From b92de07b63bbcb05ff15a32dda8644ee763acc5d Mon Sep 17 00:00:00 2001 From: Jeff Sharkey Date: Fri, 6 Oct 2017 13:09:46 -0600 Subject: Fix bug in directory depth counting. The path "dir//file" has the same depth as "dir/file". Also verify with local unit tests. Test: /data/nativetest64/installd_utils_test/installd_utils_test Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67471251 Change-Id: Iab35b4fe5591ddd42a7121b630cffcd94ad23c40 --- cmds/installd/tests/installd_utils_test.cpp | 30 +++++++++++++++++++++++------ cmds/installd/utils.cpp | 7 +++++-- 2 files changed, 29 insertions(+), 8 deletions(-) diff --git a/cmds/installd/tests/installd_utils_test.cpp b/cmds/installd/tests/installd_utils_test.cpp index 09dd25ae16..2ca7ac2350 100644 --- a/cmds/installd/tests/installd_utils_test.cpp +++ b/cmds/installd/tests/installd_utils_test.cpp @@ -168,12 +168,6 @@ TEST_F(UtilsTest, IsValidApkPath_EscapeFail) { << badasec1 << " should be rejected as a invalid path"; } -TEST_F(UtilsTest, IsValidApkPath_DoubleSlashFail) { - const char *badasec2 = TEST_ASEC_DIR "com.example.asec//pkg.apk"; - EXPECT_EQ(-1, validate_apk_path(badasec2)) - << badasec2 << " should be rejected as a invalid path"; -} - TEST_F(UtilsTest, IsValidApkPath_SubdirEscapeFail) { const char *badasec3 = TEST_ASEC_DIR "com.example.asec/../../../pkg.apk"; EXPECT_EQ(-1, validate_apk_path(badasec3)) @@ -451,5 +445,29 @@ TEST_F(UtilsTest, ValidateSecondaryDexFilesPath) { package_name, app_dir_ce_user_10 + "/" + too_long, app_uid_for_user_10, FLAG_STORAGE_CE); } +TEST_F(UtilsTest, ValidateApkPath) { + EXPECT_EQ(0, validate_apk_path("/data/app/com.example")); + EXPECT_EQ(0, validate_apk_path("/data/app/com.example/file")); + EXPECT_EQ(0, validate_apk_path("/data/app/com.example//file")); + EXPECT_NE(0, validate_apk_path("/data/app/com.example/dir/")); + EXPECT_NE(0, validate_apk_path("/data/app/com.example/dir/file")); + EXPECT_NE(0, validate_apk_path("/data/app/com.example/dir/dir/file")); + EXPECT_NE(0, validate_apk_path("/data/app/com.example/dir/dir//file")); + EXPECT_NE(0, validate_apk_path("/data/app/com.example/dir/dir/dir/file")); + EXPECT_NE(0, validate_apk_path("/data/app/com.example/dir/dir/dir//file")); +} + +TEST_F(UtilsTest, ValidateApkPathSubdirs) { + EXPECT_EQ(0, validate_apk_path_subdirs("/data/app/com.example")); + EXPECT_EQ(0, validate_apk_path_subdirs("/data/app/com.example/file")); + EXPECT_EQ(0, validate_apk_path_subdirs("/data/app/com.example//file")); + EXPECT_EQ(0, validate_apk_path_subdirs("/data/app/com.example/dir/")); + EXPECT_EQ(0, validate_apk_path_subdirs("/data/app/com.example/dir/file")); + EXPECT_EQ(0, validate_apk_path_subdirs("/data/app/com.example/dir/dir/file")); + EXPECT_EQ(0, validate_apk_path_subdirs("/data/app/com.example/dir/dir//file")); + EXPECT_NE(0, validate_apk_path_subdirs("/data/app/com.example/dir/dir/dir/file")); + EXPECT_NE(0, validate_apk_path_subdirs("/data/app/com.example/dir/dir/dir//file")); +} + } // namespace installd } // namespace android diff --git a/cmds/installd/utils.cpp b/cmds/installd/utils.cpp index c21fae5e83..ca0a82e066 100644 --- a/cmds/installd/utils.cpp +++ b/cmds/installd/utils.cpp @@ -756,8 +756,11 @@ static int validate_path(const std::string& dir, const std::string& path, int ma auto pos = path.find('/', dir.size()); int count = 0; while (pos != std::string::npos) { - pos = path.find('/', pos + 1); - count++; + auto next = path.find('/', pos + 1); + if (next > pos + 1) { + count++; + } + pos = next; } if (count > maxSubdirs) { -- cgit v1.2.3-59-g8ed1b