DivestOS/Patches/LineageOS-17.1/android_frameworks_base/399081.patch

From 19820317cc73a78c8141d8e3cbc435bdf1c0f503 Mon Sep 17 00:00:00 2001
From: Hans Boehm <hboehm@google.com>
Date: Tue, 2 Jan 2024 16:53:13 -0800
Subject: [PATCH] Check hidden API exemptions

Refuse to deal with newlines and null characters in
HiddenApiSettings.update(). Also disallow nulls in process start
arguments.

Bug: 316153291
Test: Treehugger for now
(cherry picked from commit 7ba059e2cf0a2c20f9a849719cdc32b12c933a44)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:60669aa49aba34c0950d6246bd95b54f91a3c8e8)
Merged-In: I83cd60e46407a4a082f9f3c80e937dbd522dbac4
Change-Id: I83cd60e46407a4a082f9f3c80e937dbd522dbac4
---
 core/java/android/os/ZygoteProcess.java | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/core/java/android/os/ZygoteProcess.java b/core/java/android/os/ZygoteProcess.java
index 0417a4c8959c0..ff4131c2398d8 100644
--- a/core/java/android/os/ZygoteProcess.java
+++ b/core/java/android/os/ZygoteProcess.java
@@ -411,6 +411,8 @@ private Process.ProcessStartResult zygoteSendArgsAndGetResult(
                 throw new ZygoteStartFailedEx("Embedded newlines not allowed");
             } else if (arg.indexOf('\r') >= 0) {
                 throw new ZygoteStartFailedEx("Embedded carriage returns not allowed");
+            } else if (arg.indexOf('\u0000') >= 0) {
+                throw new ZygoteStartFailedEx("Embedded nulls not allowed");
             }
         }
 
@@ -869,6 +871,14 @@ private boolean maybeSetApiBlacklistExemptions(ZygoteState state, boolean sendIf
             return true;
         }
 
+        for (/* NonNull */ String s : mApiBlacklistExemptions) {
+            // indexOf() is intrinsified and faster than contains().
+            if (s.indexOf('\n') >= 0 || s.indexOf('\r') >= 0 || s.indexOf('\u0000') >= 0) {
+                Slog.e(LOG_TAG, "Failed to set API denylist exemptions: Bad character");
+                mApiBlacklistExemptions = Collections.emptyList();
+                return false;
+            }
+        }
         try {
             state.mZygoteOutputWriter.write(Integer.toString(mApiBlacklistExemptions.size() + 1));
             state.mZygoteOutputWriter.newLine();
Reconcile picks no effective change: https://review.lineageos.org/q/topic:%22P_asb_2024-05%22 gains 8 patches: https://review.lineageos.org/q/topic:%22Q_asb_2024-06%22 https://review.lineageos.org/q/topic:%22Q_asb_2024-07%22 Signed-off-by: Tavi <tavi@divested.dev> 2024-08-05 16:03:46 -04:00			`From 19820317cc73a78c8141d8e3cbc435bdf1c0f503 Mon Sep 17 00:00:00 2001`
17.1: June ASB work Signed-off-by: Tavi <tavi@divested.dev> 2024-06-19 18:14:14 -04:00			`From: Hans Boehm <hboehm@google.com>`
			`Date: Tue, 2 Jan 2024 16:53:13 -0800`
			`Subject: [PATCH] Check hidden API exemptions`

			`Refuse to deal with newlines and null characters in`
			`HiddenApiSettings.update(). Also disallow nulls in process start`
			`arguments.`

			`Bug: 316153291`
			`Test: Treehugger for now`
			`(cherry picked from commit 7ba059e2cf0a2c20f9a849719cdc32b12c933a44)`
			`(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:60669aa49aba34c0950d6246bd95b54f91a3c8e8)`
			`Merged-In: I83cd60e46407a4a082f9f3c80e937dbd522dbac4`
			`Change-Id: I83cd60e46407a4a082f9f3c80e937dbd522dbac4`
			`---`
			`core/java/android/os/ZygoteProcess.java \| 10 ++++++++++`
			`1 file changed, 10 insertions(+)`

			`diff --git a/core/java/android/os/ZygoteProcess.java b/core/java/android/os/ZygoteProcess.java`
Reconcile picks no effective change: https://review.lineageos.org/q/topic:%22P_asb_2024-05%22 gains 8 patches: https://review.lineageos.org/q/topic:%22Q_asb_2024-06%22 https://review.lineageos.org/q/topic:%22Q_asb_2024-07%22 Signed-off-by: Tavi <tavi@divested.dev> 2024-08-05 16:03:46 -04:00			`index 0417a4c8959c0..ff4131c2398d8 100644`
17.1: June ASB work Signed-off-by: Tavi <tavi@divested.dev> 2024-06-19 18:14:14 -04:00			`--- a/core/java/android/os/ZygoteProcess.java`
			`+++ b/core/java/android/os/ZygoteProcess.java`
Reconcile picks no effective change: https://review.lineageos.org/q/topic:%22P_asb_2024-05%22 gains 8 patches: https://review.lineageos.org/q/topic:%22Q_asb_2024-06%22 https://review.lineageos.org/q/topic:%22Q_asb_2024-07%22 Signed-off-by: Tavi <tavi@divested.dev> 2024-08-05 16:03:46 -04:00			`@@ -411,6 +411,8 @@ private Process.ProcessStartResult zygoteSendArgsAndGetResult(`
17.1: June ASB work Signed-off-by: Tavi <tavi@divested.dev> 2024-06-19 18:14:14 -04:00			`throw new ZygoteStartFailedEx("Embedded newlines not allowed");`
			`} else if (arg.indexOf('\r') >= 0) {`
			`throw new ZygoteStartFailedEx("Embedded carriage returns not allowed");`
			`+ } else if (arg.indexOf('\u0000') >= 0) {`
			`+ throw new ZygoteStartFailedEx("Embedded nulls not allowed");`
			`}`
			`}`

Reconcile picks no effective change: https://review.lineageos.org/q/topic:%22P_asb_2024-05%22 gains 8 patches: https://review.lineageos.org/q/topic:%22Q_asb_2024-06%22 https://review.lineageos.org/q/topic:%22Q_asb_2024-07%22 Signed-off-by: Tavi <tavi@divested.dev> 2024-08-05 16:03:46 -04:00			`@@ -869,6 +871,14 @@ private boolean maybeSetApiBlacklistExemptions(ZygoteState state, boolean sendIf`
17.1: June ASB work Signed-off-by: Tavi <tavi@divested.dev> 2024-06-19 18:14:14 -04:00			`return true;`
			`}`

			`+ for (/* NonNull */ String s : mApiBlacklistExemptions) {`
			`+ // indexOf() is intrinsified and faster than contains().`
			`+ if (s.indexOf('\n') >= 0 \|\| s.indexOf('\r') >= 0 \|\| s.indexOf('\u0000') >= 0) {`
			`+ Slog.e(LOG_TAG, "Failed to set API denylist exemptions: Bad character");`
			`+ mApiBlacklistExemptions = Collections.emptyList();`
			`+ return false;`
			`+ }`
			`+ }`
			`try {`
			`state.mZygoteOutputWriter.write(Integer.toString(mApiBlacklistExemptions.size() + 1));`
			`state.mZygoteOutputWriter.newLine();`