Sign In Register

How can we help you today?

Start a new topic

CRITICAL: Device auth is completely broken on Android 8

Gamesparks relies on this code to retrive UUID needed for device auth request:

gsstl::ifstream ifs("/proc/sys/kernel/random/uuid");
ifs >> ret;

On Android 8 (and not Android 7.1 and not Android 9), opening this file fails. Which results in UUID to be set "NO-UUID-SUPPORT-FOR-THIS-PLATFORM".


This leads to ALL users with Android 8 getting SAME UUID, and sharing the same session/saves/leaderboards/etc.

This is NUTS folks, get it together! :(


Hi Dmytro,


Thanks for bringing this to our attention. We'll look into this. 


Regards,

Liam

Hello, I reported this same issue more than 6 months ago, it is yet to be fixed. Some temporary code based on Java's UUID code you can use if you wish:

 

std::string	Authentication::GenerateNewDeviceId()
{
	std::mt19937 mt(time(0));

	unsigned int random[4];

	for (int i = 0; i < 4; i++)
		random[i] = mt();

	unsigned char *hex = (unsigned char *)random;
	hex[6] &= 0x0f;  /* clear version        */
	hex[6] |= 0x40;  /* set to version 4     */
	hex[8] &= 0x3f;  /* clear variant        */
	hex[8] |= 0x80;  /* set to IETF variant  */

	char out[50];
	snprintf(out, 50, "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
		hex[0], hex[1], hex[2], hex[3],
		hex[4], hex[5],
		hex[6], hex[7],
		hex[8], hex[9],
		hex[10], hex[11],
		hex[12], hex[13],
		hex[14], hex[15]);

	return std::string(out);
}

 

Login to post a comment