Android : Intent null dereference
Classification
Overview
The application provides the launch of Activity or Service based on an external Intent object, or processing of a broadcast message containing such an object using broadcastReciever . At the same time the correctness of the data in the Intent objects is not being checked. This can lead to a denial of service attack via a null pointer dereference.
Android OS allows to start components (Activity / Service) in response to Intent objects that satisfiy the conditions described in the intent-filter of the corresponding component. startService, startActivity, and broadcastReciever methods process parameters passed via the Intent object. Data from Intent objects often is not being validated, as the developer is sure that this data is correct. In reality this is not the case: an attacker can use malicious application to send an Intent object containing no parameters expected by the developer. In this case, a null dereference error occurs in the handler, which may lead to application crash.
Automatic generation of such Intent objects at a high frequency will make it impossible to work with the application.
