diff options
| author | 2013-03-28 20:30:36 +0000 | |
|---|---|---|
| committer | 2013-03-28 20:30:36 +0000 | |
| commit | 2ff853daa89ca47491c3f7b096872a432d4a19e7 (patch) | |
| tree | ae374f1729bd3a8496078b429116f8341d62cf57 | |
| parent | 3864aa3944254184ddcd61002cb9f1d7cb1d4c67 (diff) | |
| parent | d417ab0ea526cee036a71e67af4a8a898e35f564 (diff) | |
Merge "Add data validation on seinfo labels."
| -rw-r--r-- | services/java/com/android/server/pm/SELinuxMMAC.java | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/services/java/com/android/server/pm/SELinuxMMAC.java b/services/java/com/android/server/pm/SELinuxMMAC.java index 15d2a5aec0cf..4bbdb5e26668 100644 --- a/services/java/com/android/server/pm/SELinuxMMAC.java +++ b/services/java/com/android/server/pm/SELinuxMMAC.java @@ -206,10 +206,10 @@ public final class SELinuxMMAC { String tagName = parser.getName(); if ("seinfo".equals(tagName)) { String seinfoValue = parser.getAttributeValue(null, "value"); - if (seinfoValue != null) { + if (validateValue(seinfoValue)) { seinfo = seinfoValue; } else { - Slog.w(TAG, "<seinfo> without value at " + Slog.w(TAG, "<seinfo> without valid value at " + parser.getPositionDescription()); } } @@ -219,6 +219,28 @@ public final class SELinuxMMAC { } /** + * General validation routine for tag values. + * Returns a boolean indicating if the passed string + * contains only letters or underscores. + */ + private static boolean validateValue(String name) { + if (name == null) + return false; + + final int N = name.length(); + if (N == 0) + return false; + + for (int i = 0; i < N; i++) { + final char c = name.charAt(i); + if ((c < 'a' || c > 'z') && (c < 'A' || c > 'Z') && (c != '_')) { + return false; + } + } + return true; + } + + /** * Labels a package based on an seinfo tag from install policy. * The label is attached to the ApplicationInfo instance of the package. * @param PackageParser.Package object representing the package |