Skip to content

Instantly share code, notes, and snippets.

View jduck's full-sized avatar
🏠
Working from home

Joshua J. Drake jduck

🏠
Working from home
View GitHub Profile
@jduck
jduck / nexus-ota-updates-2016-05-01.md
Last active September 18, 2016 09:32
May 2016 Nexus OTA Updates - Security Level 2016-05-01
angler/mda89d/uname.txt:Linux 3.10.73-g9b6596d
angler/mdb08k/uname.txt:Linux 3.10.73-gcf36678
angler/mdb08l/uname.txt:Linux 3.10.73-gcf36678
angler/mdb08m/uname.txt:Linux 3.10.73-gcf36678
angler/mhc19i/uname.txt:Linux 3.10.73-g3b5cc28
angler/mhc19q/uname.txt:Linux 3.10.73-g8c0675f
angler/mmb29m/uname.txt:Linux 3.10.73-g9741316
angler/mmb29n/uname.txt:Linux 3.10.73-g9741316
angler/mmb29p/uname.txt:Linux 3.10.73-g9741316
angler/mmb29q/uname.txt:Linux 3.10.73-gda330d0
diff --git a/adb/commandline.cpp b/adb/commandline.cpp
index a856672..a524df6 100644
--- a/adb/commandline.cpp
+++ b/adb/commandline.cpp
@@ -605,11 +605,17 @@ static std::string ShellServiceString(bool use_shell_protocol,
args.push_back(type_arg);
}
+ const char *cmd;
+ if (command.empty())
@jduck
jduck / nexus-ota-updates-2016-04-04.md
Last active June 5, 2016 00:46
April 2016 Nexus OTA Updates - Security Level 2016-04-02
@jduck
jduck / nexus-ota-updates-2016-03-07.md
Last active June 1, 2016 21:01
March 2016 Nexus OTA Updates - Security Level 2016-03-01
@jduck
jduck / nexus-ota-updates-2016-02-01.md
Last active September 28, 2023 12:26
February 2016 Nexus OTA Updates - Security Level 2016-02-01

LICENSE/DISCLAIMER - This information is provided as is and without warranty. Permission to repost this information is granted so long as it is properly attributed to "droidsec.org" and/or "jduck". Thank you for your consideration.

Pixel C MXB48T from MXB48J
Pixel C MXB48T from MXB48K
Nexus 6P MMB29Q from MMB29P
Nexus 5X MMB29Q from MMB29P
Nexus 6 MMB29Q from MMB29S
Nexus

@jduck
jduck / nexus-ota-updates-2016-01-01.md
Last active September 28, 2023 12:26
January 2016 Nexus OTA Updates - Security Level 2016-01-01
@jduck
jduck / superuser_findings.txt
Last active December 16, 2015 00:40
Superuser 4.3 Audit Findings
Background
==========
In order to deal with the changes in Android 4.3, Koush modified his Superuser
application to use a daemon similar to Chainfire's SuperSU. In addition to being
part of the CyanogenMod Android distribution, Superuser is also available as an
App for other modern Android devices.
The Superuser daemon exposes a UNIX socket in /dev as:
/dev/com.koushikdutta.superuser.daemon/server
From cfd6ecdccd84f7a6da447f2873130038c0fddeee Mon Sep 17 00:00:00 2001
From: "Joshua J. Drake" <github.jdrake@qoop.org>
Date: Tue, 27 Oct 2015 12:50:12 -0500
Subject: [PATCH] Enable KGDB support for hammerhead
1. Add RETRY support per kgdb-android repo
2. Implement poll support for ttyHSL driver
3. Add modified kernel config for KGDB
---
arch/arm/configs/hammerhead_kgdb_defconfig | 614 +++++++++++++++++++++++++++++
From bb08d535f724f35849627f4a9f9f03f9143af2f0 Mon Sep 17 00:00:00 2001
From: "Joshua J. Drake" <android-open-source@qoop.org>
Date: Sat, 15 Aug 2015 08:01:58 -0500
Subject: [PATCH] Prevent multiple memory corruption issues
Bounds checking within the ID3::removeUnsynchronizedV2_4 function was
erroneous. Several cases resulted in integer underflow or overflow. Prevent
these issues by ensuring key values are correct.
Change-Id: I83e6fcca905e901929aee528bf000f22de70f197