DivestOS/Patches/LineageOS-16.0/android_frameworks_base/394879.patch

From a568a9144f1a804e4ac136522dfcd1f8aaae81a3 Mon Sep 17 00:00:00 2001
From: Chris Wailes <chriswailes@google.com>
Date: Thu, 18 Apr 2019 18:25:57 -0700
Subject: [PATCH] Adds additional sanitization for Zygote command arguments.

Previously we were only insuring that the arguments provided to the
Zygote didn't contain any newlines.  This adds additional checks for
carriage returns and standalone integer arguments to protect against
malicious argument and packet injection respectively.

Bug: 130164289
Test: m & flash & boot & check logs
Change-Id: I4055c50d52db0047c02c11096710fd07b429660c
Merged-In: I4055c50d52db0047c02c11096710fd07b429660c
(cherry picked from commit c99198249f8bb79487d4f9f0f45b5b2fefaba41a)
---
 core/java/android/os/ZygoteProcess.java | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/core/java/android/os/ZygoteProcess.java b/core/java/android/os/ZygoteProcess.java
index 6994033a963a8..904ec46859fa4 100644
--- a/core/java/android/os/ZygoteProcess.java
+++ b/core/java/android/os/ZygoteProcess.java
@@ -16,6 +16,7 @@
 
 package android.os;
 
+import android.annotation.NonNull;
 import android.net.LocalSocket;
 import android.net.LocalSocketAddress;
 import android.util.Log;
@@ -278,15 +279,19 @@ private static String getAbiList(BufferedWriter writer, DataInputStream inputStr
      */
     @GuardedBy("mLock")
     private static Process.ProcessStartResult zygoteSendArgsAndGetResult(
-            ZygoteState zygoteState, ArrayList<String> args)
+            ZygoteState zygoteState, @NonNull ArrayList<String> args)
             throws ZygoteStartFailedEx {
         try {
             // Throw early if any of the arguments are malformed. This means we can
             // avoid writing a partial response to the zygote.
             int sz = args.size();
             for (int i = 0; i < sz; i++) {
+                // Making two indexOf calls here is faster than running a manually fused loop due
+                // to the fact that indexOf is a optimized intrinsic.
                 if (args.get(i).indexOf('\n') >= 0) {
-                    throw new ZygoteStartFailedEx("embedded newlines not allowed");
+                    throw new ZygoteStartFailedEx("Embedded newlines not allowed");
+                } else if (args.get(i).indexOf('\r') >= 0) {
+                    throw new ZygoteStartFailedEx("Embedded carriage returns not allowed");
                 }
             }
16.0: June ASB picks Signed-off-by: Tavi <tavi@divested.dev> 2024-06-19 16:11:38 -04:00			`From a568a9144f1a804e4ac136522dfcd1f8aaae81a3 Mon Sep 17 00:00:00 2001`
			`From: Chris Wailes <chriswailes@google.com>`
			`Date: Thu, 18 Apr 2019 18:25:57 -0700`
			`Subject: [PATCH] Adds additional sanitization for Zygote command arguments.`

			`Previously we were only insuring that the arguments provided to the`
			`Zygote didn't contain any newlines. This adds additional checks for`
			`carriage returns and standalone integer arguments to protect against`
			`malicious argument and packet injection respectively.`

			`Bug: 130164289`
			`Test: m & flash & boot & check logs`
			`Change-Id: I4055c50d52db0047c02c11096710fd07b429660c`
			`Merged-In: I4055c50d52db0047c02c11096710fd07b429660c`
			`(cherry picked from commit c99198249f8bb79487d4f9f0f45b5b2fefaba41a)`
			`---`
			`core/java/android/os/ZygoteProcess.java \| 9 +++++++--`
			`1 file changed, 7 insertions(+), 2 deletions(-)`

			`diff --git a/core/java/android/os/ZygoteProcess.java b/core/java/android/os/ZygoteProcess.java`
			`index 6994033a963a8..904ec46859fa4 100644`
			`--- a/core/java/android/os/ZygoteProcess.java`
			`+++ b/core/java/android/os/ZygoteProcess.java`
			`@@ -16,6 +16,7 @@`

			`package android.os;`

			`+import android.annotation.NonNull;`
			`import android.net.LocalSocket;`
			`import android.net.LocalSocketAddress;`
			`import android.util.Log;`
			`@@ -278,15 +279,19 @@ private static String getAbiList(BufferedWriter writer, DataInputStream inputStr`
			`*/`
			`@GuardedBy("mLock")`
			`private static Process.ProcessStartResult zygoteSendArgsAndGetResult(`
			`- ZygoteState zygoteState, ArrayList<String> args)`
			`+ ZygoteState zygoteState, @NonNull ArrayList<String> args)`
			`throws ZygoteStartFailedEx {`
			`try {`
			`// Throw early if any of the arguments are malformed. This means we can`
			`// avoid writing a partial response to the zygote.`
			`int sz = args.size();`
			`for (int i = 0; i < sz; i++) {`
			`+ // Making two indexOf calls here is faster than running a manually fused loop due`
			`+ // to the fact that indexOf is a optimized intrinsic.`
			`if (args.get(i).indexOf('\n') >= 0) {`
			`- throw new ZygoteStartFailedEx("embedded newlines not allowed");`
			`+ throw new ZygoteStartFailedEx("Embedded newlines not allowed");`
			`+ } else if (args.get(i).indexOf('\r') >= 0) {`
			`+ throw new ZygoteStartFailedEx("Embedded carriage returns not allowed");`
			`}`
			`}`