From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Hans Boehm Date: Tue, 2 Jan 2024 16:53:13 -0800 Subject: [PATCH] Check hidden API exemptions Refuse to deal with newlines and null characters in HiddenApiSettings.update(). Also disallow nulls in process start arguments. Bug: 316153291 Test: Treehugger for now (cherry picked from commit 7ba059e2cf0a2c20f9a849719cdc32b12c933a44) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:60669aa49aba34c0950d6246bd95b54f91a3c8e8) Merged-In: I83cd60e46407a4a082f9f3c80e937dbd522dbac4 Change-Id: I83cd60e46407a4a082f9f3c80e937dbd522dbac4 --- core/java/android/os/ZygoteProcess.java | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/core/java/android/os/ZygoteProcess.java b/core/java/android/os/ZygoteProcess.java index 0417a4c8959c..ff4131c2398d 100644 --- a/core/java/android/os/ZygoteProcess.java +++ b/core/java/android/os/ZygoteProcess.java @@ -411,6 +411,8 @@ public class ZygoteProcess { throw new ZygoteStartFailedEx("Embedded newlines not allowed"); } else if (arg.indexOf('\r') >= 0) { throw new ZygoteStartFailedEx("Embedded carriage returns not allowed"); + } else if (arg.indexOf('\u0000') >= 0) { + throw new ZygoteStartFailedEx("Embedded nulls not allowed"); } } @@ -869,6 +871,14 @@ public class ZygoteProcess { return true; } + for (/* NonNull */ String s : mApiBlacklistExemptions) { + // indexOf() is intrinsified and faster than contains(). + if (s.indexOf('\n') >= 0 || s.indexOf('\r') >= 0 || s.indexOf('\u0000') >= 0) { + Slog.e(LOG_TAG, "Failed to set API denylist exemptions: Bad character"); + mApiBlacklistExemptions = Collections.emptyList(); + return false; + } + } try { state.mZygoteOutputWriter.write(Integer.toString(mApiBlacklistExemptions.size() + 1)); state.mZygoteOutputWriter.newLine();