LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "Protect ConnectivityService from SecurityException in permission check." am: ed459f5f1a am: 26cb0b40bf

Browse Source 
Change-Id: Ia3bda6925daf06b762e6c926bea1b6ff4e640e58
This commit is contained in:
Automerger Merge Worker
2020-03-16 14:54:02 +00:00
parent a0f72849ec 26cb0b40bf
commit 21b9c023ec
2 changed files with 29 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
services/core/java/com/android/server/ConnectivityService.java
View File

@@ -7892,10 +7892,17 @@ public class ConnectivityService extends IConnectivityManager.Stub
return true; return true;
} }
// LocationPermissionChecker#checkLocationPermission can throw SecurityException if the uid
// and package name don't match. Throwing on the CS thread is not acceptable, so wrap the
// call in a try-catch.
try {
if (!mLocationPermissionChecker.checkLocationPermission( if (!mLocationPermissionChecker.checkLocationPermission(
callbackPackageName, null /* featureId */, callbackUid, null /* message */)) { callbackPackageName, null /* featureId */, callbackUid, null /* message */)) {
return false; return false;
} }
} catch (SecurityException e) {
return false;
}
synchronized (mVpns) { synchronized (mVpns) {
if (getVpnIfOwner(callbackUid) != null) { if (getVpnIfOwner(callbackUid) != null) {

20
tests/net/java/com/android/server/ConnectivityServiceTest.java
View File

@@ -6756,6 +6756,26 @@ public class ConnectivityServiceTest {
mContext.getOpPackageName())); mContext.getOpPackageName()));
} }
@Test
public void testCheckConnectivityDiagnosticsPermissionsWrongUidPackageName() throws Exception {
final NetworkAgentInfo naiWithoutUid =
new NetworkAgentInfo(
null, null, null, null, null, new NetworkCapabilities(), 0,
mServiceContext, null, null, mService, null, null, null, 0);
mServiceContext.setPermission(android.Manifest.permission.NETWORK_STACK, PERMISSION_DENIED);
try {
assertFalse(
"Mismatched uid/package name should not pass the location permission check",
mService.checkConnectivityDiagnosticsPermissions(
Process.myPid() + 1, Process.myUid() + 1, naiWithoutUid,
mContext.getOpPackageName()));
} catch (SecurityException e) {
fail("checkConnectivityDiagnosticsPermissions shouldn't surface a SecurityException");
}
}
@Test @Test
public void testCheckConnectivityDiagnosticsPermissionsNoLocationPermission() throws Exception { public void testCheckConnectivityDiagnosticsPermissionsNoLocationPermission() throws Exception {
final NetworkAgentInfo naiWithoutUid = final NetworkAgentInfo naiWithoutUid =