Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8bd44ac8 authored by Sudheer Shanka's avatar Sudheer Shanka Committed by Automerger Merge Worker
Browse files

Merge "Add limits on BlobHandle label and lease expiry strings." into rvc-dev am: 7434322a 

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/12013588

Change-Id: I6116c382478eee1f5cd9d9b1405df3ae22ab59f4
parents 03fd9a8a 7434322a

apex/blobstore/framework/java/android/app/blob/BlobHandle.java

+7 −2
Original line number Diff line number Diff line
@@ -51,6 +51,7 @@ public final class BlobHandle implements Parcelable { 
    };



    private static final int LIMIT_BLOB_TAG_LENGTH = 128; // characters

    private static final int LIMIT_BLOB_LABEL_LENGTH = 100; // characters



    /**

     * Cyrptographically secure hash algorithm used to generate hash of the blob this handle is
@@ -128,6 +129,9 @@ public final class BlobHandle implements Parcelable { 
     *

     * @param digest the SHA-256 hash of the blob this is representing.

     * @param label a label indicating what the blob is, that can be surfaced to the user.

     *              The length of the label cannot be more than 100 characters. It is recommended

     *              to keep this brief. This may be truncated and ellipsized if it is too long

     *              to be displayed to the user.

     * @param expiryTimeMillis the time in secs after which the blob should be invalidated and not

     *                         allowed to be accessed by any other app,

     *                         in {@link System#currentTimeMillis()} timebase or {@code 0} to
@@ -205,9 +209,9 @@ public final class BlobHandle implements Parcelable { 
        final BlobHandle other = (BlobHandle) obj;

        return this.algorithm.equals(other.algorithm)

                && Arrays.equals(this.digest, other.digest)

                && this.label.equals(other.label)

                && this.label.toString().equals(other.label.toString())

                && this.expiryTimeMillis == other.expiryTimeMillis

                && this.tag.equals(tag);

                && this.tag.equals(other.tag);

    }



    @Override
@@ -233,6 +237,7 @@ public final class BlobHandle implements Parcelable { 
        Preconditions.checkArgumentIsSupported(SUPPORTED_ALGOS, algorithm);

        Preconditions.checkByteArrayNotEmpty(digest, "digest");

        Preconditions.checkStringNotEmpty(label, "label must not be null");

        Preconditions.checkArgument(label.length() <= LIMIT_BLOB_LABEL_LENGTH, "label too long");

        Preconditions.checkArgumentNonnegative(expiryTimeMillis,

                "expiryTimeMillis must not be negative");

        Preconditions.checkStringNotEmpty(tag, "tag must not be null");

apex/blobstore/framework/java/android/app/blob/BlobStoreManager.java

+6 −2
Original line number Diff line number Diff line
@@ -347,7 +347,9 @@ public class BlobStoreManager { 
     * @param blobHandle the {@link BlobHandle} representing the blob that the caller wants to

     *                   acquire a lease for.

     * @param description a short description string that can be surfaced

     *                    to the user explaining what the blob is used for.

     *                    to the user explaining what the blob is used for. It is recommended to

     *                    keep this description brief. This may be truncated and ellipsized

     *                    if it is too long to be displayed to the user.

     * @param leaseExpiryTimeMillis the time in milliseconds after which the lease can be

     *                              automatically released, in {@link System#currentTimeMillis()}

     *                              timebase. If its value is {@code 0}, then the behavior of this
@@ -458,7 +460,9 @@ public class BlobStoreManager { 
     * @param blobHandle the {@link BlobHandle} representing the blob that the caller wants to

     *                   acquire a lease for.

     * @param description a short description string that can be surfaced

     *                    to the user explaining what the blob is used for.

     *                    to the user explaining what the blob is used for. It is recommended to

     *                    keep this description brief. This may be truncated and

     *                    ellipsized if it is too long to be displayed to the user.

     *

     * @throws IOException when there is an I/O error while acquiring a lease to the blob.

     * @throws SecurityException when the blob represented by the {@code blobHandle} does not

apex/blobstore/service/java/com/android/server/blob/BlobStoreConfig.java

+26 −0
Original line number Diff line number Diff line
@@ -25,6 +25,7 @@ import android.content.Context; 
import android.os.Environment;

import android.provider.DeviceConfig;

import android.provider.DeviceConfig.Properties;

import android.text.TextUtils;

import android.util.DataUnit;

import android.util.Log;

import android.util.Slog;
@@ -171,6 +172,13 @@ class BlobStoreConfig { 
        public static int MAX_BLOB_ACCESS_PERMITTED_PACKAGES =

                DEFAULT_MAX_BLOB_ACCESS_PERMITTED_PACKAGES;



        /**

         * Denotes the maximum number of characters that a lease description can have.

         */

        public static final String KEY_LEASE_DESC_CHAR_LIMIT = "lease_desc_char_limit";

        public static int DEFAULT_LEASE_DESC_CHAR_LIMIT = 300;

        public static int LEASE_DESC_CHAR_LIMIT = DEFAULT_LEASE_DESC_CHAR_LIMIT;



        static void refresh(Properties properties) {

            if (!NAMESPACE_BLOBSTORE.equals(properties.getNamespace())) {

                return;
@@ -221,6 +229,10 @@ class BlobStoreConfig { 
                        MAX_BLOB_ACCESS_PERMITTED_PACKAGES = properties.getInt(key,

                                DEFAULT_MAX_BLOB_ACCESS_PERMITTED_PACKAGES);

                        break;

                    case KEY_LEASE_DESC_CHAR_LIMIT:

                        LEASE_DESC_CHAR_LIMIT = properties.getInt(key,

                                DEFAULT_LEASE_DESC_CHAR_LIMIT);

                        break;

                    default:

                        Slog.wtf(TAG, "Unknown key in device config properties: " + key);

                }
@@ -262,6 +274,8 @@ class BlobStoreConfig { 
            fout.println(String.format(dumpFormat, KEY_MAX_BLOB_ACCESS_PERMITTED_PACKAGES,

                    MAX_BLOB_ACCESS_PERMITTED_PACKAGES,

                    DEFAULT_MAX_BLOB_ACCESS_PERMITTED_PACKAGES));

            fout.println(String.format(dumpFormat, KEY_LEASE_DESC_CHAR_LIMIT,

                    LEASE_DESC_CHAR_LIMIT, DEFAULT_LEASE_DESC_CHAR_LIMIT));

        }

    }
@@ -368,6 +382,18 @@ class BlobStoreConfig { 
        return DeviceConfigProperties.MAX_BLOB_ACCESS_PERMITTED_PACKAGES;

    }



    /**

     * Returns the lease description truncated to

     * {@link DeviceConfigProperties#LEASE_DESC_CHAR_LIMIT} characters.

     */

    public static CharSequence getTruncatedLeaseDescription(CharSequence description) {

        if (TextUtils.isEmpty(description)) {

            return description;

        }

        return TextUtils.trimToLengthWithEllipsis(description,

                DeviceConfigProperties.LEASE_DESC_CHAR_LIMIT);

    }



    @Nullable

    public static File prepareBlobFile(long sessionId) {

        final File blobsDir = prepareBlobsDir();

apex/blobstore/service/java/com/android/server/blob/BlobStoreManagerService.java

+2 −0
Original line number Diff line number Diff line
@@ -1500,6 +1500,8 @@ public class BlobStoreManagerService extends SystemService { 
                    "leaseExpiryTimeMillis must not be negative");

            Objects.requireNonNull(packageName, "packageName must not be null");



            description = BlobStoreConfig.getTruncatedLeaseDescription(description);



            final int callingUid = Binder.getCallingUid();

            verifyCallingPackage(callingUid, packageName);