Loading services/core/java/com/android/server/pm/UserManagerService.java +0 −41 Original line number Diff line number Diff line Loading @@ -88,7 +88,6 @@ import android.stats.devicepolicy.DevicePolicyEnums; import android.util.ArrayMap; import android.util.ArraySet; import android.util.AtomicFile; import android.util.EventLog; import android.util.IndentingPrintWriter; import android.util.IntArray; import android.util.Slog; Loading Loading @@ -4500,13 +4499,6 @@ public class UserManagerService extends IUserManager.Stub { public void setApplicationRestrictions(String packageName, Bundle restrictions, @UserIdInt int userId) { checkSystemOrRoot("set application restrictions"); String validationResult = validateName(packageName); if (validationResult != null) { if (packageName.contains("../")) { EventLog.writeEvent(0x534e4554, "239701237", -1, ""); } throw new IllegalArgumentException("Invalid package name: " + validationResult); } if (restrictions != null) { restrictions.setDefusable(true); } Loading @@ -4533,39 +4525,6 @@ public class UserManagerService extends IUserManager.Stub { mContext.sendBroadcastAsUser(changeIntent, UserHandle.of(userId)); } /** * Check if the given name is valid. * * Note: the logic is taken from FrameworkParsingPackageUtils in master, edited to remove * unnecessary parts. Copied here for a security fix. * * @param name The name to check. * @return null if it's valid, error message if not */ @VisibleForTesting static String validateName(String name) { final int n = name.length(); boolean front = true; for (int i = 0; i < n; i++) { final char c = name.charAt(i); if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z')) { front = false; continue; } if (!front) { if ((c >= '0' && c <= '9') || c == '_') { continue; } if (c == '.') { front = true; continue; } } return "bad character '" + c + "'"; } return null; } private int getUidForPackage(String packageName) { final long ident = Binder.clearCallingIdentity(); try { Loading services/tests/servicestests/src/com/android/server/pm/UserManagerServiceTest.java +0 −7 Original line number Diff line number Diff line Loading @@ -86,13 +86,6 @@ public class UserManagerServiceTest extends AndroidTestCase { } } public void testValidateName() { assertNull(UserManagerService.validateName("android")); assertNull(UserManagerService.validateName("com.company.myapp")); assertNotNull(UserManagerService.validateName("/../../data")); assertNotNull(UserManagerService.validateName("/dir")); } private Bundle createBundle() { Bundle result = new Bundle(); // Tests for 6 allowed types: Integer, Boolean, String, String[], Bundle and Parcelable[] Loading Loading
services/core/java/com/android/server/pm/UserManagerService.java +0 −41 Original line number Diff line number Diff line Loading @@ -88,7 +88,6 @@ import android.stats.devicepolicy.DevicePolicyEnums; import android.util.ArrayMap; import android.util.ArraySet; import android.util.AtomicFile; import android.util.EventLog; import android.util.IndentingPrintWriter; import android.util.IntArray; import android.util.Slog; Loading Loading @@ -4500,13 +4499,6 @@ public class UserManagerService extends IUserManager.Stub { public void setApplicationRestrictions(String packageName, Bundle restrictions, @UserIdInt int userId) { checkSystemOrRoot("set application restrictions"); String validationResult = validateName(packageName); if (validationResult != null) { if (packageName.contains("../")) { EventLog.writeEvent(0x534e4554, "239701237", -1, ""); } throw new IllegalArgumentException("Invalid package name: " + validationResult); } if (restrictions != null) { restrictions.setDefusable(true); } Loading @@ -4533,39 +4525,6 @@ public class UserManagerService extends IUserManager.Stub { mContext.sendBroadcastAsUser(changeIntent, UserHandle.of(userId)); } /** * Check if the given name is valid. * * Note: the logic is taken from FrameworkParsingPackageUtils in master, edited to remove * unnecessary parts. Copied here for a security fix. * * @param name The name to check. * @return null if it's valid, error message if not */ @VisibleForTesting static String validateName(String name) { final int n = name.length(); boolean front = true; for (int i = 0; i < n; i++) { final char c = name.charAt(i); if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z')) { front = false; continue; } if (!front) { if ((c >= '0' && c <= '9') || c == '_') { continue; } if (c == '.') { front = true; continue; } } return "bad character '" + c + "'"; } return null; } private int getUidForPackage(String packageName) { final long ident = Binder.clearCallingIdentity(); try { Loading
services/tests/servicestests/src/com/android/server/pm/UserManagerServiceTest.java +0 −7 Original line number Diff line number Diff line Loading @@ -86,13 +86,6 @@ public class UserManagerServiceTest extends AndroidTestCase { } } public void testValidateName() { assertNull(UserManagerService.validateName("android")); assertNull(UserManagerService.validateName("com.company.myapp")); assertNotNull(UserManagerService.validateName("/../../data")); assertNotNull(UserManagerService.validateName("/dir")); } private Bundle createBundle() { Bundle result = new Bundle(); // Tests for 6 allowed types: Integer, Boolean, String, String[], Bundle and Parcelable[] Loading
