Merge "Protect ConnectivityService from SecurityException in permission... (2abd8792) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/ConnectivityService.java

+9 −2

Original line number	Diff line number	Diff line
		@@ -7892,10 +7892,17 @@ public class ConnectivityService extends IConnectivityManager.Stub
		return true;
		}

		// LocationPermissionChecker#checkLocationPermission can throw SecurityException if the uid
		// and package name don't match. Throwing on the CS thread is not acceptable, so wrap the
		// call in a try-catch.
		try {
		if (!mLocationPermissionChecker.checkLocationPermission(
		callbackPackageName, null /* featureId /, callbackUid, null / message */)) {
		return false;
		}
		} catch (SecurityException e) {
		return false;
		}

		synchronized (mVpns) {
		if (getVpnIfOwner(callbackUid) != null) {

+20 −0

Original line number	Diff line number	Diff line
		@@ -6756,6 +6756,26 @@ public class ConnectivityServiceTest {
		mContext.getOpPackageName()));
		}

		@Test
		public void testCheckConnectivityDiagnosticsPermissionsWrongUidPackageName() throws Exception {
		final NetworkAgentInfo naiWithoutUid =
		new NetworkAgentInfo(
		null, null, null, null, null, new NetworkCapabilities(), 0,
		mServiceContext, null, null, mService, null, null, null, 0);

		mServiceContext.setPermission(android.Manifest.permission.NETWORK_STACK, PERMISSION_DENIED);

		try {
		assertFalse(
		"Mismatched uid/package name should not pass the location permission check",
		mService.checkConnectivityDiagnosticsPermissions(
		Process.myPid() + 1, Process.myUid() + 1, naiWithoutUid,
		mContext.getOpPackageName()));
		} catch (SecurityException e) {
		fail("checkConnectivityDiagnosticsPermissions shouldn't surface a SecurityException");
		}
		}

		@Test
		public void testCheckConnectivityDiagnosticsPermissionsNoLocationPermission() throws Exception {
		final NetworkAgentInfo naiWithoutUid =