Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 47b68b6e authored by Tyler Gunn's avatar Tyler Gunn
Browse files

Adding parcelable class checking for call extras. 

Currently, call extras originate from vendor code in the ImsCallProfile.
It is possible for a vendor to put in a package-local parcelable class,
which can cause problems in Telecom and other consumers of the
parcelable class.  The result is that the Bundle and its contents will be
lost.
This change ensures that the Connection class, which is currently the
primary entry point from extras in the ImsCallProfile class will filter
out Bundle contents which are not valid.  The exisint Bundle.filterValues
method accomplishes this by ensuring only primitive types and android.*
namespace parcelables are included in the Bundle.

Although ImsCallProfile is technically the best place to enforce this,
the vendor modem code currently runs in the same process as Telephony, so
the parceling code there never gets run.  Hence the filtering here.

Also, added a new unit test for the ImsCallProfile to verify the parcel
enforcement happening at that level as well.

Test: Manual, also wrote new unit tests
Bug: 65562929
Change-Id: Iabaae8d0a44a1114b3618937e4238e9f4619cf5a
parent eb140d53

src/java/com/android/internal/telephony/Connection.java

+11 −0
Original line number Diff line number Diff line
@@ -34,6 +34,7 @@ import java.util.concurrent.CopyOnWriteArraySet; 
 * {@hide}

 */

public abstract class Connection {

    private static final String TAG = "Connection";



    public interface PostDialListener {

        void onPostDialWait();
@@ -827,6 +828,16 @@ public abstract class Connection { 
    public void setConnectionExtras(Bundle extras) {

        if (extras != null) {

            mExtras = new Bundle(extras);



            int previousCount = mExtras.size();

            // Prevent vendors from passing in extras other than primitive types and android API

            // parcelables.

            mExtras = mExtras.filterValues();

            int filteredCount = mExtras.size();

            if (filteredCount != previousCount) {

                Rlog.i(TAG, "setConnectionExtras: filtering " + (previousCount - filteredCount)

                        + " invalid extras.");

            }

        } else {

            mExtras = null;

        }

tests/telephonytests/src/android/telephony/ims/ImsCallProfileTest.java

0 → 100644
+112 −0
Original line number Diff line number Diff line 
/*

 * Copyright (C) 2017 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */



// Note: Package name is intentionally wrong for this test; the internal junk class is used to test

// that parcelables of types other than android.* are stripped out.

package com.android.telephony.ims;



import static junit.framework.Assert.assertEquals;

import static junit.framework.Assert.assertFalse;

import static junit.framework.Assert.assertNotNull;



import android.os.Parcel;

import android.os.Parcelable;

import android.support.test.runner.AndroidJUnit4;

import android.telecom.DisconnectCause;

import android.test.suitebuilder.annotation.SmallTest;



import com.android.ims.ImsCallProfile;



import org.junit.Test;

import org.junit.runner.RunWith;



/**

 * Tests for the {@link com.android.ims.ImsCallProfile} class.

 */

@RunWith(AndroidJUnit4.class)

public class ImsCallProfileTest {

    // A test-only parcelable class which is not in the android.* namespace.

    private static class JunkParcelable implements Parcelable {

        private int mTest;



        JunkParcelable() {

        }



        protected JunkParcelable(Parcel in) {

            mTest = in.readInt();

        }



        public static final Creator<JunkParcelable> CREATOR = new Creator<JunkParcelable>() {

            @Override

            public JunkParcelable createFromParcel(Parcel in) {

                return new JunkParcelable(in);

            }



            @Override

            public JunkParcelable[] newArray(int size) {

                return new JunkParcelable[size];

            }

        };



        @Override

        public int describeContents() {

            return 0;

        }



        @Override

        public void writeToParcel(Parcel dest, int flags) {

            dest.writeInt(mTest);

        }

    }



    /**

     * Ensures that the {@link ImsCallProfile} will discard invalid extras when it is parceled.

     */

    @Test

    @SmallTest

    public void testExtrasCleanup() {

        ImsCallProfile srcParcel = new ImsCallProfile();

        // Put in a private parcelable type.

        srcParcel.mCallExtras.putParcelable("JUNK", new JunkParcelable());

        // Put in an api defined parcelable type.

        srcParcel.mCallExtras.putParcelable("NOTJUNK", new DisconnectCause(DisconnectCause.BUSY));

        // Put in some valid things.

        srcParcel.mCallExtras.putInt("INT", 1);

        srcParcel.mCallExtras.putString("STRING", "hello");



        // Parcel it.

        Parcel parcel = Parcel.obtain();

        srcParcel.writeToParcel(parcel, 0);

        byte[] parcelBytes = parcel.marshall();

        parcel.recycle();



        // Unparcel it.

        parcel = Parcel.obtain();

        parcel.unmarshall(parcelBytes, 0, parcelBytes.length);

        parcel.setDataPosition(0);

        ImsCallProfile unparceledProfile = ImsCallProfile.CREATOR.createFromParcel(parcel);

        parcel.recycle();



        assertNotNull(unparceledProfile.mCallExtras);

        assertEquals(3, unparceledProfile.mCallExtras.size());

        assertEquals(1, unparceledProfile.getCallExtraInt("INT"));

        assertEquals("hello", unparceledProfile.getCallExtra("STRING"));

        assertFalse(unparceledProfile.mCallExtras.containsKey("JUNK"));



        DisconnectCause parceledCause = unparceledProfile.mCallExtras.getParcelable("NOTJUNK");

        assertEquals(DisconnectCause.BUSY, parceledCause.getCode());

    }

}