Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 043b90b3 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Automerger Merge Worker
Browse files

[conflict] Merge "Validate package name passed to setApplicationRestrictions."... 

[conflict] Merge "Validate package name passed to setApplicationRestrictions." into qt-dev am: 0b5ceb8c am: 9f864c4b am: ef2a1d60

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/19861873



Change-Id: I90bd2588c585b4df998a800657bf1b583d23adee
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 167fa8ba ef2a1d60

services/core/java/com/android/server/pm/UserManagerService.java

+41 −0
Original line number Diff line number Diff line
@@ -88,6 +88,7 @@ import android.stats.devicepolicy.DevicePolicyEnums; 
import android.util.ArrayMap;

import android.util.ArraySet;

import android.util.AtomicFile;

import android.util.EventLog;

import android.util.IntArray;

import android.util.Slog;

import android.util.SparseArray;
@@ -4123,6 +4124,13 @@ public class UserManagerService extends IUserManager.Stub { 
    public void setApplicationRestrictions(String packageName, Bundle restrictions,

            @UserIdInt int userId) {

        checkSystemOrRoot("set application restrictions");

        String validationResult = validateName(packageName);

        if (validationResult != null) {

            if (packageName.contains("../")) {

                EventLog.writeEvent(0x534e4554, "239701237", -1, "");

            }

            throw new IllegalArgumentException("Invalid package name: " + validationResult);

        }

        if (restrictions != null) {

            restrictions.setDefusable(true);

        }
@@ -4149,6 +4157,39 @@ public class UserManagerService extends IUserManager.Stub { 
        mContext.sendBroadcastAsUser(changeIntent, UserHandle.of(userId));

    }



    /**

     * Check if the given name is valid.

     *

     * Note: the logic is taken from FrameworkParsingPackageUtils in master, edited to remove

     * unnecessary parts. Copied here for a security fix.

     *

     * @param name The name to check.

     * @return null if it's valid, error message if not

     */

    @VisibleForTesting

    static String validateName(String name) {

        final int n = name.length();

        boolean front = true;

        for (int i = 0; i < n; i++) {

            final char c = name.charAt(i);

            if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z')) {

                front = false;

                continue;

            }

            if (!front) {

                if ((c >= '0' && c <= '9') || c == '_') {

                    continue;

                }

                if (c == '.') {

                    front = true;

                    continue;

                }

            }

            return "bad character '" + c + "'";

        }

        return null;

    }



    private int getUidForPackage(String packageName) {

        long ident = Binder.clearCallingIdentity();

        try {

services/tests/servicestests/src/com/android/server/pm/UserManagerServiceTest.java

+7 −0
Original line number Diff line number Diff line
@@ -86,6 +86,13 @@ public class UserManagerServiceTest extends AndroidTestCase { 
        }

    }



    public void testValidateName() {

        assertNull(UserManagerService.validateName("android"));

        assertNull(UserManagerService.validateName("com.company.myapp"));

        assertNotNull(UserManagerService.validateName("/../../data"));

        assertNotNull(UserManagerService.validateName("/dir"));

    }



    private Bundle createBundle() {

        Bundle result = new Bundle();

        // Tests for 6 allowed types: Integer, Boolean, String, String[], Bundle and Parcelable[]