Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 623f456d authored by Eva Tsai's avatar Eva Tsai
Browse files

Revert "Validate package name passed to setApplicationRestrictions." 

This reverts commit 8c2c7b41.

Reason for revert: DroidMonitor-triggered revert due to many breakages in Quarterdeck

Bud: b/244643688
Change-Id: I6178eb0f9d2e7fb602694d7266be9aa58008ce96
parent 8c2c7b41

services/core/java/com/android/server/pm/UserManagerService.java

+0 −41
Original line number Diff line number Diff line
@@ -88,7 +88,6 @@ import android.stats.devicepolicy.DevicePolicyEnums; 
import android.util.ArrayMap;

import android.util.ArraySet;

import android.util.AtomicFile;

import android.util.EventLog;

import android.util.IndentingPrintWriter;

import android.util.IntArray;

import android.util.Slog;
@@ -4500,13 +4499,6 @@ public class UserManagerService extends IUserManager.Stub { 
    public void setApplicationRestrictions(String packageName, Bundle restrictions,

            @UserIdInt int userId) {

        checkSystemOrRoot("set application restrictions");

        String validationResult = validateName(packageName);

        if (validationResult != null) {

            if (packageName.contains("../")) {

                EventLog.writeEvent(0x534e4554, "239701237", -1, "");

            }

            throw new IllegalArgumentException("Invalid package name: " + validationResult);

        }

        if (restrictions != null) {

            restrictions.setDefusable(true);

        }
@@ -4533,39 +4525,6 @@ public class UserManagerService extends IUserManager.Stub { 
        mContext.sendBroadcastAsUser(changeIntent, UserHandle.of(userId));

    }



    /**

     * Check if the given name is valid.

     *

     * Note: the logic is taken from FrameworkParsingPackageUtils in master, edited to remove

     * unnecessary parts. Copied here for a security fix.

     *

     * @param name The name to check.

     * @return null if it's valid, error message if not

     */

    @VisibleForTesting

    static String validateName(String name) {

        final int n = name.length();

        boolean front = true;

        for (int i = 0; i < n; i++) {

            final char c = name.charAt(i);

            if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z')) {

                front = false;

                continue;

            }

            if (!front) {

                if ((c >= '0' && c <= '9') || c == '_') {

                    continue;

                }

                if (c == '.') {

                    front = true;

                    continue;

                }

            }

            return "bad character '" + c + "'";

        }

        return null;

    }



    private int getUidForPackage(String packageName) {

        final long ident = Binder.clearCallingIdentity();

        try {

services/tests/servicestests/src/com/android/server/pm/UserManagerServiceTest.java

+0 −7
Original line number Diff line number Diff line
@@ -86,13 +86,6 @@ public class UserManagerServiceTest extends AndroidTestCase { 
        }

    }



    public void testValidateName() {

        assertNull(UserManagerService.validateName("android"));

        assertNull(UserManagerService.validateName("com.company.myapp"));

        assertNotNull(UserManagerService.validateName("/../../data"));

        assertNotNull(UserManagerService.validateName("/dir"));

    }



    private Bundle createBundle() {

        Bundle result = new Bundle();

        // Tests for 6 allowed types: Integer, Boolean, String, String[], Bundle and Parcelable[]