2024-09-21 12:01:42 -04:00
From 701cf719f36830fd3c1b02c5585ce3226a30f092 Mon Sep 17 00:00:00 2001
2024-09-14 12:44:16 -04:00
From: Kiran Ramachandra <kiranmr@google.com>
Date: Wed, 5 Jun 2024 21:03:33 +0000
Subject: [PATCH] DO NOT MERGE Ignore - Sanitized uri scheme by removing scheme
delimiter
Initially considered removing unsupported characters as per IANA guidelines, but this could break applications that use custom schemes with asterisks. Instead, opted to remove only the "://" to minimize disruption
Bug: 261721900
Test: atest FrameworksCoreTests:android.net.UriTest
No-Typo-Check: The unit test is specifically written to test few cases, string "http://https://" is not a typo
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:1fd0421801c391dd619cafeeea8d379a9029074a)
Merged-In: I88b1550a5d8b3dc0f6286e28899884025d059645
Change-Id: I88b1550a5d8b3dc0f6286e28899884025d059645
---
core/java/android/net/Uri.java | 6 +++++-
core/tests/coretests/src/android/net/UriTest.java | 11 +++++++++++
2 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/core/java/android/net/Uri.java b/core/java/android/net/Uri.java
2024-09-21 12:01:42 -04:00
index 84fc4f78edc46..4446f09bc8743 100644
2024-09-14 12:44:16 -04:00
--- a/core/java/android/net/Uri.java
+++ b/core/java/android/net/Uri.java
2024-09-21 12:01:42 -04:00
@@ -1380,7 +1380,11 @@ public Builder() {}
2024-09-14 12:44:16 -04:00
* @param scheme name or {@code null} if this is a relative Uri
*/
public Builder scheme(String scheme) {
- this.scheme = scheme;
+ if (scheme != null) {
+ this.scheme = scheme.replace("://", "");
+ } else {
+ this.scheme = null;
+ }
return this;
}
diff --git a/core/tests/coretests/src/android/net/UriTest.java b/core/tests/coretests/src/android/net/UriTest.java
2024-09-21 12:01:42 -04:00
index 670aefd21d360..17a37831afdb1 100644
2024-09-14 12:44:16 -04:00
--- a/core/tests/coretests/src/android/net/UriTest.java
+++ b/core/tests/coretests/src/android/net/UriTest.java
2024-09-21 12:01:42 -04:00
@@ -18,6 +18,7 @@
2024-09-14 12:44:16 -04:00
import android.content.ContentUris;
import android.os.Parcel;
+import android.platform.test.annotations.AsbSecurityTest;
import androidx.test.filters.SmallTest;
2024-09-21 12:01:42 -04:00
@@ -88,6 +89,16 @@ public void testBuildUponOpaqueStringUri() {
2024-09-14 12:44:16 -04:00
assertNull(u.getHost());
}
+ @AsbSecurityTest(cveBugId = 261721900)
+ @SmallTest
+ public void testSchemeSanitization() {
+ Uri uri = new Uri.Builder()
+ .scheme("http://https://evil.com:/te:st/")
+ .authority("google.com").path("one/way").build();
+ assertEquals("httphttpsevil.com:/te:st/", uri.getScheme());
+ assertEquals("httphttpsevil.com:/te:st/://google.com/one/way", uri.toString());
+ }
+
@SmallTest
public void testStringUri() {
assertEquals("bob lee",