Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5c41c595 authored by William Loh's avatar William Loh
Browse files

Remove redundant limits in package parser. 

Since manifest tag and attribute limits were added we can remove some
redundant limits in package parsing.
  1. Removed the 30k component limit and reduced the activity tag count
     limit to 30k
  2. Removed the permission name attribute length limit of 512 since
     there is already a 1024 length limit for all name attributes.

Fixed a bug where manifest attributes were not being validated if they
were read using TypedArray.getNonResourceString during package parsing.

Bug: 288328797
Test: presubmit
Change-Id: I76ef18f8147c56c7f4f8203f572b79407395d04e
parent e37802cc

core/java/android/content/res/Element.java

+1 −1
Original line number Diff line number Diff line
@@ -308,7 +308,7 @@ public class Element { 
                initializeCounter(TAG_USES_LIBRARY, 1000);

                initializeCounter(TAG_ACTIVITY_ALIAS, 4000);

                initializeCounter(TAG_PROVIDER, 8000);

                initializeCounter(TAG_ACTIVITY, 40000);

                initializeCounter(TAG_ACTIVITY, 30000);

                break;

            case TAG_COMPATIBLE_SCREENS:

                initializeCounter(TAG_SCREEN, 4000);

core/java/android/content/res/TypedArray.java

+6 −8
Original line number Diff line number Diff line
@@ -35,8 +35,6 @@ import com.android.internal.util.XmlUtils; 


import dalvik.system.VMRuntime;



import org.xmlpull.v1.XmlPullParserException;



import java.util.Arrays;



/**
@@ -309,7 +307,11 @@ public class TypedArray implements AutoCloseable { 
        if (type == TypedValue.TYPE_STRING) {

            final int cookie = data[index + STYLE_ASSET_COOKIE];

            if (cookie < 0) {

                return mXml.getPooledString(data[index + STYLE_DATA]).toString();

                String value = mXml.getPooledString(data[index + STYLE_DATA]).toString();

                if (value != null && mXml != null && mXml.mValidator != null) {

                    mXml.mValidator.validateResStrAttr(mXml, index, value);

                }

                return value;

            }

        }

        return null;
@@ -1402,11 +1404,7 @@ public class TypedArray implements AutoCloseable { 
            value = mAssets.getPooledStringForCookie(cookie, data[index + STYLE_DATA]);

        }

        if (value != null && mXml != null && mXml.mValidator != null) {

            try {

            mXml.mValidator.validateResStrAttr(mXml, index / STYLE_NUM_ENTRIES, value);

            } catch (XmlPullParserException e) {

                throw new RuntimeException("Failed to validate resource string: " + e.getMessage());

            }

        }

        return value;

    }

core/java/android/content/res/Validator.java

+1 −1
Original line number Diff line number Diff line
@@ -81,7 +81,7 @@ public class Validator { 
     * Validates the resource string of a manifest tag attribute.

     */

    public void validateResStrAttr(@NonNull XmlPullParser parser, @StyleableRes int index,

            CharSequence stringValue) throws XmlPullParserException {

            CharSequence stringValue) {

        if (parser.getDepth() > mElements.size()) {

            return;

        }

core/java/com/android/internal/pm/pkg/parsing/ParsingPackageUtils.java

+0 −25
Original line number Diff line number Diff line
@@ -241,14 +241,6 @@ public class ParsingPackageUtils { 


    public static final int PARSE_CHATTY = 1 << 31;



    /** The total maximum number of activities, services, providers and activity-aliases */

    private static final int MAX_NUM_COMPONENTS = 30000;

    private static final String MAX_NUM_COMPONENTS_ERR_MSG =

            "Total number of components has exceeded the maximum number: " + MAX_NUM_COMPONENTS;



    /** The maximum permission name length. */

    private static final int MAX_PERMISSION_NAME_LENGTH = 512;



    @IntDef(flag = true, prefix = { "PARSE_" }, value = {

            PARSE_CHATTY,

            PARSE_COLLECT_CERTIFICATES,
@@ -904,20 +896,11 @@ public class ParsingPackageUtils { 
            if (result.isError()) {

                return input.error(result);

            }



            if (hasTooManyComponents(pkg)) {

                return input.error(MAX_NUM_COMPONENTS_ERR_MSG);

            }

        }



        return input.success(pkg);

    }



    private static boolean hasTooManyComponents(ParsingPackage pkg) {

        return (pkg.getActivities().size() + pkg.getServices().size() + pkg.getProviders().size()

                + pkg.getReceivers().size()) > MAX_NUM_COMPONENTS;

    }



    /**

     * For parsing non-MainComponents. Main ones have an order and some special handling which is

     * done directly in {@link #parseSplitApplication(ParseInput, ParsingPackage, Resources,
@@ -1360,11 +1343,6 @@ public class ParsingPackageUtils { 
            // that may change.

            String name = sa.getNonResourceString(

                    R.styleable.AndroidManifestUsesPermission_name);

            if (TextUtils.length(name) > MAX_PERMISSION_NAME_LENGTH) {

                return input.error(INSTALL_PARSE_FAILED_MANIFEST_MALFORMED,

                        "The name in the <uses-permission> is greater than "

                                + MAX_PERMISSION_NAME_LENGTH);

            }



            int minSdkVersion =  parseMinOrMaxSdkVersion(sa,

                    R.styleable.AndroidManifestUsesPermission_minSdkVersion,
@@ -2277,9 +2255,6 @@ public class ParsingPackageUtils { 
            if (result.isError()) {

                return input.error(result);

            }

            if (hasTooManyComponents(pkg)) {

                return input.error(MAX_NUM_COMPONENTS_ERR_MSG);

            }

        }



        if (TextUtils.isEmpty(pkg.getStaticSharedLibraryName()) && TextUtils.isEmpty(