diff options
| author | 2020-10-27 17:31:25 +0800 | |
|---|---|---|
| committer | 2020-11-06 15:50:02 +0800 | |
| commit | 6dc63526e5c96b0bb7221b48e5539281e29e90d7 (patch) | |
| tree | 93e42d6fe721dfccdce7ff42278d10089b6b874c | |
| parent | c44ef9e2536f69a902049cabc15f52daa2fa9ae7 (diff) | |
Limit length of package name and shared user id
Package name and shared user id could be used as part of filename
as prefix by other modules. Limits the length to 223 and reserves
32 for the OS.
Bug: 118768971
Test: atest PackageManagerTest
Change-Id: I524a20ac3ed336b1a580f9be324dce460e7f8388
3 files changed, 40 insertions, 16 deletions
diff --git a/core/java/android/content/pm/parsing/ApkLiteParseUtils.java b/core/java/android/content/pm/parsing/ApkLiteParseUtils.java index 6d92d3e0d219..72a66ed4d9fe 100644 --- a/core/java/android/content/pm/parsing/ApkLiteParseUtils.java +++ b/core/java/android/content/pm/parsing/ApkLiteParseUtils.java @@ -18,6 +18,7 @@ package android.content.pm.parsing; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_BAD_PACKAGE_NAME; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_MANIFEST_MALFORMED; +import static android.content.pm.parsing.ParsingPackageUtils.validateName; import static android.os.Trace.TRACE_TAG_PACKAGE_MANAGER; import android.content.pm.PackageInfo; @@ -501,10 +502,10 @@ public class ApkLiteParseUtils { final String packageName = attrs.getAttributeValue(null, "package"); if (!"android".equals(packageName)) { - final String error = PackageParser.validateName(packageName, true, true); - if (error != null) { + final ParseResult<?> nameResult = validateName(input, packageName, true, true); + if (nameResult.isError()) { return input.error(INSTALL_PARSE_FAILED_BAD_PACKAGE_NAME, - "Invalid manifest package: " + error); + "Invalid manifest package: " + nameResult.getErrorMessage()); } } @@ -513,10 +514,10 @@ public class ApkLiteParseUtils { if (splitName.length() == 0) { splitName = null; } else { - final String error = PackageParser.validateName(splitName, false, false); - if (error != null) { + final ParseResult<?> nameResult = validateName(input, splitName, false, false); + if (nameResult.isError()) { return input.error(INSTALL_PARSE_FAILED_BAD_PACKAGE_NAME, - "Invalid manifest split: " + error); + "Invalid manifest split: " + nameResult.getErrorMessage()); } } } diff --git a/core/java/android/content/pm/parsing/ParsingPackageUtils.java b/core/java/android/content/pm/parsing/ParsingPackageUtils.java index b936c6323a80..6196854526e0 100644 --- a/core/java/android/content/pm/parsing/ParsingPackageUtils.java +++ b/core/java/android/content/pm/parsing/ParsingPackageUtils.java @@ -130,6 +130,12 @@ public class ParsingPackageUtils { private static final String TAG = ParsingUtils.TAG; /** + * For those names would be used as a part of the file name. Limits size to 223 and reserves 32 + * for the OS. + */ + private static final int MAX_FILE_NAME_SIZE = 223; + + /** * @see #parseDefault(ParseInput, File, int, boolean) */ @NonNull @@ -2686,7 +2692,16 @@ public class ParsingPackageUtils { } } - private static ParseResult validateName(ParseInput input, String name, boolean requireSeparator, + /** + * Check if the given name is valid. + * + * @param name The name to check. + * @param requireSeparator {@code true} if the name requires containing a separator at least. + * @param requireFilename {@code true} to apply file name validation to the given name. It also + * limits length of the name to the {@link #MAX_FILE_NAME_SIZE}. + * @return Success if it's valid. + */ + public static ParseResult validateName(ParseInput input, String name, boolean requireSeparator, boolean requireFilename) { final int N = name.length(); boolean hasSep = false; @@ -2709,8 +2724,12 @@ public class ParsingPackageUtils { } return input.error("bad character '" + c + "'"); } - if (requireFilename && !FileUtils.isValidExtFilename(name)) { - return input.error("Invalid filename"); + if (requireFilename) { + if (!FileUtils.isValidExtFilename(name)) { + return input.error("Invalid filename"); + } else if (N > MAX_FILE_NAME_SIZE) { + return input.error("the length of the name is greater than " + MAX_FILE_NAME_SIZE); + } } return hasSep || !requireSeparator ? input.success(null) diff --git a/core/java/android/content/pm/parsing/component/ComponentParseUtils.java b/core/java/android/content/pm/parsing/component/ComponentParseUtils.java index cfefc016d4a4..d65f8ffc989a 100644 --- a/core/java/android/content/pm/parsing/component/ComponentParseUtils.java +++ b/core/java/android/content/pm/parsing/component/ComponentParseUtils.java @@ -16,6 +16,8 @@ package android.content.pm.parsing.component; +import static android.content.pm.parsing.ParsingPackageUtils.validateName; + import android.annotation.AttrRes; import android.annotation.NonNull; import android.annotation.Nullable; @@ -118,17 +120,19 @@ public class ComponentParseUtils { + ": must be at least two characters"); } String subName = proc.substring(1); - String nameError = PackageParser.validateName(subName, false, false); - if (nameError != null) { + final ParseResult<?> nameResult = validateName(input, subName, false, false); + if (nameResult.isError()) { return input.error("Invalid " + type + " name " + proc + " in package " + pkg - + ": " + nameError); + + ": " + nameResult.getErrorMessage()); } return input.success(pkg + proc); } - String nameError = PackageParser.validateName(proc, true, false); - if (nameError != null && !"system".equals(proc)) { - return input.error("Invalid " + type + " name " + proc + " in package " + pkg - + ": " + nameError); + if (!"system".equals(proc)) { + final ParseResult<?> nameResult = validateName(input, proc, true, false); + if (nameResult.isError()) { + return input.error("Invalid " + type + " name " + proc + " in package " + pkg + + ": " + nameResult.getErrorMessage()); + } } return input.success(proc); } |