Restrict the number of features or size of ids.

Test: atest CtsAppOpsTestCases
Change-Id: I57c4bcee784e28afde0960f93f3b86f1143d2c65

1 files changed, 15 insertions, 0 deletions

diff --git a/core/java/android/content/pm/parsing/ComponentParseUtils.java b/core/java/android/content/pm/parsing/ComponentParseUtils.java
index 88e98da510ff..7b24d3df92a2 100644
--- a/core/java/android/content/pm/parsing/ComponentParseUtils.java
+++ b/core/java/android/content/pm/parsing/ComponentParseUtils.java
@@ -943,6 +943,12 @@ public class ComponentParseUtils {
      */
     // @DataClass verifier is broken, hence comment out for now
     public static class ParsedFeature implements Parcelable {
+        /** Maximum length of featureId */
+        public static final int MAX_FEATURE_ID_LEN = 50;
+
+        /** Maximum amount of features per package */
+        private static final int MAX_NUM_FEATURES = 1000;
+
         /** Id of the feature */
         public final @NonNull String id;
 
@@ -964,6 +970,10 @@ public class ComponentParseUtils {
             ArraySet<String> inheritFromFeatureIds = new ArraySet<>();
 
             int numFeatures = features.size();
+            if (numFeatures > MAX_NUM_FEATURES) {
+                return false;
+            }
+
             for (int featureNum = 0; featureNum < numFeatures; featureNum++) {
                 boolean wasAdded = featureIds.add(features.get(featureNum).id);
                 if (!wasAdded) {
@@ -2764,6 +2774,11 @@ public class ComponentParseUtils {
                 outError[0] = "<featureId> does not specify android:featureId";
                 return null;
             }
+            if (featureId.length() > ParsedFeature.MAX_FEATURE_ID_LEN) {
+                outError[0] = "<featureId> is too long. Max length is "
+                        + ParsedFeature.MAX_FEATURE_ID_LEN;
+                return null;
+            }
 
             label = sa.getResourceId(R.styleable.AndroidManifestFeature_label, 0);
             if (label == Resources.ID_NULL) {