Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 25a44805 authored by Rhed Jao's avatar Rhed Jao
Browse files

A lint checker to detect potential package visibility issues 

APIs working in the system_server and taking the package name as a
parameter may have chance to reveal package existence status on the
device, and break the package visibility we introduced in Android 11.

Take an example of the API: `boolean setFoo(String packageName)`, a
malicious app may have chance to detect package existence state on the
device from the result of the API, if there is no package visibility
filtering rule or uid identify checks applying to the parameter of the
package name.

To resolve the lint warning, you could apply package visibility
filtering rules to the package name via
PackageManagerInternal.filterAppAccess API, before starting to use the
package name. If the parameter is a calling package name, using the
PackageManager API such as PackageManager.getPackagesForUid to verify
the calling identify.

Bug: 228274845
Test: atest AndroidFrameworkLintCheckerTest --host

Change-Id: I30ef6a184545d4704de8d26c7b1b62abb543c9d1
parent dea5a7c8

Android.bp

+1 −0
Original line number Diff line number Diff line
@@ -405,6 +405,7 @@ java_library { 
    ],

    lint: {

        extra_check_modules: ["AndroidFrameworkLintChecker"],

        disabled_checks: ["ApiMightLeakAppVisibility"],

    },

    errorprone: {

        javacflags: [

tools/lint/checks/src/main/java/com/google/android/lint/AndroidFrameworkIssueRegistry.kt

+1 −0
Original line number Diff line number Diff line
@@ -36,6 +36,7 @@ class AndroidFrameworkIssueRegistry : IssueRegistry() { 
            EnforcePermissionDetector.ISSUE_MISSING_ENFORCE_PERMISSION,

            EnforcePermissionDetector.ISSUE_MISMATCHING_ENFORCE_PERMISSION,

            SaferParcelChecker.ISSUE_UNSAFE_API_USAGE,

            PackageVisibilityDetector.ISSUE_PACKAGE_NAME_NO_PACKAGE_VISIBILITY_FILTERS,

    )



    override val api: Int

tools/lint/checks/src/main/java/com/google/android/lint/PackageVisibilityDetector.kt

0 → 100644
+524 −0

File added.

Preview size limit exceeded, changes collapsed.

tools/lint/checks/src/test/java/com/google/android/lint/PackageVisibilityDetectorTest.kt

0 → 100644
+271 −0

File added.

Preview size limit exceeded, changes collapsed.