Samsung KitKat SecurityException bug

Update: There is a workaround for this in 8sms version 1.25. The bug in Android still exists, but has been bypassed.

It seems there is a nasty bug in Android KitKat for some devices which is preventing older versions of 8sms (1.24 and older) from working properly. This seems to affect mainly Samsung phones (the S4 and Note 3) in the following way:

  • Cannot receive mms if auto-retrieve is enabled
  • Crash when sharing images from Gallery using 8sms

The cause seems to a bug in the Android ROM which is preventing 8sms from writing to the mms messages database. Obviously, if 8sms can't write to the database, then it can't perform it's intended purpose.

Fortunately, there is a work-around for this bug in 8sms from version 1.25 onwards. However, the bug still exists in Android, and the proper fix would be for Samsung (or Google) to fix the bug in Android KitKat and issue a new update.


Technical Details

This is the bug in Android:

FATAL EXCEPTION while inserting in Mms Provider
http://code.google.com/p/android/issues/detail?id=65843

It causes SecurityException to be thrown (under some circumstances) when saving a message into the mms messages database. Obviously, throwing such an error will break things.

On Samsung KitKat phones, this seems to occur whenever the thread id of the to-be-saved mms pdu is zero. The work-around is to always save mms pdu's with a nonzero thread id.

This is a sample of a crash report from the Google Developer Console:

java.lang.SecurityException: com.android.phone from uid 10190 not allowed to perform READ_SMS
at android.os.Parcel.readException(Parcel.java:1465)
at android.database.DatabaseUtils.readExceptionFromParcel(DatabaseUtils.java:185)
at android.database.DatabaseUtils.readExceptionFromParcel(DatabaseUtils.java:137)
at android.content.ContentProviderProxy.insert(ContentProviderNative.java:468)
at android.content.ContentResolver.insert(ContentResolver.java:1193)
at opt.com.google.android.mms.util.SqliteWrapper.insert(SqliteWrapper.java:113)
at opt.com.google.android.mms.pdu.PduPersister.persist(PduPersister.java:1426)
at com.thinkleft.eightyeightsms.mms.data.WorkingMessage.createDraftMmsMessage(WorkingMessage.java:1605)
at com.thinkleft.eightyeightsms.mms.data.WorkingMessage.saveAsMms(WorkingMessage.java:849)

when trying to share an image from the Gallery app.

This is a crash report from a Note 3 user:

E/DatabaseUtils(31954): java.lang.SecurityException: com.android.phone from uid 10478 not allowed to perform READ_SMS
E/DatabaseUtils(31954): at android.app.AppOpsManager.noteOp(AppOpsManager.java:1151)
E/DatabaseUtils(31954): at android.content.ContentProvider$Transport.enforceReadPermission(ContentProvider.java:396)
E/DatabaseUtils(31954): at android.content.ContentProvider$Transport.query(ContentProvider.java:194)
E/DatabaseUtils(31954): at android.content.ContentResolver.query(ContentResolver.java:464)
E/DatabaseUtils(31954): at android.content.ContentResolver.query(ContentResolver.java:407)
E/DatabaseUtils(31954): at android.database.sqlite.SqliteWrapper.query(SqliteWrapper.java:59)
E/DatabaseUtils(31954): at android.provider.Telephony$Threads.getOrCreateThreadId(Telephony.java:1965)
E/DatabaseUtils(31954): at android.provider.Telephony$Threads.getOrCreateThreadId(Telephony.java:1923)
E/DatabaseUtils(31954): at android.provider.Telephony$Threads.getOrCreateThreadId(Telephony.java:1882)
E/DatabaseUtils(31954): at com.android.providers.telephony.MmsProvider.insert(MmsProvider.java:521)
E/DatabaseUtils(31954): at android.content.ContentProvider$Transport.insert(ContentProvider.java:220)
E/DatabaseUtils(31954): at android.content.ContentProviderNative.onTransact(ContentProviderNative.java:156)
E/DatabaseUtils(31954): at android.os.Binder.execTransact(Binder.java:404)
E/DatabaseUtils(31954): at dalvik.system.NativeStart.run(Native Method)
W/AppOps  (31459): Bad call: specified package com.android.phone under uid 10478 but it is really 1001
E/8sms/PushReceiver(11409): Unexpected RuntimeException.
E/8sms/PushReceiver(11409): java.lang.SecurityException: com.android.phone from uid 10478 not allowed to perform READ_SMS
E/8sms/PushReceiver(11409): at android.os.Parcel.readException(Parcel.java:1465)
E/8sms/PushReceiver(11409): at android.database.DatabaseUtils.readExceptionFromParcel(DatabaseUtils.java:185)
E/8sms/PushReceiver(11409): at android.database.DatabaseUtils.readExceptionFromParcel(DatabaseUtils.java:137)
E/8sms/PushReceiver(11409): at android.content.ContentProviderProxy.insert(ContentProviderNative.java:468)
E/8sms/PushReceiver(11409): at android.content.ContentResolver.insert(ContentResolver.java:1193)
E/8sms/PushReceiver(11409): at opt.com.google.android.mms.util.SqliteWrapper.insert(SqliteWrapper.java:113)
E/8sms/PushReceiver(11409): at opt.com.google.android.mms.pdu.PduPersister.persist(PduPersister.java:1426)
E/8sms/PushReceiver(11409): at com.thinkleft.eightyeightsms.mms.transaction.PushReceiver$ReceivePushTask.doInBackground(PushReceiver.java:139)
E/8sms/PushReceiver(11409): at com.thinkleft.eightyeightsms.mms.transaction.PushReceiver$ReceivePushTask.doInBackground(PushReceiver.java:72)
E/8sms/PushReceiver(11409): at android.os.AsyncTask$2.call(AsyncTask.java:288)
E/8sms/PushReceiver(11409): at java.util.concurrent.FutureTask.run(FutureTask.java:237)
E/8sms/PushReceiver(11409): at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:231)
E/8sms/PushReceiver(11409): at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
E/8sms/PushReceiver(11409): at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
E/8sms/PushReceiver(11409): at java.lang.Thread.run(Thread.java:841)

when trying to receive mms with auto-retrieve enabled.

In all cases, it looks like Android is confusing 8sms with com.android.phone and incorrectly thinks 8sms doesn't have the READ_SMS permission (which it does have). This is obviously a bug in Android, not 8sms.