namespace
+	 */
+	public String getNamespace() {
+		return mNamespace;
+	}
+
+	/**
+	 * @return the value
+	 */
+	public String getValue() {
+		return mValue;
+	}
+
+	/**
+	 * @param name
+	 *            the name to set
+	 */
+	public void setName(final String name) {
+		mName = name;
+	}
+
+	/**
+	 * @param prefix
+	 *            the prefix to set
+	 */
+	public void setPrefix(final String prefix) {
+		mPrefix = prefix;
+	}
+
+	/**
+	 * @param namespace
+	 *            the namespace to set
+	 */
+	public void setNamespace(final String namespace) {
+		mNamespace = namespace;
+	}
+
+	/**
+	 * @param value
+	 *            the value to set
+	 */
+	public void setValue(final String value) {
+		mValue = value;
+	}
+
+	private String mName, mPrefix, mNamespace, mValue;
+}

app/src/main/java/fr/xgouchet/axml/CompressedXmlDomListener.java

@@ -0,0 +1,110 @@
+/*
+* Copyright (C) 2012 by Xavier GOUCHET (http://xgouchet.fr, [email protected]) MIT Licence / Expat
+*
+* Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
+* associated documentation files (the "Software"), to deal in the Software without restriction,
+* including without limitation the rights to use, copy, modify, merge, publish, distribute,
+* sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is
+* furnished to do so, subject to the following conditions:
+*
+* The above copyright notice and this permission notice shall be included in all copies or
+* substantial portions of the Software.
+*
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT
+* NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS ( XAVIER GOUCHET ) BE LIABLE FOR ANY CLAIM, DAMAGES
+* OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
+* IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+package fr.xgouchet.axml;
+
+import android.text.TextUtils;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+import java.util.Stack;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+public class CompressedXmlDomListener implements CompressedXmlParserListener {
+
+	/**
+	 * @throws ParserConfigurationException
+	 *             if a DocumentBuilder can't be created
+	 */
+	public CompressedXmlDomListener() throws ParserConfigurationException {
+		mBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
+		mStack = new Stack<Node>();
+	}
+
+	public void startDocument() {
+		mDocument = mBuilder.newDocument();
+		mStack.push(mDocument);
+	}
+
+	public void endDocument() {
+	}
+
+	public void startPrefixMapping(String prefix, String uri) {
+	}
+
+	public void endPrefixMapping(String prefix, String uri) {
+	}
+
+	public void startElement(final String uri, final String localName,
+			final String qName, final Attribute[] attrs) {
+		Element elt;
+
+		// create elt
+		if (TextUtils.isEmpty(uri)) {
+			elt = mDocument.createElement(localName);
+		} else {
+			elt = mDocument.createElementNS(uri, qName);
+		}
+
+		// add attrs
+		for (Attribute attr : attrs) {
+			if (TextUtils.isEmpty(attr.getNamespace())) {
+				elt.setAttribute(attr.getName(), attr.getValue());
+			} else {
+				elt.setAttributeNS(attr.getNamespace(), attr.getPrefix() + ':'
+						+ attr.getName(), attr.getValue());
+			}
+		}
+
+		// handle stack
+		mStack.peek().appendChild(elt);
+		mStack.push(elt);
+	}
+
+	public void endElement(String uri, String localName, String qName) {
+		mStack.pop();
+	}
+
+	public void characterData(String data) {
+		mStack.peek().appendChild(mDocument.createCDATASection(data));
+	}
+
+	public void text(String data) {
+		mStack.peek().appendChild(mDocument.createTextNode(data));
+	}
+
+	public void processingInstruction(String target, String data) {
+	}
+
+	/**
+	 * 
+	 */
+	public Document getDocument() {
+		return mDocument;
+	}
+
+	private Stack<Node> mStack;
+	private Document mDocument;
+	private final DocumentBuilder mBuilder;
+}