Unsafe implementation of openFile

Solar2D General Questions/Discussion

Divergent_Monkey August 1, 2018, 8:49pm #1

In my Google Play console, I get this warning for some of my apps:

Security alert

Your app is using a content provider with an unsafe implementation of openFile. Please see this Google Help Center article for details.

Vulnerable classes:

com.ansca.corona.storage.FileContentProvider

Please fix the issue before: 01/15/2018

Affects APK version 13.

Following the link to the help center article, I read this:

Beginning January 16th, 2018, Google Play will block publishing of any new apps or updates which contain the Path traversal Vulnerability. Your published APK version will remain unaffected, however any updates to the app will be blocked unless you address this vulnerability.

Does anyone know what this means? I would guess this is something Corona internal but I just want to know if there is something that I should do…

roaminggamer August 1, 2018, 8:52pm #2

What version of Corona did you build with.

I’m pretty sure this has long been resolved.

You can find out (if you don’t remember), by starting logcat then running your app. The version of Corona should be printed in the log.

https://docs.coronalabs.com/guide/basics/debugging/index.html#device-debugging-android

roaminggamer August 1, 2018, 8:56pm #3

I did a search and I’m 99% sure this is solved.

Google this: site: coronalabs.com openfile

Finds this: https://forums.coronalabs.com/topic/70958-google-play-store-warning-openfile/

ldurniat August 1, 2018, 8:58pm #4

Hi

I agree with @roaminggamer See Your app is using a content provider with an unsafe implementation of openFile.

Have a nice day:)

ldurniat

Divergent_Monkey August 1, 2018, 9:11pm #5

Thanks for your quick answers!

roaminggamer August 1, 2018, 8:52pm #6

What version of Corona did you build with.

I’m pretty sure this has long been resolved.

You can find out (if you don’t remember), by starting logcat then running your app. The version of Corona should be printed in the log.

https://docs.coronalabs.com/guide/basics/debugging/index.html#device-debugging-android

roaminggamer August 1, 2018, 8:56pm #7

I did a search and I’m 99% sure this is solved.

Google this: site: coronalabs.com openfile

Finds this: https://forums.coronalabs.com/topic/70958-google-play-store-warning-openfile/

ldurniat August 1, 2018, 8:58pm #8

Hi

I agree with @roaminggamer See Your app is using a content provider with an unsafe implementation of openFile.

Have a nice day:)

ldurniat

Divergent_Monkey August 1, 2018, 9:11pm #9

Thanks for your quick answers!