From 10aa517f3a26dd9e4f96f78e62ba1c87e91c7243 Mon Sep 17 00:00:00 2001
From: Cyrille Bagard <nocbos@gmail.com>
Date: Sun, 3 Feb 2019 15:15:15 +0100
Subject: Extracted content from APK files more carefully.

---
 plugins/python/apkfiles/apkfiles.py | 44 ++++++++++++++++++++++++++++++++-----
 1 file changed, 38 insertions(+), 6 deletions(-)

diff --git a/plugins/python/apkfiles/apkfiles.py b/plugins/python/apkfiles/apkfiles.py
index fea9c07..47dfac4 100644
--- a/plugins/python/apkfiles/apkfiles.py
+++ b/plugins/python/apkfiles/apkfiles.py
@@ -38,18 +38,50 @@ class ApkFiles(PluginModule):
 
         if zipfile.is_zipfile(pseudo_file):
 
-            zf = zipfile.ZipFile(pseudo_file)
-
-            if zf.namelist().count('classes.dex') > 0 \
+            # Handle bad ZIP files such as:
+            # c9ad0ec284fd988b294b28cb577bc0a28b1f7d129a14f2228f6548c6f7ed3d55
+
+            # Traceback (most recent call last):
+            #  File "... plugins/python/apkfiles/apkfiles.py", line 41, in handle_binary_content
+            #    zf = zipfile.ZipFile(pseudo_file)
+            #  File "/usr/lib/python3.5/zipfile.py", line 1026, in __init__
+            #    self._RealGetContents()
+            #  File "/usr/lib/python3.5/zipfile.py", line 1114, in _RealGetContents
+            #    fp.seek(self.start_dir, 0)
+            # ValueError: negative seek value -104578300
+
+            try:
+                zf = zipfile.ZipFile(pseudo_file)
+            except:
+                zf = None
+
+            if not(zf is None) \
+               and zf.namelist().count('classes.dex') > 0 \
                and zf.namelist().count('AndroidManifest.xml') > 0:
 
                 explorer = core.get_content_explorer()
 
                 for name in zf.namelist():
 
-                    f = zf.open(name, 'r')
-                    data = f.read()
-                    f.close()
+                    # Handle bad ZIP files such as:
+                    # 6e432c34d88e65fcd5967cc7cd2f0f4922dfc17ecc6e7acdfe0b1baf94c0851b
+
+                    # Traceback (most recent call last):
+                    #  File "... plugins/python/apkfiles/apkfiles.py", line 64, in handle_binary_content
+                    #    f = zf.open(name, 'r')
+                    #  File "/usr/lib/python3.5/zipfile.py", line 1268, in open
+                    #    raise BadZipFile("Bad magic number for file header")
+                    # zipfile.BadZipFile: Bad magic number for file header
+
+                    try:
+                        with zf.open(name, 'r') as f:
+                            data = f.read()
+                    except:
+                        data = ''
+
+                    # Skip directories and empty entries
+                    if len(data) == 0:
+                        continue
 
                     mem_content = MemoryContent(data)
                     encaps_content = EncapsulatedContent(content, name, mem_content)
-- 
cgit v0.11.2-87-g4458