Merge "[conflict] [conflict] Merge "Validate package name passed to setApplicationRestrictions." into qt-dev am: 0b5ceb8cd2 am: 9f864c4b23 am: ef2a1d60be am: 043b90b360" into sc-dev am: b62eeefe44

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/19874087 Change-Id: I4e78acfab2b553ff55fd2bd81473cb3ac1c596f8 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
author: Liana Kazanova <lkazanova@google.com> 2022-09-07 23:17:57 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2022-09-07 23:17:57 +0000
commit: 2499b9608171f0b451fb8f25876226553a902da3 (patch)
tree: 3f3e6500cfde3520eb029eeb04b6ceacdf03618e
parent: b82c4ea9413e6da5335398d43cde89a53311660b (diff)
parent: b62eeefe44f8c9b4751b6fb1376b600d96bcb5da (diff)
2 files changed, 48 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
index 8334d537bbf9..d441b76406c2 100644
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java
@@ -87,6 +87,7 @@ import android.stats.devicepolicy.DevicePolicyEnums;
 import android.util.ArrayMap;
 import android.util.ArraySet;
 import android.util.AtomicFile;
+import android.util.EventLog;
 import android.util.IndentingPrintWriter;
 import android.util.IntArray;
 import android.util.Slog;
@@ -4498,6 +4499,13 @@ public class UserManagerService extends IUserManager.Stub {
     public void setApplicationRestrictions(String packageName, Bundle restrictions,
             @UserIdInt int userId) {
         checkSystemOrRoot("set application restrictions");
+        String validationResult = validateName(packageName);
+        if (validationResult != null) {
+            if (packageName.contains("../")) {
+                EventLog.writeEvent(0x534e4554, "239701237", -1, "");
+            }
+            throw new IllegalArgumentException("Invalid package name: " + validationResult);
+        }
         if (restrictions != null) {
             restrictions.setDefusable(true);
         }
@@ -4524,6 +4532,39 @@ public class UserManagerService extends IUserManager.Stub {
         mContext.sendBroadcastAsUser(changeIntent, UserHandle.of(userId));
     }
 
+    /**
+     * Check if the given name is valid.
+     *
+     * Note: the logic is taken from FrameworkParsingPackageUtils in master, edited to remove
+     * unnecessary parts. Copied here for a security fix.
+     *
+     * @param name The name to check.
+     * @return null if it's valid, error message if not
+     */
+    @VisibleForTesting
+    static String validateName(String name) {
+        final int n = name.length();
+        boolean front = true;
+        for (int i = 0; i < n; i++) {
+            final char c = name.charAt(i);
+            if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z')) {
+                front = false;
+                continue;
+            }
+            if (!front) {
+                if ((c >= '0' && c <= '9') || c == '_') {
+                    continue;
+                }
+                if (c == '.') {
+                    front = true;
+                    continue;
+                }
+            }
+            return "bad character '" + c + "'";
+        }
+        return null;
+    }
+
     private int getUidForPackage(String packageName) {
         final long ident = Binder.clearCallingIdentity();
         try {
diff --git a/services/tests/servicestests/src/com/android/server/pm/UserManagerServiceTest.java b/services/tests/servicestests/src/com/android/server/pm/UserManagerServiceTest.java
index 6c1c019f504e..658f168b608b 100644
--- a/services/tests/servicestests/src/com/android/server/pm/UserManagerServiceTest.java
+++ b/services/tests/servicestests/src/com/android/server/pm/UserManagerServiceTest.java
@@ -86,6 +86,13 @@ public class UserManagerServiceTest extends AndroidTestCase {
         }
     }
 
+    public void testValidateName() {
+        assertNull(UserManagerService.validateName("android"));
+        assertNull(UserManagerService.validateName("com.company.myapp"));
+        assertNotNull(UserManagerService.validateName("/../../data"));
+        assertNotNull(UserManagerService.validateName("/dir"));
+    }
+
     private Bundle createBundle() {
         Bundle result = new Bundle();
         // Tests for 6 allowed types: Integer, Boolean, String, String[], Bundle and Parcelable[]
author	Liana Kazanova <lkazanova@google.com>	2022-09-07 23:17:57 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-09-07 23:17:57 +0000
commit	2499b9608171f0b451fb8f25876226553a902da3 (patch)
tree	3f3e6500cfde3520eb029eeb04b6ceacdf03618e
parent	b82c4ea9413e6da5335398d43cde89a53311660b (diff)
parent	b62eeefe44f8c9b4751b6fb1376b600d96bcb5da (diff)