Dump all of the stagefright media files into a zip and extract the zi…

…p asset to a local dir

app/src/main/java/fuzion24/device/vulnerability/vulnerabilities/framework/media/StageFright.java

@@ -16,6 +16,7 @@
 import fuzion24.device.vulnerability.vulnerabilities.helper.TestResult;
 
 import static fuzion24.device.vulnerability.vulnerabilities.helper.BinaryAssets.extractAsset;
+import static fuzion24.device.vulnerability.vulnerabilities.helper.BinaryAssets.extractZipAsset;
 import static fuzion24.device.vulnerability.vulnerabilities.helper.CrashCheck.execute;
 
 /**
@@ -39,9 +40,13 @@ public static List<VulnerabilityTest> getTests(Context context) {
         try {
             File dataDir = context.getFilesDir();
 
-            AssetManager assetManager = context.getAssets();
-            final String stageFrightAssetPath = "stagefright/stagefright_media_files";
-            String[] stagefrightMediaFiles = assetManager.list(stageFrightAssetPath);
+
+            final String stageFrightAssetPath = "stagefright/stagefright_media_files.zip";
+            final String extractionDir = dataDir.getAbsolutePath() + File.separator + "stagefright_media" + File.separator;
+
+            extractZipAsset(context, stageFrightAssetPath, extractionDir);
+
+            File stagefrightMediaFilesFolder = new File(extractionDir);
 
             List<VulnerabilityTest> tests = new ArrayList<VulnerabilityTest>();
 
@@ -50,18 +55,14 @@ public static List<VulnerabilityTest> getTests(Context context) {
                     extractedBinaryTester);
             exec("chmod 700 " + extractedBinaryTester);
 
-            for (final String mediaFile : stagefrightMediaFiles) {
-
-                final String extractedAssetPath = dataDir.getAbsolutePath() + File.separator + mediaFile;
-
-                extractAsset(context,
-                        stageFrightAssetPath + File.separator + mediaFile,
-                        extractedAssetPath);
+            Log.d(TAG, "Is directory: "  + stagefrightMediaFilesFolder.isDirectory());
+            File[] mediaFiles = stagefrightMediaFilesFolder.listFiles();
 
+            for (final File mediaFile : stagefrightMediaFilesFolder.listFiles()) {
                 tests.add(new VulnerabilityTest() {
                     @Override
                     public String getCVEorID() {
-                        return FilenameUtils.removeExtension(mediaFile);
+                        return FilenameUtils.removeExtension(mediaFile.getName());
                     }
 
                     @Override
@@ -75,7 +76,7 @@ public List<CPUArch> getSupportedArchitectures() {
 
                     @Override
                     public boolean isVulnerable(Context context) throws Exception {
-                        TestResult result = execute(context, 5, extractedBinaryTester, extractedAssetPath);
+                        TestResult result = execute(context, 5, extractedBinaryTester, mediaFile.getAbsolutePath());
                         Log.d(TAG, "Test result: " + result.toString());
                         if (result.isOk()) {
                             return false;

app/src/main/java/fuzion24/device/vulnerability/vulnerabilities/helper/BinaryAssets.java

@@ -10,6 +10,8 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
+import java.util.zip.ZipEntry;
+import java.util.zip.ZipInputStream;
 
 public class BinaryAssets {
 
@@ -23,7 +25,7 @@ public static String extractAsset(Context ctx, String name) throws IOException {
         AssetManager assetManager = ctx.getAssets();
         InputStream asset = assetManager.open(name);
         ByteArrayOutputStream fos = new ByteArrayOutputStream();
-        copy(asset,fos);
+        copy(asset, fos);
         return fos.toString();
     }
 
@@ -36,6 +38,7 @@ public static void extractAsset(Context ctx, String name, String destination, bo
                 f.delete();
             }
         }
+
         catch(Exception e) {e.printStackTrace();}
 
         AssetManager assetManager = ctx.getAssets();
@@ -44,6 +47,40 @@ public static void extractAsset(Context ctx, String name, String destination, bo
         copy(asset,fos);
     }
 
+    public static void extractZipAsset(Context ctx, String zipAsset, String destination) throws IOException {
+        AssetManager assetManager = ctx.getAssets();
+        InputStream asset = assetManager.open(zipAsset);
+        ZipInputStream zis = new ZipInputStream(asset);
+
+        File extractionDir = new File(destination);
+
+        boolean directionCreationSucceeded = extractionDir.mkdirs();
+
+        ZipEntry ze = null;
+        byte[] buffer = new byte[8192];
+        while ((ze = zis.getNextEntry()) != null) {
+
+            if(ze.isDirectory()){
+                continue;
+            }
+
+            //Strip everything from the last '/'
+            String zeName = ze.getName();
+            String fileName = zeName;
+            if(zeName.lastIndexOf('/') != -1){
+                fileName = zeName.substring(zeName.lastIndexOf('/'), zeName.length());
+            }
+
+            String fileExtractionPath = destination + fileName;
+            FileOutputStream fos = new FileOutputStream(fileExtractionPath);
+            int len;
+            while ((len = zis.read(buffer)) != -1) {
+                fos.write(buffer, 0, len);
+            }
+            fos.close();
+        }
+    }
+
     private static final int BUFFER_SIZE = 2 * 1024 * 1024;
     public static void copy(InputStream input, OutputStream output) throws IOException {
         try {