Skip to content

Commit cddb4c9

Browse files
mithun50claude
andcommitted
Fix: Critical crash and security vulnerabilities
- Fix generateEmbeddings() NPE: elvis operator result was never used, causing guaranteed NullPointerException when service not bound - Security: Set all non-launcher activities to exported="false" to prevent other apps from launching internal activities - Security: Disable cleartext HTTP traffic globally, only allow for localhost (development). Remove user certificate trust. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
1 parent dda17bf commit cddb4c9

3 files changed

Lines changed: 17 additions & 16 deletions

File tree

ai-module/src/main/java/com/nano/ai_module/workers/ModelManager.kt

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -501,11 +501,11 @@ object ModelManager {
501501

502502
//region Embedding-Generation
503503
suspend fun generateEmbeddings(input: String): FloatArray = withContext(Dispatchers.IO) {
504-
service ?: {
504+
val svc = service ?: run {
505505
Log.e(TAG, "Service not bound")
506-
FloatArray(0)
506+
return@withContext FloatArray(0)
507507
}
508-
return@withContext service!!.embed(input)
508+
return@withContext svc.embed(input)
509509
}
510510
//endregion
511511

app/src/main/AndroidManifest.xml

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@
4141

4242
<activity
4343
android:name=".activity.PluginHubActivity"
44-
android:exported="true"
44+
android:exported="false"
4545
android:launchMode="singleTask"
4646
android:theme="@style/Theme.NanoAI"
4747
android:windowSoftInputMode="adjustResize">
@@ -50,7 +50,7 @@
5050

5151
<activity
5252
android:name=".activity.SetupActivity"
53-
android:exported="true"
53+
android:exported="false"
5454
android:launchMode="singleTask"
5555
android:theme="@style/Theme.NanoAI"
5656
android:windowSoftInputMode="adjustResize">
@@ -60,7 +60,7 @@
6060

6161
<activity
6262
android:name=".activity.GgufPickerActivity"
63-
android:exported="true"
63+
android:exported="false"
6464
android:launchMode="singleTask"
6565
android:theme="@style/Theme.NanoAI"
6666
android:windowSoftInputMode="adjustResize">
@@ -69,7 +69,7 @@
6969

7070
<activity
7171
android:name=".activity.UserDataActivity"
72-
android:exported="true"
72+
android:exported="false"
7373
android:launchMode="singleTask"
7474
android:theme="@style/Theme.NanoAI"
7575
android:windowSoftInputMode="adjustResize">
@@ -79,7 +79,7 @@
7979

8080
<activity
8181
android:name=".activity.ModelPropEditorActivity"
82-
android:exported="true"
82+
android:exported="false"
8383
android:launchMode="singleTask"
8484
android:theme="@style/Theme.NanoAI"
8585
android:windowSoftInputMode="adjustResize">
@@ -88,7 +88,7 @@
8888

8989
<activity
9090
android:name=".activity.ModelLoadingActivity"
91-
android:exported="true"
91+
android:exported="false"
9292
android:launchMode="singleTask"
9393
android:theme="@style/Theme.NanoAI"
9494
android:windowSoftInputMode="adjustResize">
@@ -98,7 +98,7 @@
9898

9999
<activity
100100
android:name=".activity.ModelActivity"
101-
android:exported="true"
101+
android:exported="false"
102102
android:launchMode="singleTask"
103103
android:theme="@style/Theme.NanoAI"
104104
android:windowSoftInputMode="adjustResize">
@@ -107,7 +107,7 @@
107107

108108
<activity
109109
android:name=".activity.DatahubActivity"
110-
android:exported="true"
110+
android:exported="false"
111111
android:launchMode="singleTask"
112112
android:theme="@style/Theme.NanoAI"
113113
android:windowSoftInputMode="adjustResize">
@@ -116,7 +116,7 @@
116116

117117
<activity
118118
android:name=".activity.TempActivity"
119-
android:exported="true"
119+
android:exported="false"
120120
android:launchMode="singleTask"
121121
android:theme="@style/Theme.NanoAI"
122122
android:windowSoftInputMode="adjustResize">
@@ -125,7 +125,7 @@
125125

126126
<activity
127127
android:name=".activity.LoggerActivity"
128-
android:exported="true"
128+
android:exported="false"
129129
android:launchMode="singleTask"
130130
android:theme="@style/Theme.NanoAI"
131131
android:windowSoftInputMode="adjustResize">
@@ -134,7 +134,7 @@
134134

135135
<activity
136136
android:name=".activity.ScrapActivity"
137-
android:exported="true"
137+
android:exported="false"
138138
android:launchMode="singleTask"
139139
android:theme="@style/Theme.NanoAI"
140140
android:windowSoftInputMode="adjustResize">
Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,14 @@
11
<?xml version="1.0" encoding="utf-8"?>
22
<network-security-config>
3-
<base-config cleartextTrafficPermitted="true">
3+
<base-config cleartextTrafficPermitted="false">
44
<trust-anchors>
55
<certificates src="system" />
6-
<certificates src="user" />
76
</trust-anchors>
87
</base-config>
8+
<!-- Allow cleartext only for localhost (local development/testing) -->
99
<domain-config cleartextTrafficPermitted="true">
1010
<domain includeSubdomains="true">localhost</domain>
1111
<domain includeSubdomains="true">127.0.0.1</domain>
12+
<domain includeSubdomains="true">10.0.2.2</domain>
1213
</domain-config>
1314
</network-security-config>

0 commit comments

Comments
 (0)