From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: "Nate(Qiang) Jiang" Date: Thu, 13 Apr 2023 21:20:37 +0000 Subject: [PATCH] DO NOT MERGE: Add size check on PPS#policy Bug: 275340417 Test: atest android.net.wifi (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d1afd2c47d086e0365bf6814a9f47555c294769f) Merged-In: I6e6128b7ed5327da8dbc9186a82bef0f2e4197bb Change-Id: I6e6128b7ed5327da8dbc9186a82bef0f2e4197bb --- .../android/net/wifi/hotspot2/pps/Policy.java | 28 ++++++++++++++++--- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/wifi/java/android/net/wifi/hotspot2/pps/Policy.java b/wifi/java/android/net/wifi/hotspot2/pps/Policy.java index b0a2cc397c53..4bdacebda060 100644 --- a/wifi/java/android/net/wifi/hotspot2/pps/Policy.java +++ b/wifi/java/android/net/wifi/hotspot2/pps/Policy.java @@ -16,6 +16,9 @@ package android.net.wifi.hotspot2.pps; +import static android.net.wifi.hotspot2.PasspointConfiguration.MAX_NUMBER_OF_ENTRIES; +import static android.net.wifi.hotspot2.PasspointConfiguration.MAX_STRING_LENGTH; + import android.os.Parcel; import android.os.Parcelable; import android.text.TextUtils; @@ -269,11 +272,19 @@ public final class Policy implements Parcelable { */ public boolean validate() { if (TextUtils.isEmpty(mFqdn)) { - Log.d(TAG, "Missing FQDN"); + Log.e(TAG, "Missing FQDN"); + return false; + } + if (mFqdn.getBytes(StandardCharsets.UTF_8).length > MAX_STRING_LENGTH) { + Log.e(TAG, "FQDN is too long"); return false; } if (TextUtils.isEmpty(mCountries)) { - Log.d(TAG, "Missing countries"); + Log.e(TAG, "Missing countries"); + return false; + } + if (mCountries.getBytes(StandardCharsets.UTF_8).length > MAX_STRING_LENGTH) { + Log.e(TAG, "country is too long"); return false; } return true; @@ -449,7 +460,7 @@ public final class Policy implements Parcelable { } for (String ssid : mExcludedSsidList) { if (ssid.getBytes(StandardCharsets.UTF_8).length > MAX_SSID_BYTES) { - Log.d(TAG, "Invalid SSID: " + ssid); + Log.e(TAG, "Invalid SSID: " + ssid); return false; } } @@ -457,15 +468,24 @@ public final class Policy implements Parcelable { // Validate required protocol to port map. if (mRequiredProtoPortMap != null) { for (Map.Entry entry : mRequiredProtoPortMap.entrySet()) { + int protocol = entry.getKey(); + if (protocol < 0 || protocol > 255) { + Log.e(TAG, "Invalid IP protocol: " + protocol); + return false; + } String portNumber = entry.getValue(); if (portNumber.getBytes(StandardCharsets.UTF_8).length > MAX_PORT_STRING_BYTES) { - Log.d(TAG, "PortNumber string bytes exceeded the max: " + portNumber); + Log.e(TAG, "PortNumber string bytes exceeded the max: " + portNumber); return false; } } } // Validate preferred roaming partner list. if (mPreferredRoamingPartnerList != null) { + if (mPreferredRoamingPartnerList.size() > MAX_NUMBER_OF_ENTRIES) { + Log.e(TAG, "Number of the Preferred Roaming Partner exceed the limit"); + return false; + } for (RoamingPartner partner : mPreferredRoamingPartnerList) { if (!partner.validate()) { return false;