libbpng漏洞问题,即使在更新opencv库后 [英] Libpng vulnerability issue even after updating opencv library
问题描述
我在我的应用程序中使用以下依赖项:
I am using following dependencies in my app :
dependencies {
compile fileTree(include: '*.jar', dir: 'libs')
compile project(':zxing-2.3.0')
compile project(':ColorPickerView')
compile project(':DropboxChooserSDK')
compile project(':PullToRefreshLibrary')
compile project(':volley')
compile 'com.android.support:recyclerview-v7:24.0.0-alpha2'
compile 'com.facebook.android:facebook-android-sdk:4.5.0'
compile 'com.google.android.gms:play-services-analytics:8.4.0'
compile 'com.google.android.gms:play-services-gcm:8.4.0'
compile 'com.android.support:design:23.3.0'
compile 'com.github.ctodobom:OpenCV-3.1.0-Android:-SNAPSHOT'
}
我使用的是Opencv库版本2.4.8,而Google Play控制台拒绝了我的应用,提示libpng漏洞问题. 因此,我将opencv库更新为3.1.0,但Google Play控制台仍然拒绝说同样的libpng漏洞问题.
I was using opencv library version 2.4.8 and google play console rejected my app saying libpng vulnerability issue. So i updated opencv library to 3.1.0 and still the google play console is rejecting saying the same libpng vulnerability issue.
因此,如果上面有其他库正在使用libpng库,我会感到困惑吗?
So i am confused if any other library from above is using libpng library?
我创建了一个具有上述库的示例项目,出于测试目的,我将opencv降级到2.4.8(存在libpng问题),我能说什么,它没有对libpng发出任何警告,它正在发布.那么问题到底出在哪里呢?
I created a sample project which has the above libraries and for testing purpose I downgraded opencv to 2.4.8 (which has libpng issue) and what can i say, it is not giving any warning about libpng, it is getting published. So where exactly is the problem?
推荐答案
我发现了问题所在. 旧的opencv库(存在漏洞问题)创建了 libopencv_java.so 文件,并且仍在 libs 文件夹,即使更新了库也是如此.因此,新的 .so 文件无法生成.
I found out the problem. The old opencv library(which has vulnerability issue) created libopencv_java.so file and it was still there in the libs folder even after updating the library. So somehow the new .so file was not generating.
已采取步骤解决:
- 首先我从libs文件夹中删除了 libopencv_java.so .
- 为清楚起见,我删除了 build 文件夹中的所有内容.
- 添加了opencv 2.4.13.1 gradle依赖项(编译'com.iparse.android:opencv:2.4.13.1')
- First i deleted libopencv_java.so from libs folder.
- Just for clarity, i deleted everything which was there in the build folder.
- Added opencv 2.4.13.1 gradle dependency (compile 'com.iparse.android:opencv:2.4.13.1')
如果要检查opencv使用的libpng版本,请首先找到 libopencv_java.so ,该文件位于 libs 或 build 文件夹中,在终端strings libopencv_java.so | grep "libpng"
中使用以下命令.
If you want to check the libpng version used by opencv, first find libopencv_java.so which will be in libs or build folder and use the following command in terminal strings libopencv_java.so | grep "libpng"
.
此后,我在playstore中发布了,一切都很好.希望这对某人有帮助.
After this i published in playstore and everything is fine. Hope this helps someone.
这篇关于libbpng漏洞问题,即使在更新opencv库后的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!