mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2025-01-06 21:28:02 -05:00
082bc48c32
https://review.lineageos.org/q/topic:P_asb_2022-05 https://review.lineageos.org/q/topic:P_asb_2022-06 https://review.lineageos.org/q/topic:P_asb_2022-07 https://review.lineageos.org/q/topic:P_asb_2022-08 https://review.lineageos.org/q/topic:P_asb_2022-09 https://review.lineageos.org/q/topic:P_asb_2022-10 https://review.lineageos.org/q/topic:P_asb_2022-11 https://review.lineageos.org/q/topic:P_asb_2022-12 https://review.lineageos.org/q/topic:P_asb_2023-01 https://review.lineageos.org/q/topic:P_asb_2023-02 https://review.lineageos.org/q/topic:P_asb_2023-03 https://review.lineageos.org/q/topic:P_asb_2023-04 https://review.lineageos.org/q/topic:P_asb_2023-05 https://review.lineageos.org/q/topic:P_asb_2023-06 https://review.lineageos.org/q/topic:P_asb_2023-07 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_freetype/+/361250 https://review.lineageos.org/q/topic:P_asb_2023-08 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_freetype/+/364606 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/365328 https://review.lineageos.org/q/topic:P_asb_2023-09 https://review.lineageos.org/q/topic:P_asb_2023-10 https://review.lineageos.org/q/topic:P_asb_2023-11 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/374916 https://review.lineageos.org/q/topic:P_asb_2023-12 https://review.lineageos.org/q/topic:P_asb_2024-01 https://review.lineageos.org/q/topic:P_asb_2024-02 https://review.lineageos.org/q/topic:P_asb_2024-03 https://review.lineageos.org/q/topic:P_asb_2024-04 Signed-off-by: Tavi <tavi@divested.dev>
71 lines
3.1 KiB
Diff
71 lines
3.1 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: chiachangwang <chiachangwang@google.com>
|
|
Date: Thu, 2 Jun 2022 10:22:20 +0000
|
|
Subject: [PATCH] Stop using invalid URL to prevent unexpected crash
|
|
|
|
Verify the input PAC Uri before performing follow-up actions.
|
|
|
|
Check if the URL is a valid URL to filter some invalid URLs since
|
|
these invalid URLs could not fall into any subclass of existing
|
|
URLConnections. When the PAC Uri is other invalid URL scheme, it
|
|
will cause an UnsupportedOperationException if there is no proper
|
|
subclass that implements the openConnection() method.
|
|
A malformed URL may crash the system.
|
|
|
|
Even it's a valid URL, some subclasses(e.g. JarURLConnection)
|
|
may not have openConnection() implemented. It will also hit the
|
|
problem, so convert the possbile exception from openConnection()
|
|
to re-throw it to IOException which is handled in the existing
|
|
code.
|
|
|
|
Bug: 219498290
|
|
Test: atest FrameworksNetTests CtsNetTestCases
|
|
Test: Test with malformed URL
|
|
Merged-In: I22903414380b62051f514e43b93af992f45740b4
|
|
Merged-In: I2abff75ec59a17628ef006aad348c53fadbed076
|
|
Change-Id: I4d6cec1da9cf3f70dec0dcf4223254d3da4f30a3
|
|
(cherry picked from commit 6390b37a3b32fc7583154d53fda3af8fbd95f59f)
|
|
(cherry picked from commit 6d6f4106948bbad67b9845603392d084078997c4)
|
|
Merged-In: I4d6cec1da9cf3f70dec0dcf4223254d3da4f30a3
|
|
---
|
|
.../server/connectivity/PacManager.java | 19 +++++++++++++++++--
|
|
1 file changed, 17 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/services/core/java/com/android/server/connectivity/PacManager.java b/services/core/java/com/android/server/connectivity/PacManager.java
|
|
index 3a27fcb352aa..f597c8135701 100644
|
|
--- a/services/core/java/com/android/server/connectivity/PacManager.java
|
|
+++ b/services/core/java/com/android/server/connectivity/PacManager.java
|
|
@@ -37,6 +37,7 @@ import android.os.SystemClock;
|
|
import android.os.SystemProperties;
|
|
import android.provider.Settings;
|
|
import android.util.Log;
|
|
+import android.webkit.URLUtil;
|
|
|
|
import com.android.internal.annotations.GuardedBy;
|
|
import com.android.net.IProxyCallback;
|
|
@@ -211,8 +212,22 @@ public class PacManager {
|
|
* @throws IOException
|
|
*/
|
|
private static String get(Uri pacUri) throws IOException {
|
|
- URL url = new URL(pacUri.toString());
|
|
- URLConnection urlConnection = url.openConnection(java.net.Proxy.NO_PROXY);
|
|
+ if (!URLUtil.isValidUrl(pacUri.toString())) {
|
|
+ throw new IOException("Malformed URL:" + pacUri);
|
|
+ }
|
|
+
|
|
+ final URL url = new URL(pacUri.toString());
|
|
+ URLConnection urlConnection;
|
|
+ try {
|
|
+ urlConnection = url.openConnection(java.net.Proxy.NO_PROXY);
|
|
+ // Catch the possible exceptions and rethrow as IOException to not to crash the system
|
|
+ // for illegal input.
|
|
+ } catch (IllegalArgumentException e) {
|
|
+ throw new IOException("Incorrect proxy type for " + pacUri);
|
|
+ } catch (UnsupportedOperationException e) {
|
|
+ throw new IOException("Unsupported URL connection type for " + pacUri);
|
|
+ }
|
|
+
|
|
long contentLength = -1;
|
|
try {
|
|
contentLength = Long.parseLong(urlConnection.getHeaderField("Content-Length"));
|