DivestOS/Patches/LineageOS-17.1/android_frameworks_base/365411.patch

86 lines
3.8 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: "Nate(Qiang) Jiang" <qiangjiang@google.com>
Date: Thu, 13 Apr 2023 21:20:37 +0000
Subject: [PATCH] DO NOT MERGE: Add size check on PPS#policy
Bug: 275340417
Test: atest android.net.wifi
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d1afd2c47d086e0365bf6814a9f47555c294769f)
Merged-In: I6e6128b7ed5327da8dbc9186a82bef0f2e4197bb
Change-Id: I6e6128b7ed5327da8dbc9186a82bef0f2e4197bb
---
.../android/net/wifi/hotspot2/pps/Policy.java | 28 ++++++++++++++++---
1 file changed, 24 insertions(+), 4 deletions(-)
diff --git a/wifi/java/android/net/wifi/hotspot2/pps/Policy.java b/wifi/java/android/net/wifi/hotspot2/pps/Policy.java
index b0a2cc397c53..4bdacebda060 100644
--- a/wifi/java/android/net/wifi/hotspot2/pps/Policy.java
+++ b/wifi/java/android/net/wifi/hotspot2/pps/Policy.java
@@ -16,6 +16,9 @@
package android.net.wifi.hotspot2.pps;
+import static android.net.wifi.hotspot2.PasspointConfiguration.MAX_NUMBER_OF_ENTRIES;
+import static android.net.wifi.hotspot2.PasspointConfiguration.MAX_STRING_LENGTH;
+
import android.os.Parcel;
import android.os.Parcelable;
import android.text.TextUtils;
@@ -269,11 +272,19 @@ public final class Policy implements Parcelable {
*/
public boolean validate() {
if (TextUtils.isEmpty(mFqdn)) {
- Log.d(TAG, "Missing FQDN");
+ Log.e(TAG, "Missing FQDN");
+ return false;
+ }
+ if (mFqdn.getBytes(StandardCharsets.UTF_8).length > MAX_STRING_LENGTH) {
+ Log.e(TAG, "FQDN is too long");
return false;
}
if (TextUtils.isEmpty(mCountries)) {
- Log.d(TAG, "Missing countries");
+ Log.e(TAG, "Missing countries");
+ return false;
+ }
+ if (mCountries.getBytes(StandardCharsets.UTF_8).length > MAX_STRING_LENGTH) {
+ Log.e(TAG, "country is too long");
return false;
}
return true;
@@ -449,7 +460,7 @@ public final class Policy implements Parcelable {
}
for (String ssid : mExcludedSsidList) {
if (ssid.getBytes(StandardCharsets.UTF_8).length > MAX_SSID_BYTES) {
- Log.d(TAG, "Invalid SSID: " + ssid);
+ Log.e(TAG, "Invalid SSID: " + ssid);
return false;
}
}
@@ -457,15 +468,24 @@ public final class Policy implements Parcelable {
// Validate required protocol to port map.
if (mRequiredProtoPortMap != null) {
for (Map.Entry<Integer, String> entry : mRequiredProtoPortMap.entrySet()) {
+ int protocol = entry.getKey();
+ if (protocol < 0 || protocol > 255) {
+ Log.e(TAG, "Invalid IP protocol: " + protocol);
+ return false;
+ }
String portNumber = entry.getValue();
if (portNumber.getBytes(StandardCharsets.UTF_8).length > MAX_PORT_STRING_BYTES) {
- Log.d(TAG, "PortNumber string bytes exceeded the max: " + portNumber);
+ Log.e(TAG, "PortNumber string bytes exceeded the max: " + portNumber);
return false;
}
}
}
// Validate preferred roaming partner list.
if (mPreferredRoamingPartnerList != null) {
+ if (mPreferredRoamingPartnerList.size() > MAX_NUMBER_OF_ENTRIES) {
+ Log.e(TAG, "Number of the Preferred Roaming Partner exceed the limit");
+ return false;
+ }
for (RoamingPartner partner : mPreferredRoamingPartnerList) {
if (!partner.validate()) {
return false;