use androguard primitives to speed up finding debuggable flag

androguard parses the whole APK before handing the instance back, this uses the primitives to just find the <application android:debuggable=""> value, then stop parsing. #557
2025-09-15 15:32:30 +03:00 · 2018-09-18 15:59:49 +02:00 · 2018-09-18 15:59:49 +02:00 · 11d46072ab
commit 11d46072ab
parent a3cecc16a3
2 changed files with 33 additions and 6 deletions
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@ -2073,11 +2073,25 @@ def is_apk_and_debuggable_aapt(apkfile):


 def is_apk_and_debuggable_androguard(apkfile):
-    apkobject = _get_androguard_APK(apkfile)
-    if apkobject.is_valid_APK():
-        debuggable = apkobject.get_element("application", "debuggable")
-        if debuggable == 'true':
-            return True
+    """Parse only <application android:debuggable=""> from the APK"""
+    from androguard.core.bytecodes.axml import AXMLParser, format_value, START_TAG
+    with ZipFile(apkfile) as apk:
+        with apk.open('AndroidManifest.xml') as manifest:
+            axml = AXMLParser(manifest.read())
+            while axml.is_valid():
+                _type = next(axml)
+                if _type == START_TAG and axml.getName() == 'application':
+                    for i in range(0, axml.getAttributeCount()):
+                        name = axml.getAttributeName(i)
+                        if name == 'debuggable':
+                            _type = axml.getAttributeValueType(i)
+                            _data = axml.getAttributeValueData(i)
+                            value = format_value(_type, _data, lambda _: axml.getAttributeValue(i))
+                            if value == 'true':
+                                return True
+                            else:
+                                return False
+                    break
    return False