mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2025-01-12 07:59:36 -05:00
17.1 May ASB work
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
parent
21702e1fc7
commit
8503986acb
@ -11,10 +11,10 @@ need to be granted by default for all apps to maintain compatibility.
|
||||
2 files changed, 20 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
index ef97d61d26d7..6592c574c027 100644
|
||||
index 58a0fdbed498..e1c679a3698f 100644
|
||||
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
@@ -20191,7 +20191,8 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
@@ -20215,7 +20215,8 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
}
|
||||
|
||||
// If this permission was granted by default, make sure it is.
|
||||
|
@ -0,0 +1,85 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Songchun Fan <schfan@google.com>
|
||||
Date: Thu, 26 Jan 2023 17:43:24 -0800
|
||||
Subject: [PATCH] prevent system app downgrades of versions lower than preload
|
||||
|
||||
Also remove misleading commandline output.
|
||||
|
||||
BUG: 256202273
|
||||
|
||||
Test: manual
|
||||
1. Install preload system app v90, reboot
|
||||
2. (W/O data, W/ Flag, 90->80 NOK) adb install -d ~/Downloads/PrivApplication_80.apk
|
||||
Performing Streamed Install
|
||||
adb: failed to install /usr/local/google/home/schfan/Downloads/PrivApplication_80.apk: Failure [INSTALL_FAILED_VERSION_DOWNGRADE: System app: com.example.privapplication cannot be downgraded to older than its preloaded version on the system image. Update version code 80 is older than current 90]
|
||||
3. (90->100) Install data app v100
|
||||
4. (W/ data, W/O Flag, 100->90 NOK) adb install ~/Downloads/PrivApplication_90.apk
|
||||
Performing Streamed Install
|
||||
adb: failed to install /usr/local/google/home/schfan/Downloads/PrivApplication_90.apk: Failure [INSTALL_FAILED_VERSION_DOWNGRADE: Downgrade detected: Update version code 90 is older than current 100]
|
||||
5. (W/ data, W/ Flag, 100->90 downgrade OK) adb install -d ~/Downloads/PrivApplication_90.apk
|
||||
Performing Streamed Install
|
||||
Success
|
||||
6. (90->100) Install v100
|
||||
6. (W/data, W/ Flag, 100->80 NOK) adb install -d ~/Downloads/PrivApplication_80.apk
|
||||
Performing Streamed Install
|
||||
adb: failed to install /usr/local/google/home/schfan/Downloads/PrivApplication_80.apk: Failure [INSTALL_FAILED_VERSION_DOWNGRADE: System app: com.example.privapplication cannot be downgraded to older than its preloaded version on the system image. Update version code 80 is older than current 90]
|
||||
|
||||
Change-Id: I5a8ee9e29a3a58f6e3fd188e0122355744b8b0ce
|
||||
(cherry picked from commit a4484d7f1be1fa413258fe18644d61f85611f586)
|
||||
(cherry picked from commit on googleplex-android-review.googlesource.com host: aec76152d65cfd5774f6c0dcf4cb6009ba48c1ee)
|
||||
Merged-In: I5a8ee9e29a3a58f6e3fd188e0122355744b8b0ce
|
||||
---
|
||||
.../server/pm/PackageManagerService.java | 26 ++++++++++++++++---
|
||||
1 file changed, 23 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
index ef97d61d26d7..068cb345d463 100644
|
||||
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
@@ -15281,10 +15281,10 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
// will be null whereas dataOwnerPkg will contain information about the package
|
||||
// which was uninstalled while keeping its data.
|
||||
PackageParser.Package dataOwnerPkg = installedPkg;
|
||||
+ PackageSetting dataOwnerPs= mSettings.mPackages.get(packageName);
|
||||
if (dataOwnerPkg == null) {
|
||||
- PackageSetting ps = mSettings.mPackages.get(packageName);
|
||||
- if (ps != null) {
|
||||
- dataOwnerPkg = ps.pkg;
|
||||
+ if (dataOwnerPs != null) {
|
||||
+ dataOwnerPkg = dataOwnerPs.pkg;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -15308,12 +15308,32 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
if (dataOwnerPkg != null) {
|
||||
if (!PackageManagerServiceUtils.isDowngradePermitted(installFlags,
|
||||
dataOwnerPkg.applicationInfo.flags)) {
|
||||
+ // Downgrade is not permitted; a lower version of the app will not be
|
||||
+ // allowed
|
||||
try {
|
||||
checkDowngrade(dataOwnerPkg, pkgLite);
|
||||
} catch (PackageManagerException e) {
|
||||
Slog.w(TAG, "Downgrade detected: " + e.getMessage());
|
||||
return PackageHelper.RECOMMEND_FAILED_VERSION_DOWNGRADE;
|
||||
}
|
||||
+ } else if (dataOwnerPs.isSystem()) {
|
||||
+ // Downgrade is permitted, but system apps can't be downgraded below
|
||||
+ // the version preloaded onto the system image
|
||||
+ final PackageSetting disabledPs = mSettings.getDisabledSystemPkgLPr(
|
||||
+ dataOwnerPs);
|
||||
+ if (disabledPs != null) {
|
||||
+ dataOwnerPkg = disabledPs.pkg;
|
||||
+ }
|
||||
+ try {
|
||||
+ checkDowngrade(dataOwnerPkg, pkgLite);
|
||||
+ } catch (PackageManagerException e) {
|
||||
+ String errorMsg = "System app: " + packageName
|
||||
+ + " cannot be downgraded to"
|
||||
+ + " older than its preloaded version on the system image. "
|
||||
+ + e.getMessage();
|
||||
+ Slog.w(TAG, errorMsg);
|
||||
+ return PackageHelper.RECOMMEND_FAILED_VERSION_DOWNGRADE;
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
52
Patches/LineageOS-17.1/android_frameworks_base/355764.patch
Normal file
52
Patches/LineageOS-17.1/android_frameworks_base/355764.patch
Normal file
@ -0,0 +1,52 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Songchun Fan <schfan@google.com>
|
||||
Date: Thu, 2 Feb 2023 10:35:56 -0800
|
||||
Subject: [PATCH] still allow debuggable for system app downgrades
|
||||
|
||||
Turns out we do have internal tests that downgrades system apps, so adding this exception to allow for that.
|
||||
|
||||
BUG: 267232653
|
||||
BUG: 256202273
|
||||
|
||||
Test: manual
|
||||
Change-Id: Ie281bbdc8788ee64ff99a7c5150da7ce7926235e
|
||||
(cherry picked from commit ceeca68b8c3f0ed8427b0212f63defe2f075146e)
|
||||
(cherry picked from commit on googleplex-android-review.googlesource.com host: 341669af524058dd4c64a176ddc54ada589591e1)
|
||||
Merged-In: Ie281bbdc8788ee64ff99a7c5150da7ce7926235e
|
||||
---
|
||||
.../server/pm/PackageManagerService.java | 22 +++++++++++--------
|
||||
1 file changed, 13 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
index 068cb345d463..58a0fdbed498 100644
|
||||
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
|
||||
@@ -15324,15 +15324,19 @@ public class PackageManagerService extends IPackageManager.Stub
|
||||
if (disabledPs != null) {
|
||||
dataOwnerPkg = disabledPs.pkg;
|
||||
}
|
||||
- try {
|
||||
- checkDowngrade(dataOwnerPkg, pkgLite);
|
||||
- } catch (PackageManagerException e) {
|
||||
- String errorMsg = "System app: " + packageName
|
||||
- + " cannot be downgraded to"
|
||||
- + " older than its preloaded version on the system image. "
|
||||
- + e.getMessage();
|
||||
- Slog.w(TAG, errorMsg);
|
||||
- return PackageHelper.RECOMMEND_FAILED_VERSION_DOWNGRADE;
|
||||
+ if (!Build.IS_DEBUGGABLE && !dataOwnerPkg.isDebuggable()) {
|
||||
+ // Only restrict non-debuggable builds and non-debuggable version of
|
||||
+ // the app
|
||||
+ try {
|
||||
+ checkDowngrade(dataOwnerPkg, pkgLite);
|
||||
+ } catch (PackageManagerException e) {
|
||||
+ String errorMsg = "System app: " + packageName
|
||||
+ + " cannot be downgraded to"
|
||||
+ + " older than its preloaded version on the system image. "
|
||||
+ + e.getMessage();
|
||||
+ Slog.w(TAG, errorMsg);
|
||||
+ return PackageHelper.RECOMMEND_FAILED_VERSION_DOWNGRADE;
|
||||
+ }
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,81 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Norman <danielnorman@google.com>
|
||||
Date: Thu, 9 Feb 2023 12:28:26 -0800
|
||||
Subject: [PATCH] Checks if AccessibilityServiceInfo is within parcelable size.
|
||||
|
||||
- If too large when parsing service XMLs then skip this service.
|
||||
- If too large when a service attempts to update its own info
|
||||
then throw an error.
|
||||
|
||||
Bug: 261589597
|
||||
Test: atest AccessibilityServiceInfoTest
|
||||
Change-Id: Iffc0cd48cc713f7904d68059e141cb7de5a4b906
|
||||
Merged-In: Iffc0cd48cc713f7904d68059e141cb7de5a4b906
|
||||
(cherry picked from commit on googleplex-android-review.googlesource.com host: 553232c29079fbeab28f95307d025c1426aa7142)
|
||||
Merged-In: Iffc0cd48cc713f7904d68059e141cb7de5a4b906
|
||||
---
|
||||
.../accessibilityservice/AccessibilityService.java | 4 ++++
|
||||
.../accessibilityservice/AccessibilityServiceInfo.java | 10 ++++++++++
|
||||
.../accessibility/AccessibilityManagerService.java | 6 ++++++
|
||||
3 files changed, 20 insertions(+)
|
||||
|
||||
diff --git a/core/java/android/accessibilityservice/AccessibilityService.java b/core/java/android/accessibilityservice/AccessibilityService.java
|
||||
index 90b80e73c323..5820dbee7e87 100644
|
||||
--- a/core/java/android/accessibilityservice/AccessibilityService.java
|
||||
+++ b/core/java/android/accessibilityservice/AccessibilityService.java
|
||||
@@ -1585,6 +1585,10 @@ public abstract class AccessibilityService extends Service {
|
||||
IAccessibilityServiceConnection connection =
|
||||
AccessibilityInteractionClient.getInstance().getConnection(mConnectionId);
|
||||
if (mInfo != null && connection != null) {
|
||||
+ if (!mInfo.isWithinParcelableSize()) {
|
||||
+ throw new IllegalStateException(
|
||||
+ "Cannot update service info: size is larger than safe parcelable limits.");
|
||||
+ }
|
||||
try {
|
||||
connection.setServiceInfo(mInfo);
|
||||
mInfo = null;
|
||||
diff --git a/core/java/android/accessibilityservice/AccessibilityServiceInfo.java b/core/java/android/accessibilityservice/AccessibilityServiceInfo.java
|
||||
index cf24b8e1ffa6..3cb35a8723ab 100644
|
||||
--- a/core/java/android/accessibilityservice/AccessibilityServiceInfo.java
|
||||
+++ b/core/java/android/accessibilityservice/AccessibilityServiceInfo.java
|
||||
@@ -31,6 +31,7 @@ import android.content.res.Resources;
|
||||
import android.content.res.TypedArray;
|
||||
import android.content.res.XmlResourceParser;
|
||||
import android.hardware.fingerprint.FingerprintManager;
|
||||
+import android.os.IBinder;
|
||||
import android.os.Parcel;
|
||||
import android.os.Parcelable;
|
||||
import android.util.AttributeSet;
|
||||
@@ -850,6 +851,15 @@ public class AccessibilityServiceInfo implements Parcelable {
|
||||
return 0;
|
||||
}
|
||||
|
||||
+ /** @hide */
|
||||
+ public final boolean isWithinParcelableSize() {
|
||||
+ final Parcel parcel = Parcel.obtain();
|
||||
+ writeToParcel(parcel, 0);
|
||||
+ final boolean result = parcel.dataSize() <= IBinder.MAX_IPC_SIZE;
|
||||
+ parcel.recycle();
|
||||
+ return result;
|
||||
+ }
|
||||
+
|
||||
public void writeToParcel(Parcel parcel, int flagz) {
|
||||
parcel.writeInt(eventTypes);
|
||||
parcel.writeStringArray(packageNames);
|
||||
diff --git a/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java b/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java
|
||||
index 457f27e679ef..194c90e125f9 100644
|
||||
--- a/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java
|
||||
+++ b/services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java
|
||||
@@ -1371,6 +1371,12 @@ public class AccessibilityManagerService extends IAccessibilityManager.Stub
|
||||
AccessibilityServiceInfo accessibilityServiceInfo;
|
||||
try {
|
||||
accessibilityServiceInfo = new AccessibilityServiceInfo(resolveInfo, mContext);
|
||||
+ if (!accessibilityServiceInfo.isWithinParcelableSize()) {
|
||||
+ Slog.e(LOG_TAG, "Skipping service "
|
||||
+ + accessibilityServiceInfo.getResolveInfo().getComponentInfo()
|
||||
+ + " because service info size is larger than safe parcelable limits.");
|
||||
+ continue;
|
||||
+ }
|
||||
mTempAccessibilityServiceInfoList.add(accessibilityServiceInfo);
|
||||
} catch (XmlPullParserException | IOException xppe) {
|
||||
Slog.e(LOG_TAG, "Error while initializing AccessibilityServiceInfo", xppe);
|
@ -0,0 +1,138 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Orion Hodson <oth@google.com>
|
||||
Date: Thu, 7 Apr 2022 21:42:04 +0100
|
||||
Subject: [PATCH] Uri: check authority and scheme as part of determining URI
|
||||
path
|
||||
|
||||
The interpretation of the path depends on whether the scheme or
|
||||
authority are specified and should be observed when unparcelling
|
||||
URIs.
|
||||
|
||||
Bug: 171966843
|
||||
Test: atest FrameworksCoreTests:android.net.UriTest
|
||||
Test: atest com.android.devicehealthchecks.SystemAppCheck
|
||||
Change-Id: I06981d1c6e387b16df792494523994518848db37
|
||||
Merged-In: I06981d1c6e387b16df792494523994518848db37
|
||||
(cherry picked from commit f37a94ae920fa5879c557603fc285942ec4b84b1)
|
||||
(cherry picked from commit on googleplex-android-review.googlesource.com host: c87f0623be4042c39a9b73f7a6e02aa116925e50)
|
||||
Merged-In: I06981d1c6e387b16df792494523994518848db37
|
||||
---
|
||||
core/java/android/net/Uri.java | 22 +++++---
|
||||
.../coretests/src/android/net/UriTest.java | 54 +++++++++++++++++++
|
||||
2 files changed, 69 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/core/java/android/net/Uri.java b/core/java/android/net/Uri.java
|
||||
index 8cf182b41566..06136a5e92bc 100644
|
||||
--- a/core/java/android/net/Uri.java
|
||||
+++ b/core/java/android/net/Uri.java
|
||||
@@ -1194,13 +1194,16 @@ public abstract class Uri implements Parcelable, Comparable<Uri> {
|
||||
}
|
||||
|
||||
static Uri readFrom(Parcel parcel) {
|
||||
- return new HierarchicalUri(
|
||||
- parcel.readString(),
|
||||
- Part.readFrom(parcel),
|
||||
- PathPart.readFrom(parcel),
|
||||
- Part.readFrom(parcel),
|
||||
- Part.readFrom(parcel)
|
||||
- );
|
||||
+ final String scheme = parcel.readString();
|
||||
+ final Part authority = Part.readFrom(parcel);
|
||||
+ // In RFC3986 the path should be determined based on whether there is a scheme or
|
||||
+ // authority present (https://www.rfc-editor.org/rfc/rfc3986.html#section-3.3).
|
||||
+ final boolean hasSchemeOrAuthority =
|
||||
+ (scheme != null && scheme.length() > 0) || !authority.isEmpty();
|
||||
+ final PathPart path = PathPart.readFrom(hasSchemeOrAuthority, parcel);
|
||||
+ final Part query = Part.readFrom(parcel);
|
||||
+ final Part fragment = Part.readFrom(parcel);
|
||||
+ return new HierarchicalUri(scheme, authority, path, query, fragment);
|
||||
}
|
||||
|
||||
public int describeContents() {
|
||||
@@ -2263,6 +2266,11 @@ public abstract class Uri implements Parcelable, Comparable<Uri> {
|
||||
}
|
||||
}
|
||||
|
||||
+ static PathPart readFrom(boolean hasSchemeOrAuthority, Parcel parcel) {
|
||||
+ final PathPart path = readFrom(parcel);
|
||||
+ return hasSchemeOrAuthority ? makeAbsolute(path) : path;
|
||||
+ }
|
||||
+
|
||||
/**
|
||||
* Creates a path from the encoded string.
|
||||
*
|
||||
diff --git a/core/tests/coretests/src/android/net/UriTest.java b/core/tests/coretests/src/android/net/UriTest.java
|
||||
index f20220c4ab9b..670aefd21d36 100644
|
||||
--- a/core/tests/coretests/src/android/net/UriTest.java
|
||||
+++ b/core/tests/coretests/src/android/net/UriTest.java
|
||||
@@ -48,6 +48,7 @@ public class UriTest extends TestCase {
|
||||
public void testParcelling() {
|
||||
parcelAndUnparcel(Uri.parse("foo:bob%20lee"));
|
||||
parcelAndUnparcel(Uri.fromParts("foo", "bob lee", "fragment"));
|
||||
+ parcelAndUnparcel(Uri.fromParts("https", "www.google.com", null));
|
||||
parcelAndUnparcel(new Uri.Builder()
|
||||
.scheme("http")
|
||||
.authority("crazybob.org")
|
||||
@@ -873,9 +874,62 @@ public class UriTest extends TestCase {
|
||||
Throwable targetException = expected.getTargetException();
|
||||
// Check that the exception was thrown for the correct reason.
|
||||
assertEquals("Unknown representation: 0", targetException.getMessage());
|
||||
+ } finally {
|
||||
+ parcel.recycle();
|
||||
}
|
||||
}
|
||||
|
||||
+ private Uri buildUriFromRawParcel(boolean argumentsEncoded,
|
||||
+ String scheme,
|
||||
+ String authority,
|
||||
+ String path,
|
||||
+ String query,
|
||||
+ String fragment) {
|
||||
+ // Representation value (from AbstractPart.REPRESENTATION_{ENCODED,DECODED}).
|
||||
+ final int representation = argumentsEncoded ? 1 : 2;
|
||||
+ Parcel parcel = Parcel.obtain();
|
||||
+ try {
|
||||
+ parcel.writeInt(3); // hierarchical
|
||||
+ parcel.writeString(scheme);
|
||||
+ parcel.writeInt(representation);
|
||||
+ parcel.writeString(authority);
|
||||
+ parcel.writeInt(representation);
|
||||
+ parcel.writeString(path);
|
||||
+ parcel.writeInt(representation);
|
||||
+ parcel.writeString(query);
|
||||
+ parcel.writeInt(representation);
|
||||
+ parcel.writeString(fragment);
|
||||
+ parcel.setDataPosition(0);
|
||||
+ return Uri.CREATOR.createFromParcel(parcel);
|
||||
+ } finally {
|
||||
+ parcel.recycle();
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ public void testUnparcelMalformedPath() {
|
||||
+ // Regression tests for b/171966843.
|
||||
+
|
||||
+ // Test cases with arguments encoded (covering testing `scheme` * `authority` options).
|
||||
+ Uri uri0 = buildUriFromRawParcel(true, "https", "google.com", "@evil.com", null, null);
|
||||
+ assertEquals("https://google.com/@evil.com", uri0.toString());
|
||||
+ Uri uri1 = buildUriFromRawParcel(true, null, "google.com", "@evil.com", "name=spark", "x");
|
||||
+ assertEquals("//google.com/@evil.com?name=spark#x", uri1.toString());
|
||||
+ Uri uri2 = buildUriFromRawParcel(true, "http:", null, "@evil.com", null, null);
|
||||
+ assertEquals("http::/@evil.com", uri2.toString());
|
||||
+ Uri uri3 = buildUriFromRawParcel(true, null, null, "@evil.com", null, null);
|
||||
+ assertEquals("@evil.com", uri3.toString());
|
||||
+
|
||||
+ // Test cases with arguments not encoded (covering testing `scheme` * `authority` options).
|
||||
+ Uri uriA = buildUriFromRawParcel(false, "https", "google.com", "@evil.com", null, null);
|
||||
+ assertEquals("https://google.com/%40evil.com", uriA.toString());
|
||||
+ Uri uriB = buildUriFromRawParcel(false, null, "google.com", "@evil.com", null, null);
|
||||
+ assertEquals("//google.com/%40evil.com", uriB.toString());
|
||||
+ Uri uriC = buildUriFromRawParcel(false, "http:", null, "@evil.com", null, null);
|
||||
+ assertEquals("http::/%40evil.com", uriC.toString());
|
||||
+ Uri uriD = buildUriFromRawParcel(false, null, null, "@evil.com", "name=spark", "y");
|
||||
+ assertEquals("%40evil.com?name%3Dspark#y", uriD.toString());
|
||||
+ }
|
||||
+
|
||||
public void testToSafeString() {
|
||||
checkToSafeString("tel:xxxxxx", "tel:Google");
|
||||
checkToSafeString("tel:xxxxxxxxxx", "tel:1234567890");
|
74
Patches/LineageOS-17.1/android_frameworks_base/355767.patch
Normal file
74
Patches/LineageOS-17.1/android_frameworks_base/355767.patch
Normal file
@ -0,0 +1,74 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Thomas Stuart <tjstuart@google.com>
|
||||
Date: Mon, 21 Nov 2022 17:38:21 -0800
|
||||
Subject: [PATCH] enforce stricter rules when registering phoneAccounts
|
||||
|
||||
- include disable accounts when looking up accounts for a package to
|
||||
check if the limit is reached (10)
|
||||
- put a new limit of 10 supported schemes
|
||||
- put a new limit of 256 characters per scheme
|
||||
- put a new limit of 256 characters per address
|
||||
- ensure the Icon can write to memory w/o throwing an exception
|
||||
|
||||
bug: 259064622
|
||||
bug: 256819769
|
||||
Test: cts + unit
|
||||
Change-Id: Ia7d8d00d9de0fb6694ded6a80c40bd55d7fdf7a7
|
||||
Merged-In: Ia7d8d00d9de0fb6694ded6a80c40bd55d7fdf7a7
|
||||
(cherry picked from commit on googleplex-android-review.googlesource.com host: a66a3156e03fbd1c3a29015db9193d66f2709f98)
|
||||
Merged-In: Ia7d8d00d9de0fb6694ded6a80c40bd55d7fdf7a7
|
||||
---
|
||||
.../java/android/telecom/PhoneAccount.java | 19 +++++++++++++++++++
|
||||
1 file changed, 19 insertions(+)
|
||||
|
||||
diff --git a/telecomm/java/android/telecom/PhoneAccount.java b/telecomm/java/android/telecom/PhoneAccount.java
|
||||
index 1b783b7beb7f..d0e9a40a1a15 100644
|
||||
--- a/telecomm/java/android/telecom/PhoneAccount.java
|
||||
+++ b/telecomm/java/android/telecom/PhoneAccount.java
|
||||
@@ -466,6 +466,11 @@ public final class PhoneAccount implements Parcelable {
|
||||
|
||||
/**
|
||||
* Sets the address. See {@link PhoneAccount#getAddress}.
|
||||
+ * <p>
|
||||
+ * Note: The entire URI value is limited to 256 characters. This check is
|
||||
+ * enforced when registering the PhoneAccount via
|
||||
+ * {@link TelecomManager#registerPhoneAccount(PhoneAccount)} and will cause an
|
||||
+ * {@link IllegalArgumentException} to be thrown if URI is over 256.
|
||||
*
|
||||
* @param value The address of the phone account.
|
||||
* @return The builder.
|
||||
@@ -499,6 +504,10 @@ public final class PhoneAccount implements Parcelable {
|
||||
|
||||
/**
|
||||
* Sets the icon. See {@link PhoneAccount#getIcon}.
|
||||
+ * <p>
|
||||
+ * Note: An {@link IllegalArgumentException} if the Icon cannot be written to memory.
|
||||
+ * This check is enforced when registering the PhoneAccount via
|
||||
+ * {@link TelecomManager#registerPhoneAccount(PhoneAccount)}
|
||||
*
|
||||
* @param icon The icon to set.
|
||||
*/
|
||||
@@ -532,6 +541,10 @@ public final class PhoneAccount implements Parcelable {
|
||||
/**
|
||||
* Specifies an additional URI scheme supported by the {@link PhoneAccount}.
|
||||
*
|
||||
+ * <p>
|
||||
+ * Each URI scheme is limited to 256 characters. Adding a scheme over 256 characters will
|
||||
+ * cause an {@link IllegalArgumentException} to be thrown when the account is registered.
|
||||
+ *
|
||||
* @param uriScheme The URI scheme.
|
||||
* @return The builder.
|
||||
*/
|
||||
@@ -545,6 +558,12 @@ public final class PhoneAccount implements Parcelable {
|
||||
/**
|
||||
* Specifies the URI schemes supported by the {@link PhoneAccount}.
|
||||
*
|
||||
+ * <p>
|
||||
+ * A max of 10 URI schemes can be added per account. Additionally, each URI scheme is
|
||||
+ * limited to 256 characters. Adding more than 10 URI schemes or 256 characters on any
|
||||
+ * scheme will cause an {@link IllegalArgumentException} to be thrown when the account
|
||||
+ * is registered.
|
||||
+ *
|
||||
* @param uriSchemes The URI schemes.
|
||||
* @return The builder.
|
||||
*/
|
@ -8,7 +8,7 @@ Subject: [PATCH] require OTHER_SENSORS permission for sensors
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/libs/sensor/Sensor.cpp b/libs/sensor/Sensor.cpp
|
||||
index abc910302c..8b6e96aef6 100644
|
||||
index 9d8c6c34e3..33ed125acb 100644
|
||||
--- a/libs/sensor/Sensor.cpp
|
||||
+++ b/libs/sensor/Sensor.cpp
|
||||
@@ -59,6 +59,7 @@ Sensor::Sensor(struct sensor_t const& hwSensor, const uuid_t& uuid, int halVersi
|
||||
|
@ -0,0 +1,35 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Devin Moore <devinmoore@google.com>
|
||||
Date: Fri, 17 Feb 2023 17:12:46 +0000
|
||||
Subject: [PATCH] Check for malformed Sensor Flattenable
|
||||
|
||||
Test: libsensorserviceaidl_fuzzer with testcase from bug
|
||||
Bug: 269014004
|
||||
Merged-In: I0e255c64243c38876fb657cbf942fc1613363216
|
||||
Change-Id: I0e255c64243c38876fb657cbf942fc1613363216
|
||||
(cherry picked from commit aeec1802f7befc8fbb18313ad3ac0969c3811870)
|
||||
Merged-In: I0e255c64243c38876fb657cbf942fc1613363216
|
||||
(cherry picked from commit on googleplex-android-review.googlesource.com host: f1aa5fb53437ec2fabc9be00099af836da5f07f2)
|
||||
Merged-In: I0e255c64243c38876fb657cbf942fc1613363216
|
||||
---
|
||||
libs/sensor/Sensor.cpp | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/libs/sensor/Sensor.cpp b/libs/sensor/Sensor.cpp
|
||||
index abc910302c..9d8c6c34e3 100644
|
||||
--- a/libs/sensor/Sensor.cpp
|
||||
+++ b/libs/sensor/Sensor.cpp
|
||||
@@ -591,7 +591,13 @@ bool Sensor::unflattenString8(void const*& buffer, size_t& size, String8& output
|
||||
return false;
|
||||
}
|
||||
outputString8.setTo(static_cast<char const*>(buffer), len);
|
||||
+
|
||||
+ if (size < FlattenableUtils::align<4>(len)) {
|
||||
+ ALOGE("Malformed Sensor String8 field. Should be in a 4-byte aligned buffer but is not.");
|
||||
+ return false;
|
||||
+ }
|
||||
FlattenableUtils::advance(buffer, size, FlattenableUtils::align<4>(len));
|
||||
+
|
||||
return true;
|
||||
}
|
||||
|
@ -0,0 +1,67 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Devin Moore <devinmoore@google.com>
|
||||
Date: Fri, 17 Feb 2023 19:35:25 +0000
|
||||
Subject: [PATCH] Remove some new memory leaks from SensorManager
|
||||
|
||||
After catching an error in Sensor::unflatten, there are memory leaks
|
||||
caught by the fuzzer in the same test case.
|
||||
|
||||
Test: libsensorserviceaidl_fuzzer with testcase from bug
|
||||
Bug: 269014004
|
||||
Merged-In: I509cceb41f56ca117d9475f6f6674244560fe582
|
||||
Change-Id: I509cceb41f56ca117d9475f6f6674244560fe582
|
||||
(cherry picked from commit c95fa0f0e7c7b73746ff850b85a79fc5f92b784e)
|
||||
Merged-In: I509cceb41f56ca117d9475f6f6674244560fe582
|
||||
(cherry picked from commit on googleplex-android-review.googlesource.com host: ceb0d52273256c6a5c5622bf81b0ac4ba106faa1)
|
||||
Merged-In: I509cceb41f56ca117d9475f6f6674244560fe582
|
||||
---
|
||||
libs/sensor/ISensorServer.cpp | 12 ++++++++++--
|
||||
libs/sensor/SensorManager.cpp | 5 +++++
|
||||
2 files changed, 15 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/libs/sensor/ISensorServer.cpp b/libs/sensor/ISensorServer.cpp
|
||||
index 5200545a53..b2f1ba2507 100644
|
||||
--- a/libs/sensor/ISensorServer.cpp
|
||||
+++ b/libs/sensor/ISensorServer.cpp
|
||||
@@ -66,7 +66,11 @@ public:
|
||||
v.setCapacity(n);
|
||||
while (n) {
|
||||
n--;
|
||||
- reply.read(s);
|
||||
+ if(reply.read(s) != OK) {
|
||||
+ ALOGE("Failed to read reply from getSensorList");
|
||||
+ v.clear();
|
||||
+ break;
|
||||
+ }
|
||||
v.add(s);
|
||||
}
|
||||
return v;
|
||||
@@ -84,7 +88,11 @@ public:
|
||||
v.setCapacity(n);
|
||||
while (n) {
|
||||
n--;
|
||||
- reply.read(s);
|
||||
+ if(reply.read(s) != OK) {
|
||||
+ ALOGE("Failed to read reply from getDynamicSensorList");
|
||||
+ v.clear();
|
||||
+ break;
|
||||
+ }
|
||||
v.add(s);
|
||||
}
|
||||
return v;
|
||||
diff --git a/libs/sensor/SensorManager.cpp b/libs/sensor/SensorManager.cpp
|
||||
index 96d5eb9d1f..e09672c9a4 100644
|
||||
--- a/libs/sensor/SensorManager.cpp
|
||||
+++ b/libs/sensor/SensorManager.cpp
|
||||
@@ -162,6 +162,11 @@ status_t SensorManager::assertStateLocked() {
|
||||
|
||||
mSensors = mSensorServer->getSensorList(mOpPackageName);
|
||||
size_t count = mSensors.size();
|
||||
+ if (count == 0) {
|
||||
+ ALOGE("Failed to get Sensor list");
|
||||
+ mSensorServer.clear();
|
||||
+ return UNKNOWN_ERROR;
|
||||
+ }
|
||||
mSensorList =
|
||||
static_cast<Sensor const**>(malloc(count * sizeof(Sensor*)));
|
||||
LOG_ALWAYS_FATAL_IF(mSensorList == nullptr, "mSensorList NULL");
|
@ -0,0 +1,71 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Anthony Stange <stange@google.com>
|
||||
Date: Tue, 21 Feb 2023 17:57:38 +0000
|
||||
Subject: [PATCH] Add removeInstanceForPackageMethod to SensorManager
|
||||
|
||||
In order to ensure that clients don't leak their sensor manager
|
||||
instance that we currently store in a static map, they need to be able
|
||||
to remove their instance. Otherwise, this instance is never removed from
|
||||
the list and will hang around until our SensorManage instance is
|
||||
destroyed.
|
||||
|
||||
Bug: 269014004
|
||||
Test: Run ./libsensorserviceaidl_fuzzer
|
||||
Change-Id: I52185f74ae8d28b379440235ca6f03c5089081f5
|
||||
(cherry picked from commit 9532f7c682fdd4b1e6e553cd6f61fc0cf2555902)
|
||||
Merged-In: I52185f74ae8d28b379440235ca6f03c5089081f5
|
||||
(cherry picked from commit on googleplex-android-review.googlesource.com host: 4521fbf8095439a1c1681b5c709b306a5dc1d1e3)
|
||||
Merged-In: I52185f74ae8d28b379440235ca6f03c5089081f5
|
||||
---
|
||||
libs/sensor/SensorManager.cpp | 10 ++++++++++
|
||||
libs/sensor/include/sensor/SensorManager.h | 1 +
|
||||
services/sensorservice/hidl/SensorManager.cpp | 3 +++
|
||||
3 files changed, 14 insertions(+)
|
||||
|
||||
diff --git a/libs/sensor/SensorManager.cpp b/libs/sensor/SensorManager.cpp
|
||||
index e09672c9a4..180a0ebd85 100644
|
||||
--- a/libs/sensor/SensorManager.cpp
|
||||
+++ b/libs/sensor/SensorManager.cpp
|
||||
@@ -92,6 +92,16 @@ SensorManager& SensorManager::getInstanceForPackage(const String16& packageName)
|
||||
return *sensorManager;
|
||||
}
|
||||
|
||||
+void SensorManager::removeInstanceForPackage(const String16& packageName) {
|
||||
+ Mutex::Autolock _l(sLock);
|
||||
+ auto iterator = sPackageInstances.find(packageName);
|
||||
+ if (iterator != sPackageInstances.end()) {
|
||||
+ SensorManager* sensorManager = iterator->second;
|
||||
+ delete sensorManager;
|
||||
+ sPackageInstances.erase(iterator);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
SensorManager::SensorManager(const String16& opPackageName)
|
||||
: mSensorList(nullptr), mOpPackageName(opPackageName), mDirectConnectionHandle(1) {
|
||||
Mutex::Autolock _l(mLock);
|
||||
diff --git a/libs/sensor/include/sensor/SensorManager.h b/libs/sensor/include/sensor/SensorManager.h
|
||||
index f09c9c67b4..127f74f4b2 100644
|
||||
--- a/libs/sensor/include/sensor/SensorManager.h
|
||||
+++ b/libs/sensor/include/sensor/SensorManager.h
|
||||
@@ -54,6 +54,7 @@ class SensorManager : public ASensorManager
|
||||
{
|
||||
public:
|
||||
static SensorManager& getInstanceForPackage(const String16& packageName);
|
||||
+ static void removeInstanceForPackage(const String16& packageName);
|
||||
~SensorManager();
|
||||
|
||||
ssize_t getSensorList(Sensor const* const** list);
|
||||
diff --git a/services/sensorservice/hidl/SensorManager.cpp b/services/sensorservice/hidl/SensorManager.cpp
|
||||
index 938060063f..0a4e68412d 100644
|
||||
--- a/services/sensorservice/hidl/SensorManager.cpp
|
||||
+++ b/services/sensorservice/hidl/SensorManager.cpp
|
||||
@@ -60,6 +60,9 @@ SensorManager::~SensorManager() {
|
||||
if (mPollThread.joinable()) {
|
||||
mPollThread.join();
|
||||
}
|
||||
+
|
||||
+ ::android::SensorManager::removeInstanceForPackage(
|
||||
+ String16(ISensorManager::descriptor));
|
||||
}
|
||||
|
||||
// Methods from ::android::frameworks::sensorservice::V1_0::ISensorManager follow.
|
@ -0,0 +1,443 @@
|
||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: Thomas Stuart <tjstuart@google.com>
|
||||
Date: Mon, 21 Nov 2022 17:36:52 -0800
|
||||
Subject: [PATCH] enforce stricter rules when registering phoneAccounts
|
||||
|
||||
- include disable accounts when looking up accounts for a package to
|
||||
check if the limit is reached (10)
|
||||
- put a new limit of 10 supported schemes
|
||||
- put a new limit of 256 characters per scheme
|
||||
- put a new limit of 256 characters per address
|
||||
- ensure the Icon can write to memory w/o an exception
|
||||
|
||||
bug: 259064622
|
||||
bug: 256819769
|
||||
Test: cts + unit
|
||||
Change-Id: I5eb2a127a44d5ec725d0ba39cb0ef478b12013de
|
||||
Merged-In: I5eb2a127a44d5ec725d0ba39cb0ef478b12013de
|
||||
(cherry picked from commit on googleplex-android-review.googlesource.com host: 56ef9e15506f71ae555a4535d5c0ac9bd3f587f1)
|
||||
Merged-In: I5eb2a127a44d5ec725d0ba39cb0ef478b12013de
|
||||
---
|
||||
.../server/telecom/PhoneAccountRegistrar.java | 183 ++++++++++++++++--
|
||||
.../server/telecom/TelecomServiceImpl.java | 4 +-
|
||||
.../tests/PhoneAccountRegistrarTest.java | 101 ++++++++++
|
||||
.../telecom/tests/TelecomServiceImplTest.java | 2 +-
|
||||
4 files changed, 274 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/src/com/android/server/telecom/PhoneAccountRegistrar.java b/src/com/android/server/telecom/PhoneAccountRegistrar.java
|
||||
index 13b176c25..219de7d03 100644
|
||||
--- a/src/com/android/server/telecom/PhoneAccountRegistrar.java
|
||||
+++ b/src/com/android/server/telecom/PhoneAccountRegistrar.java
|
||||
@@ -29,6 +29,7 @@ import android.graphics.Bitmap;
|
||||
import android.graphics.BitmapFactory;
|
||||
import android.graphics.drawable.Icon;
|
||||
import android.net.Uri;
|
||||
+import android.os.Binder;
|
||||
import android.os.Bundle;
|
||||
import android.os.AsyncTask;
|
||||
import android.os.PersistableBundle;
|
||||
@@ -140,9 +141,14 @@ public class PhoneAccountRegistrar {
|
||||
}
|
||||
|
||||
public static final String FILE_NAME = "phone-account-registrar-state.xml";
|
||||
+ public static final String ICON_ERROR_MSG =
|
||||
+ "Icon cannot be written to memory. Try compressing or downsizing";
|
||||
@VisibleForTesting
|
||||
public static final int EXPECTED_STATE_VERSION = 9;
|
||||
public static final int MAX_PHONE_ACCOUNT_REGISTRATIONS = 10;
|
||||
+ public static final int MAX_PHONE_ACCOUNT_EXTRAS_KEY_PAIR_LIMIT = 100;
|
||||
+ public static final int MAX_PHONE_ACCOUNT_FIELD_CHAR_LIMIT = 256;
|
||||
+ public static final int MAX_SCHEMES_PER_ACCOUNT = 10;
|
||||
|
||||
/** Keep in sync with the same in SipSettings.java */
|
||||
private static final String SIP_SHARED_PREFERENCES = "SIP_PREFERENCES";
|
||||
@@ -722,6 +728,15 @@ public class PhoneAccountRegistrar {
|
||||
return getPhoneAccountHandles(0, null, packageName, false, userHandle);
|
||||
}
|
||||
|
||||
+
|
||||
+ /**
|
||||
+ * includes disabled, includes crossUserAccess
|
||||
+ */
|
||||
+ public List<PhoneAccountHandle> getAllPhoneAccountHandlesForPackage(UserHandle userHandle,
|
||||
+ String packageName) {
|
||||
+ return getPhoneAccountHandles(0, null, packageName, true /* includeDisabled */, userHandle);
|
||||
+ }
|
||||
+
|
||||
/**
|
||||
* Determines if a {@link PhoneAccountHandle} is for a self-managed {@link ConnectionService}.
|
||||
* @param handle The handle.
|
||||
@@ -741,8 +756,11 @@ public class PhoneAccountRegistrar {
|
||||
* Performs checks before calling addOrReplacePhoneAccount(PhoneAccount)
|
||||
*
|
||||
* @param account The {@code PhoneAccount} to add or replace.
|
||||
- * @throws SecurityException if package does not have BIND_TELECOM_CONNECTION_SERVICE permission
|
||||
+ * @throws SecurityException if package does not have BIND_TELECOM_CONNECTION_SERVICE
|
||||
+ * permission
|
||||
* @throws IllegalArgumentException if MAX_PHONE_ACCOUNT_REGISTRATIONS are reached
|
||||
+ * @throws IllegalArgumentException if MAX_PHONE_ACCOUNT_FIELD_CHAR_LIMIT is reached
|
||||
+ * @throws IllegalArgumentException if writing the Icon to memory will cause an Exception
|
||||
*/
|
||||
public void registerPhoneAccount(PhoneAccount account) {
|
||||
// Enforce the requirement that a connection service for a phone account has the correct
|
||||
@@ -754,21 +772,155 @@ public class PhoneAccountRegistrar {
|
||||
throw new SecurityException("PhoneAccount connection service requires "
|
||||
+ "BIND_TELECOM_CONNECTION_SERVICE permission.");
|
||||
}
|
||||
- //Enforce an upper bound on the number of PhoneAccount's a package can register.
|
||||
- // Most apps should only require 1-2.
|
||||
- if (getPhoneAccountsForPackage(
|
||||
- account.getAccountHandle().getComponentName().getPackageName(),
|
||||
- account.getAccountHandle().getUserHandle()).size()
|
||||
+ enforceCharacterLimit(account);
|
||||
+ enforceIconSizeLimit(account);
|
||||
+ enforceMaxPhoneAccountLimit(account);
|
||||
+ addOrReplacePhoneAccount(account);
|
||||
+ }
|
||||
+
|
||||
+ /**
|
||||
+ * Enforce an upper bound on the number of PhoneAccount's a package can register.
|
||||
+ * Most apps should only require 1-2. * Include disabled accounts.
|
||||
+ *
|
||||
+ * @param account to enforce check on
|
||||
+ * @throws IllegalArgumentException if MAX_PHONE_ACCOUNT_REGISTRATIONS are reached
|
||||
+ */
|
||||
+ private void enforceMaxPhoneAccountLimit(@NonNull PhoneAccount account) {
|
||||
+ final PhoneAccountHandle accountHandle = account.getAccountHandle();
|
||||
+ final UserHandle user = accountHandle.getUserHandle();
|
||||
+ final ComponentName componentName = accountHandle.getComponentName();
|
||||
+
|
||||
+ if (getPhoneAccountHandles(0, null, componentName.getPackageName(),
|
||||
+ true /* includeDisabled */, user).size()
|
||||
>= MAX_PHONE_ACCOUNT_REGISTRATIONS) {
|
||||
- Log.w(this, "Phone account %s reached max registration limit for package",
|
||||
- account.getAccountHandle());
|
||||
+ EventLog.writeEvent(0x534e4554, "259064622", Binder.getCallingUid(),
|
||||
+ "enforceMaxPhoneAccountLimit");
|
||||
throw new IllegalArgumentException(
|
||||
"Error, cannot register phone account " + account.getAccountHandle()
|
||||
+ " because the limit, " + MAX_PHONE_ACCOUNT_REGISTRATIONS
|
||||
+ ", has been reached");
|
||||
}
|
||||
+ }
|
||||
+ /**
|
||||
+ * determine if there will be an issue writing the icon to memory
|
||||
+ *
|
||||
+ * @param account to enforce check on
|
||||
+ * @throws IllegalArgumentException if writing the Icon to memory will cause an Exception
|
||||
+ */
|
||||
+ @VisibleForTesting
|
||||
+ public void enforceIconSizeLimit(PhoneAccount account) {
|
||||
+ if (account.getIcon() == null) {
|
||||
+ return;
|
||||
+ }
|
||||
+ String text = "";
|
||||
+ // convert the icon into a Base64 String
|
||||
+ try {
|
||||
+ text = XmlSerialization.writeIconToBase64String(account.getIcon());
|
||||
+ } catch (IOException e) {
|
||||
+ EventLog.writeEvent(0x534e4554, "259064622", Binder.getCallingUid(),
|
||||
+ "enforceIconSizeLimit");
|
||||
+ throw new IllegalArgumentException(ICON_ERROR_MSG);
|
||||
+ }
|
||||
+ }
|
||||
|
||||
- addOrReplacePhoneAccount(account);
|
||||
+ /**
|
||||
+ * All {@link PhoneAccount} and{@link PhoneAccountHandle} String and Char-Sequence fields
|
||||
+ * should be restricted to character limit of MAX_PHONE_ACCOUNT_CHAR_LIMIT to prevent exceptions
|
||||
+ * when writing large character streams to XML-Serializer.
|
||||
+ *
|
||||
+ * @param account to enforce character limit checks on
|
||||
+ * @throws IllegalArgumentException if MAX_PHONE_ACCOUNT_FIELD_CHAR_LIMIT reached
|
||||
+ */
|
||||
+ public void enforceCharacterLimit(PhoneAccount account) {
|
||||
+ if (account == null) {
|
||||
+ return;
|
||||
+ }
|
||||
+ PhoneAccountHandle handle = account.getAccountHandle();
|
||||
+
|
||||
+ String[] fields =
|
||||
+ {"Package Name", "Class Name", "PhoneAccountHandle Id", "Label", "ShortDescription",
|
||||
+ "GroupId", "Address", "SubscriptionAddress"};
|
||||
+ CharSequence[] args = {handle.getComponentName().getPackageName(),
|
||||
+ handle.getComponentName().getClassName(), handle.getId(), account.getLabel(),
|
||||
+ account.getShortDescription(), account.getGroupId(),
|
||||
+ (account.getAddress() != null ? account.getAddress().toString() : ""),
|
||||
+ (account.getSubscriptionAddress() != null ?
|
||||
+ account.getSubscriptionAddress().toString() : "")};
|
||||
+
|
||||
+ for (int i = 0; i < fields.length; i++) {
|
||||
+ if (args[i] != null && args[i].length() > MAX_PHONE_ACCOUNT_FIELD_CHAR_LIMIT) {
|
||||
+ EventLog.writeEvent(0x534e4554, "259064622", Binder.getCallingUid(),
|
||||
+ "enforceCharacterLimit");
|
||||
+ throw new IllegalArgumentException("The PhoneAccount or PhoneAccountHandle"
|
||||
+ + fields[i] + " field has an invalid character count. PhoneAccount and "
|
||||
+ + "PhoneAccountHandle String and Char-Sequence fields are limited to "
|
||||
+ + MAX_PHONE_ACCOUNT_FIELD_CHAR_LIMIT + " characters.");
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ // Enforce limits on the URI Schemes provided
|
||||
+ enforceLimitsOnSchemes(account);
|
||||
+
|
||||
+ // Enforce limit on the PhoneAccount#mExtras
|
||||
+ Bundle extras = account.getExtras();
|
||||
+ if (extras != null) {
|
||||
+ if (extras.keySet().size() > MAX_PHONE_ACCOUNT_EXTRAS_KEY_PAIR_LIMIT) {
|
||||
+ EventLog.writeEvent(0x534e4554, "259064622", Binder.getCallingUid(),
|
||||
+ "enforceCharacterLimit");
|
||||
+ throw new IllegalArgumentException("The PhoneAccount#mExtras is limited to " +
|
||||
+ MAX_PHONE_ACCOUNT_EXTRAS_KEY_PAIR_LIMIT + " (key,value) pairs.");
|
||||
+ }
|
||||
+
|
||||
+ for (String key : extras.keySet()) {
|
||||
+ Object value = extras.get(key);
|
||||
+
|
||||
+ if ((key != null && key.length() > MAX_PHONE_ACCOUNT_FIELD_CHAR_LIMIT) ||
|
||||
+ (value instanceof String &&
|
||||
+ ((String) value).length() > MAX_PHONE_ACCOUNT_FIELD_CHAR_LIMIT)) {
|
||||
+ EventLog.writeEvent(0x534e4554, "259064622", Binder.getCallingUid(),
|
||||
+ "enforceCharacterLimit");
|
||||
+ throw new IllegalArgumentException("The PhoneAccount#mExtras contains a String"
|
||||
+ + " key or value that has an invalid character count. PhoneAccount and "
|
||||
+ + "PhoneAccountHandle String and Char-Sequence fields are limited to "
|
||||
+ + MAX_PHONE_ACCOUNT_FIELD_CHAR_LIMIT + " characters.");
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ /**
|
||||
+ * Enforce a character limit on all PA and PAH string or char-sequence fields.
|
||||
+ *
|
||||
+ * @param account to enforce check on
|
||||
+ * @throws IllegalArgumentException if MAX_PHONE_ACCOUNT_FIELD_CHAR_LIMIT reached
|
||||
+ */
|
||||
+ @VisibleForTesting
|
||||
+ public void enforceLimitsOnSchemes(@NonNull PhoneAccount account) {
|
||||
+ List<String> schemes = account.getSupportedUriSchemes();
|
||||
+
|
||||
+ if (schemes == null) {
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ if (schemes.size() > MAX_SCHEMES_PER_ACCOUNT) {
|
||||
+ EventLog.writeEvent(0x534e4554, "259064622", Binder.getCallingUid(),
|
||||
+ "enforceLimitsOnSchemes");
|
||||
+ throw new IllegalArgumentException(
|
||||
+ "Error, cannot register phone account " + account.getAccountHandle()
|
||||
+ + " because the URI scheme limit of "
|
||||
+ + MAX_SCHEMES_PER_ACCOUNT + " has been reached");
|
||||
+ }
|
||||
+
|
||||
+ for (String scheme : schemes) {
|
||||
+ if (scheme.length() > MAX_PHONE_ACCOUNT_FIELD_CHAR_LIMIT) {
|
||||
+ EventLog.writeEvent(0x534e4554, "259064622", Binder.getCallingUid(),
|
||||
+ "enforceLimitsOnSchemes");
|
||||
+ throw new IllegalArgumentException(
|
||||
+ "Error, cannot register phone account " + account.getAccountHandle()
|
||||
+ + " because the max scheme limit of "
|
||||
+ + MAX_PHONE_ACCOUNT_FIELD_CHAR_LIMIT + " has been reached");
|
||||
+ }
|
||||
+ }
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -1489,17 +1641,20 @@ public class PhoneAccountRegistrar {
|
||||
protected void writeIconIfNonNull(String tagName, Icon value, XmlSerializer serializer)
|
||||
throws IOException {
|
||||
if (value != null) {
|
||||
- ByteArrayOutputStream stream = new ByteArrayOutputStream();
|
||||
- value.writeToStream(stream);
|
||||
- byte[] iconByteArray = stream.toByteArray();
|
||||
- String text = Base64.encodeToString(iconByteArray, 0, iconByteArray.length, 0);
|
||||
-
|
||||
+ String text = writeIconToBase64String(value);
|
||||
serializer.startTag(null, tagName);
|
||||
serializer.text(text);
|
||||
serializer.endTag(null, tagName);
|
||||
}
|
||||
}
|
||||
|
||||
+ public static String writeIconToBase64String(Icon icon) throws IOException {
|
||||
+ ByteArrayOutputStream stream = new ByteArrayOutputStream();
|
||||
+ icon.writeToStream(stream);
|
||||
+ byte[] iconByteArray = stream.toByteArray();
|
||||
+ return Base64.encodeToString(iconByteArray, 0, iconByteArray.length, 0);
|
||||
+ }
|
||||
+
|
||||
protected void writeLong(String tagName, long value, XmlSerializer serializer)
|
||||
throws IOException {
|
||||
serializer.startTag(null, tagName);
|
||||
diff --git a/src/com/android/server/telecom/TelecomServiceImpl.java b/src/com/android/server/telecom/TelecomServiceImpl.java
|
||||
index d3bbab232..8c498fc55 100644
|
||||
--- a/src/com/android/server/telecom/TelecomServiceImpl.java
|
||||
+++ b/src/com/android/server/telecom/TelecomServiceImpl.java
|
||||
@@ -63,7 +63,9 @@ import com.android.server.telecom.settings.BlockedNumbersActivity;
|
||||
import java.io.FileDescriptor;
|
||||
import java.io.PrintWriter;
|
||||
import java.util.Collections;
|
||||
+import java.util.HashSet;
|
||||
import java.util.List;
|
||||
+import java.util.Set;
|
||||
|
||||
// TODO: Needed for move to system service: import com.android.internal.R;
|
||||
|
||||
@@ -292,7 +294,7 @@ public class TelecomServiceImpl {
|
||||
try {
|
||||
Log.startSession("TSI.gPAFP");
|
||||
return new ParceledListSlice<>(mPhoneAccountRegistrar
|
||||
- .getPhoneAccountsForPackage(packageName, callingUserHandle));
|
||||
+ .getAllPhoneAccountHandlesForPackage(callingUserHandle, packageName));
|
||||
} catch (Exception e) {
|
||||
Log.e(this, e, "getPhoneAccountsForPackage %s", packageName);
|
||||
throw e;
|
||||
diff --git a/tests/src/com/android/server/telecom/tests/PhoneAccountRegistrarTest.java b/tests/src/com/android/server/telecom/tests/PhoneAccountRegistrarTest.java
|
||||
index a978cfd24..f14a3f74e 100644
|
||||
--- a/tests/src/com/android/server/telecom/tests/PhoneAccountRegistrarTest.java
|
||||
+++ b/tests/src/com/android/server/telecom/tests/PhoneAccountRegistrarTest.java
|
||||
@@ -22,8 +22,18 @@ import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertNull;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.junit.Assert.fail;
|
||||
+import static org.mockito.ArgumentMatchers.any;
|
||||
+import static org.mockito.ArgumentMatchers.anyObject;
|
||||
+import static org.mockito.ArgumentMatchers.isA;
|
||||
import static org.mockito.Matchers.anyInt;
|
||||
import static org.mockito.Matchers.anyString;
|
||||
+import static org.mockito.Mockito.clearInvocations;
|
||||
+import static org.mockito.Mockito.doThrow;
|
||||
+import static org.mockito.Mockito.mock;
|
||||
+import static org.mockito.Mockito.never;
|
||||
+import static org.mockito.Mockito.spy;
|
||||
+import static org.mockito.Mockito.times;
|
||||
+import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import android.content.ComponentName;
|
||||
@@ -69,6 +79,8 @@ import java.io.BufferedOutputStream;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.File;
|
||||
+import java.io.IOException;
|
||||
+import java.io.OutputStream;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
@@ -80,6 +92,9 @@ public class PhoneAccountRegistrarTest extends TelecomTestCase {
|
||||
private static final int MAX_VERSION = Integer.MAX_VALUE;
|
||||
private static final String FILE_NAME = "phone-account-registrar-test-1223.xml";
|
||||
private static final String TEST_LABEL = "right";
|
||||
+ private static final String TEST_ID = "123";
|
||||
+ private final String PACKAGE_1 = "PACKAGE_1";
|
||||
+ private final String PACKAGE_2 = "PACKAGE_2";
|
||||
private PhoneAccountRegistrar mRegistrar;
|
||||
@Mock private TelecomManager mTelecomManager;
|
||||
@Mock private DefaultDialerCache mDefaultDialerCache;
|
||||
@@ -942,6 +957,92 @@ public class PhoneAccountRegistrarTest extends TelecomTestCase {
|
||||
assertFalse(PhoneAccountHandle.areFromSamePackage(null, d));
|
||||
}
|
||||
|
||||
+ /**
|
||||
+ * Ensure an IllegalArgumentException is thrown when adding more than 10 schemes for a single
|
||||
+ * account
|
||||
+ */
|
||||
+ @Test
|
||||
+ public void testLimitOnSchemeCount() {
|
||||
+ PhoneAccountHandle handle = makeQuickAccountHandle(TEST_ID);
|
||||
+ PhoneAccount.Builder builder = new PhoneAccount.Builder(handle, TEST_LABEL);
|
||||
+ for (int i = 0; i < PhoneAccountRegistrar.MAX_PHONE_ACCOUNT_REGISTRATIONS + 1; i++) {
|
||||
+ builder.addSupportedUriScheme(Integer.toString(i));
|
||||
+ }
|
||||
+ try {
|
||||
+ mRegistrar.enforceLimitsOnSchemes(builder.build());
|
||||
+ fail("should have hit exception in enforceLimitOnSchemes");
|
||||
+ } catch (IllegalArgumentException e) {
|
||||
+ // pass test
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ /**
|
||||
+ * Ensure an IllegalArgumentException is thrown when adding more 256 chars for a single
|
||||
+ * account
|
||||
+ */
|
||||
+ @Test
|
||||
+ public void testLimitOnSchemeLength() {
|
||||
+ PhoneAccountHandle handle = makeQuickAccountHandle(TEST_ID);
|
||||
+ PhoneAccount.Builder builder = new PhoneAccount.Builder(handle, TEST_LABEL);
|
||||
+ builder.addSupportedUriScheme(generateStringOfLen(257));
|
||||
+ try {
|
||||
+ mRegistrar.enforceLimitsOnSchemes(builder.build());
|
||||
+ fail("should have hit exception in enforceLimitOnSchemes");
|
||||
+ } catch (IllegalArgumentException e) {
|
||||
+ // pass test
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ /**
|
||||
+ * Ensure an IllegalArgumentException is thrown when adding an address over the limit
|
||||
+ */
|
||||
+ @Test
|
||||
+ public void testLimitOnAddress() {
|
||||
+ String text = generateStringOfLen(100);
|
||||
+ PhoneAccountHandle handle = makeQuickAccountHandle(TEST_ID);
|
||||
+ PhoneAccount.Builder builder = new PhoneAccount.Builder(handle,TEST_LABEL)
|
||||
+ .setAddress(Uri.fromParts(text, text, text));
|
||||
+ try {
|
||||
+ mRegistrar.enforceCharacterLimit(builder.build());
|
||||
+ fail("failed to throw IllegalArgumentException");
|
||||
+ } catch (IllegalArgumentException e) {
|
||||
+ // pass test
|
||||
+ }
|
||||
+ finally {
|
||||
+ mRegistrar.unregisterPhoneAccount(handle);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ /**
|
||||
+ * Ensure an IllegalArgumentException is thrown when an Icon that throws an IOException is given
|
||||
+ */
|
||||
+ @Test
|
||||
+ public void testLimitOnIcon() throws Exception {
|
||||
+ Icon mockIcon = mock(Icon.class);
|
||||
+ // GIVEN
|
||||
+ PhoneAccount.Builder builder = new PhoneAccount.Builder(
|
||||
+ makeQuickAccountHandle(TEST_ID), TEST_LABEL).setIcon(mockIcon);
|
||||
+ try {
|
||||
+ // WHEN
|
||||
+ Mockito.doThrow(new IOException())
|
||||
+ .when(mockIcon).writeToStream(any(OutputStream.class));
|
||||
+ //THEN
|
||||
+ mRegistrar.enforceIconSizeLimit(builder.build());
|
||||
+ fail("failed to throw IllegalArgumentException");
|
||||
+ } catch (IllegalArgumentException e) {
|
||||
+ // pass test
|
||||
+ assertTrue(e.getMessage().contains(PhoneAccountRegistrar.ICON_ERROR_MSG));
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ private String generateStringOfLen(int len){
|
||||
+ StringBuilder sb = new StringBuilder();
|
||||
+ for(int i=0; i < len; i++){
|
||||
+ sb.append("a");
|
||||
+ }
|
||||
+ return sb.toString();
|
||||
+ }
|
||||
+
|
||||
private static ComponentName makeQuickConnectionServiceComponentName() {
|
||||
return new ComponentName(
|
||||
"com.android.server.telecom.tests",
|
||||
diff --git a/tests/src/com/android/server/telecom/tests/TelecomServiceImplTest.java b/tests/src/com/android/server/telecom/tests/TelecomServiceImplTest.java
|
||||
index 2130121ac..00d8000e4 100644
|
||||
--- a/tests/src/com/android/server/telecom/tests/TelecomServiceImplTest.java
|
||||
+++ b/tests/src/com/android/server/telecom/tests/TelecomServiceImplTest.java
|
||||
@@ -392,7 +392,7 @@ public class TelecomServiceImplTest extends TelecomTestCase {
|
||||
add(SIP_PA_HANDLE_17);
|
||||
}};
|
||||
when(mFakePhoneAccountRegistrar
|
||||
- .getPhoneAccountsForPackage(anyString(), any(UserHandle.class)))
|
||||
+ .getAllPhoneAccountHandlesForPackage(any(UserHandle.class), anyString()))
|
||||
.thenReturn(phoneAccountHandleList);
|
||||
makeAccountsVisibleToAllUsers(TEL_PA_HANDLE_16, SIP_PA_HANDLE_17);
|
||||
assertEquals(phoneAccountHandleList,
|
@ -97,7 +97,7 @@ sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aap
|
||||
awk -i inplace '!/updatable_apex.mk/' target/product/mainline_system.mk; #Disable APEX
|
||||
sed -i 's/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 23/PLATFORM_MIN_SUPPORTED_TARGET_SDK_VERSION := 28/' core/version_defaults.mk; #Set the minimum supported target SDK to Pie (GrapheneOS)
|
||||
#sed -i 's/PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS := true/PRODUCT_OTA_ENFORCE_VINTF_KERNEL_REQUIREMENTS := false/' core/product_config.mk; #broken by hardenDefconfig
|
||||
sed -i 's/2023-02-05/2023-04-05/' core/version_defaults.mk; #Bump Security String #Q_asb_2023-04 #XXX
|
||||
sed -i 's/2023-02-05/2023-05-05/' core/version_defaults.mk; #Bump Security String #Q_asb_2023-05 #XXX
|
||||
fi;
|
||||
|
||||
if enterAndClear "build/soong"; then
|
||||
@ -153,6 +153,11 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/353948-backport.patch"; #R_asb_
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/353949-backport.patch"; #R_asb_2023-04 Strip part of the activity info of another uid if no privilege
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/353950-backport.patch"; #R_asb_2023-04 Add a limit on channel group creation
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/353951-backport.patch"; #R_asb_2023-04 Fix bypass BG-FGS and BAL via package manager APIs #XXX
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/355763-backport.patch"; #R_asb_2023-05 [pm] Prevent system app downgrades of versions lower than preload #XXX: really should have next patch
|
||||
#applyPatch "$DOS_PATCHES/android_frameworks_base/355764.patch"; #R_asb_2023-05 [pm] Still allow debuggable for system app downgrades #TODO: needs backport of isDebuggable #XXX: should be safe to ignore for -user builds
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/355765-backport.patch"; #R_asb_2023-05 Checks if AccessibilityServiceInfo is within parcelable size.
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/355766-backport.patch"; #R_asb_2023-05 Uri: check authority and scheme as part of determining URI path
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/355767.patch"; #R_asb_2023-05 Enforce stricter rules when registering phoneAccounts
|
||||
#applyPatch "$DOS_PATCHES/android_frameworks_base/272645.patch"; #ten-bt-sbc-hd-dualchannel: Add CHANNEL_MODE_DUAL_CHANNEL constant (ValdikSS)
|
||||
#applyPatch "$DOS_PATCHES/android_frameworks_base/272646-forwardport.patch"; #ten-bt-sbc-hd-dualchannel: Add Dual Channel into Bluetooth Audio Channel Mode developer options menu (ValdikSS)
|
||||
#applyPatch "$DOS_PATCHES/android_frameworks_base/272647.patch"; #ten-bt-sbc-hd-dualchannel: Allow SBC as HD audio codec in Bluetooth device configuration (ValdikSS)
|
||||
@ -213,6 +218,9 @@ fi;
|
||||
|
||||
if enterAndClear "frameworks/native"; then
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_native/353953-backport.patch"; #R_asb_2023-04 Mitigate the security vulnerability by sanitizing the transaction flags.
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_native/355772.patch"; #R_asb_2023-05 Check for malformed Sensor Flattenable
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_native/355773.patch"; #R_asb_2023-05 Remove some new memory leaks from SensorManager
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_native/355774.patch"; #R_asb_2023-05 Add removeInstanceForPackageMethod to SensorManager
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_native/0001-Sensors.patch"; #Require OTHER_SENSORS permission for sensors (GrapheneOS)
|
||||
fi;
|
||||
|
||||
@ -387,6 +395,7 @@ fi;
|
||||
if enterAndClear "packages/services/Telecomm"; then
|
||||
applyPatch "$DOS_PATCHES/android_packages_services_Telecomm/353958-backport.patch"; #R_asb_2023-04 Ensure service unbind when receiving a null call screening service in onBind.
|
||||
applyPatch "$DOS_PATCHES/android_packages_services_Telecomm/353959.patch"; #R_asb_2023-04 Do not process content uri in call Intents
|
||||
applyPatch "$DOS_PATCHES/android_packages_services_Telecomm/355777-backport.patch"; #R_asb_2023-05 enforce stricter rules when registering phoneAccounts
|
||||
fi;
|
||||
|
||||
if enterAndClear "prebuilts/abi-dumps/vndk"; then
|
||||
|
Loading…
Reference in New Issue
Block a user