8

I just created a PreferenceActivity using AndroidStudio wizard, running it threw a weird exception :

java.lang.RuntimeException: Subclasses of PreferenceActivity must override isValidFragment(String) to verify that the Fragment class is valid!

i saw suggested solutions here but i was wondering why would i have to check if my fragment classes are valid, as i dont even fully understand whats the definition of "valid", so i decided to ask the community:

a PreferenceActivity has isValidFragment(String fragmentName) method that for some reason must be overriden, why? how could a fragment class not be valid? and what could go wrong with such an override :

    @Override
    protected boolean isValidFragment(String fragmentName)
    {
        return true;
    }
Community
  • 1
  • 1
Ofek Ron
  • 8,354
  • 13
  • 55
  • 103
  • https://securityintelligence.com/wp-content/uploads/2013/12/android-collapses-into-fragments.pdf – Sree Sep 25 '15 at 11:01

3 Answers3

2

Why?

PreferenceActivity had its security compromised and isValidFragment(String name) was provided as a response.

More specifically, from the vulnerability disclosure:

Any app which implements and exports an activity that extends a PreferenceActivity class can be subverted to load an arbitrary class by exploiting the dynamic fragment loading process.

The security issue meant that a rogue application could instantiate your PreferenceFragments and they would get their extras from the actual parent, leaking data.

As a patch, isValidFragment(String name) was created so you are forced to either provide a whitelist of "safe" fragments or if you return always true, acknowledge the risk of your application being compromised.

It is only needed starting KitKat because is when the patch was introduced.

How could a fragment class not be valid?

Having a name alien to your app.

What could go wrong?

Somebody could attack your app through the method described in this pdf linked by @Sree in the comments.

Guillermo Orellana Ruiz
  • 734
  • 8
  • 19
0

I think it is a quite new class that may not be supported by old sdk version.

As google document says:

The default implementation returns true for apps built for android:targetSdkVersion older than KITKAT. For later versions, it will throw an exception.

But I am not quite sure if there any other cases also cause throw.

frogatto
  • 28,539
  • 11
  • 83
  • 129
CbL
  • 734
  • 5
  • 22
0

From developer.android.com:

Subclasses should override this method and verify that the given fragment is a valid type to be attached to this activity. The default implementation returns true for apps built for android:targetSdkVersion older than KITKAT. For later versions, it will throw an exception.

Basically on TargetSDK <= KITKAT, you should make sure the fragment name isValidFragment passes is a correct one.

frogatto
  • 28,539
  • 11
  • 83
  • 129
loGi
  • 131
  • 5