Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6dc63526 authored by Rhed Jao's avatar Rhed Jao
Browse files

Limit length of package name and shared user id 

Package name and shared user id could be used as part of filename
as prefix by other modules. Limits the length to 223 and reserves
32 for the OS.

Bug: 118768971
Test: atest PackageManagerTest
Change-Id: I524a20ac3ed336b1a580f9be324dce460e7f8388
parent c44ef9e2

core/java/android/content/pm/parsing/ApkLiteParseUtils.java

+7 −6
Original line number Diff line number Diff line
@@ -18,6 +18,7 @@ package android.content.pm.parsing; 


import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_BAD_PACKAGE_NAME;

import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_MANIFEST_MALFORMED;

import static android.content.pm.parsing.ParsingPackageUtils.validateName;

import static android.os.Trace.TRACE_TAG_PACKAGE_MANAGER;



import android.content.pm.PackageInfo;
@@ -501,10 +502,10 @@ public class ApkLiteParseUtils { 


        final String packageName = attrs.getAttributeValue(null, "package");

        if (!"android".equals(packageName)) {

            final String error = PackageParser.validateName(packageName, true, true);

            if (error != null) {

            final ParseResult<?> nameResult = validateName(input, packageName, true, true);

            if (nameResult.isError()) {

                return input.error(INSTALL_PARSE_FAILED_BAD_PACKAGE_NAME,

                        "Invalid manifest package: " + error);

                        "Invalid manifest package: " + nameResult.getErrorMessage());

            }

        }
@@ -513,10 +514,10 @@ public class ApkLiteParseUtils { 
            if (splitName.length() == 0) {

                splitName = null;

            } else {

                final String error = PackageParser.validateName(splitName, false, false);

                if (error != null) {

                final ParseResult<?> nameResult = validateName(input, splitName, false, false);

                if (nameResult.isError()) {

                    return input.error(INSTALL_PARSE_FAILED_BAD_PACKAGE_NAME,

                            "Invalid manifest split: " + error);

                            "Invalid manifest split: " + nameResult.getErrorMessage());

                }

            }

        }

core/java/android/content/pm/parsing/ParsingPackageUtils.java

+22 −3
Original line number Diff line number Diff line
@@ -129,6 +129,12 @@ public class ParsingPackageUtils { 


    private static final String TAG = ParsingUtils.TAG;



    /**

     * For those names would be used as a part of the file name. Limits size to 223 and reserves 32

     * for the OS.

     */

    private static final int MAX_FILE_NAME_SIZE = 223;



    /**

     * @see #parseDefault(ParseInput, File, int, boolean)

     */
@@ -2686,7 +2692,16 @@ public class ParsingPackageUtils { 
        }

    }



    private static ParseResult validateName(ParseInput input, String name, boolean requireSeparator,

    /**

     * Check if the given name is valid.

     *

     * @param name The name to check.

     * @param requireSeparator {@code true} if the name requires containing a separator at least.

     * @param requireFilename {@code true} to apply file name validation to the given name. It also

     *                        limits length of the name to the {@link #MAX_FILE_NAME_SIZE}.

     * @return Success if it's valid.

     */

    public static ParseResult validateName(ParseInput input, String name, boolean requireSeparator,

            boolean requireFilename) {

        final int N = name.length();

        boolean hasSep = false;
@@ -2709,8 +2724,12 @@ public class ParsingPackageUtils { 
            }

            return input.error("bad character '" + c + "'");

        }

        if (requireFilename && !FileUtils.isValidExtFilename(name)) {

        if (requireFilename) {

            if (!FileUtils.isValidExtFilename(name)) {

                return input.error("Invalid filename");

            } else if (N > MAX_FILE_NAME_SIZE) {

                return input.error("the length of the name is greater than " + MAX_FILE_NAME_SIZE);

            }

        }

        return hasSep || !requireSeparator

                ? input.success(null)

core/java/android/content/pm/parsing/component/ComponentParseUtils.java

+11 −7
Original line number Diff line number Diff line
@@ -16,6 +16,8 @@ 


package android.content.pm.parsing.component;



import static android.content.pm.parsing.ParsingPackageUtils.validateName;



import android.annotation.AttrRes;

import android.annotation.NonNull;

import android.annotation.Nullable;
@@ -118,17 +120,19 @@ public class ComponentParseUtils { 
                        + ": must be at least two characters");

            }

            String subName = proc.substring(1);

            String nameError = PackageParser.validateName(subName, false, false);

            if (nameError != null) {

            final ParseResult<?> nameResult = validateName(input, subName, false, false);

            if (nameResult.isError()) {

                return input.error("Invalid " + type + " name " + proc + " in package " + pkg

                        + ": " + nameError);

                        + ": " + nameResult.getErrorMessage());

            }

            return input.success(pkg + proc);

        }

        String nameError = PackageParser.validateName(proc, true, false);

        if (nameError != null && !"system".equals(proc)) {

        if (!"system".equals(proc)) {

            final ParseResult<?> nameResult = validateName(input, proc, true, false);

            if (nameResult.isError()) {

                return input.error("Invalid " + type + " name " + proc + " in package " + pkg

                    + ": " + nameError);

                        + ": " + nameResult.getErrorMessage());

            }

        }

        return input.success(proc);

    }