On Android, set dynamic code files to readonly (#1430)

* To address an Android 14 security issue, set dex files to readonly.

This follows the advice on dynamic code loading here:
https://developer.android.com/about/versions/14/behavior-changes-14#safer-dynamic-code-loading

* Format code.

* Reorder exception check so that we cover all the spots.

* Add release note.

Author: jonsimantov

app/src/util_android.cc

@@ -1587,12 +1587,33 @@ const std::vector<internal::EmbeddedFile>& CacheEmbeddedFiles(
         file::GetClass(), file::GetMethodId(file::kConstructorFilePath),
         cache_dir, filename);
     env->DeleteLocalRef(filename);
+    CheckAndClearJniExceptions(env);
+    // Below, we would have set the file read only on a previous run. Here, set
+    // it to writable and then delete it before creating it again.
+    //
+    // if output_file.exists() {
+    if (env->CallBooleanMethod(output_file, file::GetMethodId(file::kExists))) {
+      CheckAndClearJniExceptions(env);
+      // output_file.setWritable(true);
+      env->CallBooleanMethod(output_file, file::GetMethodId(file::kSetWritable),
+                             JNI_TRUE);
+      CheckAndClearJniExceptions(env);
+      // output_file.delete();
+      env->CallBooleanMethod(output_file, file::GetMethodId(file::kDelete));
+      CheckAndClearJniExceptions(env);
+    }
     jobject output_stream = env->NewObject(
         file_output_stream::GetClass(),
         file_output_stream::GetMethodId(file_output_stream::kConstructorFile),
         output_file);
     bool failed = CheckAndClearJniExceptions(env);
     if (!failed) {
+      // Android 14 requires that we set the open dex file to readonly BEFORE
+      // writing code to it.
+      jboolean did_set_readonly = env->CallBooleanMethod(
+          output_file, file::GetMethodId(file::kSetReadOnly));
+      // If it failed, move on and try again later after closing the file.
+      if (CheckAndClearJniExceptions(env)) did_set_readonly = JNI_FALSE;
       jobject output_array = env->NewByteArray(it->size);
       env->SetByteArrayRegion(static_cast<jbyteArray>(output_array), 0,
                               it->size,
@@ -1605,6 +1626,11 @@ const std::vector<internal::EmbeddedFile>& CacheEmbeddedFiles(
       env->CallVoidMethod(output_stream, file_output_stream::GetMethodId(
                                              file_output_stream::kClose));
       failed |= CheckAndClearJniExceptions(env);
+      if (!did_set_readonly) {
+        env->CallBooleanMethod(output_file,
+                               file::GetMethodId(file::kSetReadOnly));
+        util::CheckAndClearJniExceptions(env);
+      }
       env->DeleteLocalRef(output_array);
       env->DeleteLocalRef(output_stream);
     }

app/src/util_android.h

@@ -568,6 +568,10 @@ METHOD_LOOKUP_DECLARATION(intent, INTENT_METHODS);
   X(ConstructorFilePath, "<init>", "(Ljava/io/File;Ljava/lang/String;)V"), \
   X(GetAbsolutePath, "getAbsolutePath", "()Ljava/lang/String;"),           \
   X(GetPath, "getPath", "()Ljava/lang/String;"),                           \
+  X(Exists, "exists", "()Z"),                                              \
+  X(Delete, "delete", "()Z"),                                              \
+  X(SetReadOnly, "setReadOnly", "()Z"),                                    \
+  X(SetWritable, "setWritable", "(Z)Z"),                                   \
   X(ToUri, "toURI", "()Ljava/net/URI;")
 // clang-format on
 METHOD_LOOKUP_DECLARATION(file, FILE_METHODS)

release_build_files/readme.md

@@ -629,6 +629,8 @@ code.
 ## Release Notes
 ### Next Release
 -   Changes
+    - General (Android): Made dynamic code files read only to comply with new
+      Android 14 security requirements. This fixes a crash at API level 34+.
     - Analytics (iOS): Added InitiateOnDeviceConversionMeasurementWithPhoneNumber
       function to facilitate the [on-device conversion
       measurement](https://support.google.com/google-ads/answer/12119136) API.