Monday, June 1, 2020

Wallpaper crash explained: Here’s how a simple image can soft-brick phones

How can a simple image crash an Android phone to the point that it becomes unusable?

It's a question that came out frequently over the past 24 hours, as news of a "cursed wallpaper" spread around the web.

The wallpaper crash explained

Here's a recap: Setting a particular image as wallpaper can send some phones into a loop of crashes that makes them unusable.

There are a few solutions, depending on how hard the phone is hit. Some users were able to change the wallpaper in the short interval between crashes. Others had success deleting the wallpaper using the recovery tool TWRP. But in most cases, the only solution was to reset the phone to factory settings, losing any data that's not backed up.

The issue was brought to light by Ice Universe, the Chinese Twitter users known for leaks. Based on user reports, many models from Samsung and Google are affected, while we've also seen some reports from users of OnePlus, Nokia, and Xiaomi devices (it's not clear if these latter devices ran stock software or custom ROMs). From our own testing and looking at user reports, Huawei devices seem to be less exposed to the wallpaper crash issue.

The issue affects up-to-date phones running Android 10, but as it turns out, it's not actually new. Users have been reporting similar problems for a couple of years, and just last month Android Police reported on what appears to be a closely related issue specifically impacting Pixel phones running the Google Wallpapers app.

We asked a developer what's going on

It's a weird problem that has the potential to become a wider issue, especially if trolls get involved. It's easy to envision unsavory characters boobytrapping wallpapers and sending them to unsuspecting users as a "prank."

So, what's going on?

We've seen a few explanations for the issue, most of them involving the color space of the image, which goes beyond what Android's SystemUI can handle and causes a crash.

To get a better idea of what's going with this Android wallpaper crash, we reached out to Davide Bianco, one of the lead developers of the POSP custom ROM project, who submitted an initial patch for the issue to the AOSP bug tracker.

Davide graciously explained for Android Authority readers how an image can cause such problems, cautioning it's his "personal take." Below is a lightly edited explanation from him:

The main issue right here is that SystemUI only handles sRGB images for the wallpaper and doesn't have any check against non-sRGB wallpapers. This can lead to a particular crash in the ImageProcessHelper class, as a variable used to access an array goes over the array bounds.

For reference, here is the method definition .

This variable is called y, and it's the sum of the current scanned pixel rgb values. This pixel is obtained from scanning every row and column of the greyscaled picture surface. Every time we get a pixel, we assign to y the sum of its rgb values (usually max is 255) and use said variable to access an element of the histogram array (which size is 256 max) and do stuff with said element.

Now, for normal greyscaled images the sum of rgb values is always 255, but this is no normal image. The variable y goes over 255, and it generates an out of bounds exception (any exception in SysUI is treated as fatal, leading to an infinite loop of crashes because the image gets processed every time SysUI starts). Now, one solution could be to add a check after y is assigned a value that basically sets y to 255 if it ever goes over the max bound. This actually works, but we get worse quality for some reason.

The LineageOS guys were able to find out that this particular issue happens because of poor rounding, mostly because the rgb values were always rounded to ceil instead of normal rounding. They were able to fix it by manually rounding the values and apparently this method also retains quality, but I really don't see how, mostly because SysUI seems to always convert the image to sRGB, leading to a color loss when the color space is larger.

It was also discovered by one 9to5Google developer (Editor's note:  the developer is Dylan Roussel, an Android developer and 9to5Google contributor) that the issue doesn't occur on Android 11 as the picture is always converted to sRGB before it gets processed in any way.

I also tried crafting my own broken image with photoshop or gimp, but SysUI always converted the image to the safe color space, leading to no crash (but a loss of colors ofc). I even tried extracting the broken image color profile and using it in a new image, but still couldn't get SysUI to crash.

There's good news, and there's bad news

android wallpaper crash android wallpaper crash

The bad news is the issue is now out in the open, and you can bet that some people will use it for mischief. More concerningly, this bug (or a very similar one) appears to have been an issue for at least a couple of years, with no visible action from Google.

Also bad news: if you fall victim to a prank (or your own curiosity), there's no easy, pain-free method to undo it. At least factory reset remains as a last resort, but we still wouldn't recommend trying it on your own device.

Read next: The best Android wallpapers: Default wallpapers from 125+ Android devices

The good news is this seems to be a straightforward bug, rather than malware or anything more nefarious. We say "seems" because we haven't heard from Google back for confirmation. Also good news: this bug will not be an issue once Android 11 lands later this year.



from Android Authority https://ift.tt/3gHu5kr
via IFTTT

No comments:

Post a Comment