使用原生代码
使用集合让一切井井有条
根据您的偏好保存内容并对其进行分类。
OWASP 类别:MASVS-CODE:代码质量
概览
Android 应用可以利用使用 C 和 C++ 等语言编写的原生代码来实现特定功能。不过,当应用使用 Java 原生接口 (JNI) 与此原生代码交互时,可能会暴露自身的漏洞,例如缓冲区溢出和原生代码实现中可能存在的其他问题。
影响
尽管在 Android 应用中使用原生代码有许多积极影响(例如性能优化和混淆),但也可能会对安全性产生负面影响。C/C++ 等原生代码语言缺少 Java/Kotlin 的内存安全功能,因此容易受到缓冲区溢出、释放后使用错误和其他内存损坏问题等漏洞的影响,从而导致崩溃或任意代码执行。此外,如果原生代码组件存在漏洞,则可能会危及整个应用,即使其余部分均以 Java 安全编写也是如此。
缓解措施
开发和编码指南
- 安全编码准则:对于 C/C++ 项目,请遵循已建立的安全编码标准(例如 CERT、OWASP 等)来减少缓冲区溢出、整数溢出和格式字符串攻击等漏洞。优先考虑以质量和安全性而闻名的 Abseil 等库。请尽可能考虑采用 Rust 等内存安全型语言,它们的性能与 C/C++ 相当。
- 输入验证:严格验证从外部来源收到的所有输入数据,包括用户输入、网络数据和文件,以防止注入攻击和其他漏洞。
强化编译选项
通过激活堆栈保护 (Canary)、重定位只读 (RELRO)、数据执行防护 (NX) 和位置无关可执行文件 (PIE) 等保护机制,可以利用 ELF 格式的原生库针对各种漏洞进行安全强化。为方便起见,Android NDK 编译选项已默认启用所有这些保护。
如需验证这些安全机制在二进制文件中的实现情况,您可以使用 hardening-check
或 pwntools
等工具。
Bash
$ pwn checksec --file path/to/libnativecode.so
Arch: aarch64-64-little
RELRO: Full RELRO
Stack: Canary found
NX: NX enabled
PIE: PIE enabled
验证第三方库是否存在漏洞
选择第三方库时,应优先使用在开发者社区中拥有良好声誉的库。Google Play SDK 索引等资源可帮助您找到广受好评且值得信赖的库。确保将库更新到最新版本,并使用 Exploit-DB 中的数据库等资源主动搜索与这些库相关的任何已知漏洞。使用 [library_name] vulnerability
或 [library_name] CVE
等关键字进行网络搜索可能会泄露重要的安全信息。
资源
本页面上的内容和代码示例受内容许可部分所述许可的限制。Java 和 OpenJDK 是 Oracle 和/或其关联公司的注册商标。
最后更新时间 (UTC):2025-07-26。
[null,null,["最后更新时间 (UTC):2025-07-26。"],[],[],null,["# Use of native code\n\n\u003cbr /\u003e\n\n**OWASP category:** [MASVS-CODE: Code Quality](https://mas.owasp.org/MASVS/10-MASVS-CODE)\n\nOverview\n--------\n\nAndroid applications can take advantage of native code written in languages like\nC and C++ for specific functionalities. However, when an application utilizes\nthe Java Native Interface (JNI) to interact with this native code, it\npotentially exposes itself to vulnerabilities like buffer overflows and other\nissues that may be present in the native code implementation.\n\nImpact\n------\n\nDespite very positive impacts such as performance optimization and obfuscation,\nutilizing native code in Android applications can have negative security\nimpacts. Native code languages like C/C++ lack the memory safety features of\nJava/Kotlin, making them susceptible to vulnerabilities like buffer overflows,\nuse-after-free errors, and other memory corruption issues -- leading to crashes\nor arbitrary code execution. Additionally, if a vulnerability exists in the\nnative code component, it can potentially compromise the entire application,\neven if the rest is written securely in Java.\n\nMitigations\n-----------\n\n### Development and coding guidance\n\n- **Secure Coding Guidelines**: For C/C++ projects, adhere to established secure coding standards (e.g., CERT, OWASP) to mitigate vulnerabilities like buffer overflows, integer overflows, and format string attacks. Prioritize libraries like Abseil known for quality and security. Whenever possible, consider adopting memory-safe languages like Rust, which offer performance comparable to C/C++.\n- **Input Validation**: Rigorously validate all input data received from external sources, including user input, network data, and files, to prevent injection attacks and other vulnerabilities.\n\n### Harden the compilation options\n\nNative libraries utilizing the ELF format can be hardened against a range of\nvulnerabilities by activating protective mechanisms like stack protection\n(Canary), relocation read-only (RELRO), data execution prevention (NX), and\nposition-independent executables (PIE). Conveniently, the Android NDK\ncompilation options already enable all these protections by default.\n\nTo verify the implementation of these security mechanisms within a binary, you\ncan employ tools like `hardening-check` or `pwntools`. \n\n### Bash\n\n $ pwn checksec --file path/to/libnativecode.so\n Arch: aarch64-64-little\n RELRO: Full RELRO\n Stack: Canary found\n NX: NX enabled\n PIE: PIE enabled\n\n### Verify third-party libraries are not vulnerable\n\nWhen choosing third-party libraries, prioritize using those with a solid\nreputation in the development community. Resources like the [Google Play SDK\nIndex](https://play.google.com/sdks) can help you identify well-regarded and trustworthy libraries. Ensure\nyou keep the libraries updated to the latest versions and proactively search for\nany known vulnerabilities related to them using resources like the databases\nfrom [Exploit-DB](https://www.exploit-db.com/). A web search using keywords like\n`[library_name] vulnerability` or `[library_name] CVE` can reveal critical\nsecurity information.\n\nResources\n---------\n\n- [CWE-111: Direct Use of Unsafe JNI](https://cwe.mitre.org/data/definitions/111.html)\n- [Exploit database](https://www.exploit-db.com/)\n- [Check binaries for security hardening features](https://www.systutorials.com/docs/linux/man/1-hardening-check/)\n- [Check binary security settings with pwntools](https://docs.pwntools.com/en/stable/commandline.html#pwn-checksec)\n- [Linux binary security hardening](https://medium.com/@n80fr1n60/linux-binary-security-hardening-1434e89a2525)\n- [Hardening ELF binaries using Relocation Read-Only (RELRO)](https://www.redhat.com/fr/blog/hardening-elf-binaries-using-relocation-read-only-relro)\n- [OWASP binary protection mechanisms](https://mas.owasp.org/MASTG/Android/0x05i-Testing-Code-Quality-and-Build-Settings/#binary-protection-mechanisms)\n- [SEI CERT Coding Standards](https://wiki.sei.cmu.edu/confluence/display/seccode/SEI+CERT+Coding+Standards)\n- [OWASP Developer Guide](https://owasp.org/www-project-developer-guide/release/)\n- [Google Play SDK Index](https://play.google.com/sdks)\n- [Android NDK](/ndk)\n- [Android Rust introduction](https://source.android.com/docs/setup/build/rust/building-rust-modules/overview)\n- [Abseil (C++ Common Libraries)](https://github.com/abseil/abseil-cpp)\n- [PIE is enforced by the linker](https://cs.android.com/android/platform/superproject/main/+/main:bionic/linker/linker_main.cpp;l=425?q=linker_main&ss=android%2Fplatform%2Fsuperproject%2Fmain)"]]