Therefore, the keyName variable can be controllable with an arbitrary size by a malicious app, Hay said.
The encode_key routine that is called by encode_key_for_uid can overflow the filename buffer, since bounds checking is absent.
explained the experts
However, the Android KeyStore is respawned every time it terminates.
source: www.techworm.net
