-1

(if you came here by googling looking for a solution for this error,below links will give you an answer,also my question has kind of an explanation!)

Possible duplicate of

INSTALL_FAILED_DUPLICATE_PERMISSION… C2D_MESSAGE Error -505 INSTALL_FAILED_DUPLICATE_PERMISSION

Wait!

enter image description here

I got this error today in a live project.User came with the 505 error unable to install the app.Then i ran it on IDE!

  • If you download an app with this mentioned issue from play store you will get an error with 505 when you try to install.
  • If you try to run it using your IDE you will get the error like in above image! (correct me if I am wrong)

Then I was looking for reasons.

This was my issue!

   <permission
        android:name="in.wptrafficanalyzer.locationroutedirectionmapv2.permission.MAPS_RECEIVE"
        android:protectionLevel="signature" />
    <uses-permission android:name="in.wptrafficanalyzer.locationroutedirectionmapv2.permission.MAPS_RECEIVE" />

Surprise thing was another developer's app on a particular users phone used the same signature! Damn, those copy pastes met each other today!!

I think if I try to declare same permission in two applications with same package name this error can occur.(correct me if I am wrong)

Here are my 2 questions?

1.Do they need to be with the same permission? anyway they will get this thing when its same. lets say app A users a pkg.name with permission permission.RECEIVE app B use same package with another permission CONFIGURE_SIP.Can this occur when they meet each other?(seems like a stupid question but I want to confirm the other app that was there in the client's mobile had the same thing!)

2.What are/is there any other the possibilities that this error can occur?

  1. An application defines a custom permission using signature level security
  2. You attempt to update the installed app with a version signed with a different key
  3. The test device is running Android 21 or newer with support for multiple users

Got those 1 2 3 from this post ! Are they true? If yes any good explanation about them will be great or any additional reason for this error?

There are many good answers in the mentioned posts!Not asking how to fix this! But how it gets generated! Also if I mentioned/understood something wrong please do note it down!!

Thank you.

Edit : As I mentioned please note that the issue came form an app which is already in the Play Store. And about the other app I have no idea! It's there in the client's mobile.Probably its also from play store because even developer options was not activated till I try to run on that mobile.He did not had any previous apps from my company as well.He just tried to download the app got 505 error and came to fix it.

And also my first option was the removal of that permission an it made the app install successfully(not the right thing but to confirm where the issue was). That is the reason that I need to know the possibilities of this error!

Community
  • 1
  • 1
Charuක
  • 12,953
  • 5
  • 50
  • 88

2 Answers2

0

Your problem isn't permissions. It's impossible to have two apps with the same manifest package name.It must be unique. So system think that user try to reinstall/update old app with new signing certificate. From android developers blog

If the signing certificate changes, trying to install the new application on to the device will fail until the old version is uninstalled.

EDIT:

I run some tests with permissions. I think, behavior is very similar with application package name. Error occur only if 100% matching. Results: app A(package test.test) vs app B(package test.test2)

          package="test.test">

<permission
    android:name="test2.example.h"
    android:protectionLevel="signature" />

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
      package="test.test2">
<permission
    android:name="test.example.hr"
    android:protectionLevel="signature" />
  1. permission A - test.example.h vs B - test.example.h - DUPLICATE_PERMSSIONS error
  2. test.example vs test.example.h - success
  3. test.example.g vs test.example.h - success

uses-permission doesn't affect on errors/installations. But I think you can get SeciurityException in runtime, if try to use others permissions.

Charuක
  • 12,953
  • 5
  • 50
  • 88
Dmitrii Nechepurenko
  • 1,414
  • 1
  • 11
  • 13
  • manifest package names are not same.In that case play store wont even allow to publish an app! If they are same even at run-time android studio prompts the developer to uninstall the app when tings are messy! Also your answer does not address my questions 1 & 2 – Charuක Jan 31 '17 at 05:00
  • Thanks for answering! but of course my problem is **permissions with a package name not just package name** look at the topic..go through *C2D_MESSAGE Error -505* and in my question i was asking *If you download an app with this mentioned issue from play store you will get an error with 505 when you try to install.* .. read and answer!! – Charuක Jan 31 '17 at 05:13
0

@commonsware blogs has explain it in details in Custom Permission Vulnerability and the 'L' Developer Preview:

Near as I can tell, the “L” Developer Preview requires that all apps with a <permission> element for the same android:name value be signed by the same signing key. The actual protectionLevel or other values inside the <permission> does not matter. Even if they are identical, an app trying to define the <permission> will fail to install if an existing installed app already defines the <permission>. Specifically, the installation of the second app will fail with an INSTALL_FAILED_DUPLICATE_PERMISSION error.

Here the answer from @commonsware: https://stackoverflow.com/a/11730133/4758255

ישו אוהב אותך
  • 28,609
  • 11
  • 78
  • 96