diff options
author | Rhed Jao <rhedjao@google.com> | 2022-10-05 00:11:27 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2022-10-05 00:11:27 +0000 |
commit | b553461c30971e918abfe216a67456403ac33ddf (patch) | |
tree | 7bd36c7b78e42f26fc1c12f8197f073adee08d4c | |
parent | e5e51e83c1c6c1d86c1e47eadd8f76a21c83af84 (diff) | |
parent | 1272d7da8638efe7ee7160cd19270040445d8552 (diff) | |
download | cts-b553461c30971e918abfe216a67456403ac33ddf.tar.gz |
Merge changes from topic "pm_setCmpEnabledSetting_vulnerability" into sc-mainline-prod
* changes:
[automerge] [DO NOT MERGE] Test to verify setComponentEnabledSetting with invalid component 2p: 95ffcd34ec
[DO NOT MERGE] Test to verify setComponentEnabledSetting with invalid component
5 files changed, 150 insertions, 2 deletions
diff --git a/tests/tests/security/Android.bp b/tests/tests/security/Android.bp index b476948160a..c95a885289d 100644 --- a/tests/tests/security/Android.bp +++ b/tests/tests/security/Android.bp @@ -77,9 +77,9 @@ android_test { data: [ ":RolePermissionOverrideTestApp", ":SplitBluetoothPermissionTestApp", - ":CtsUsePermissionApp22_2", + ":CtsUsePermissionApp22_2", ":CtsHelperAppOverlay", - + ":CtsDummyTargetApi15TestApp", ], } diff --git a/tests/tests/security/AndroidTest.xml b/tests/tests/security/AndroidTest.xml index f8f8e5304c5..751748e5bcd 100644 --- a/tests/tests/security/AndroidTest.xml +++ b/tests/tests/security/AndroidTest.xml @@ -53,6 +53,7 @@ <option name="cleanup" value="true" /> <option name="push" value="RolePermissionOverrideTestApp.apk->/data/local/tmp/cts/security/RolePermissionOverrideTestApp.apk" /> <option name="push" value="SplitBluetoothPermissionTestApp.apk->/data/local/tmp/cts/security/SplitBluetoothPermissionTestApp.apk" /> + <option name="push" value="CtsDummyTargetApi15TestApp.apk->/data/local/tmp/cts/security/CtsDummyTargetApi15TestApp.apk" /> <option name="push" value="CtsUsePermissionApp22_2.apk->/data/local/tmp/cts/permission3/CtsUsePermissionApp22_2.apk" /> <option name="push" value="CtsHelperAppOverlay.apk->/data/local/tmp/cts/permission3/CtsHelperAppOverlay.apk" /> </target_preparer> diff --git a/tests/tests/security/src/android/security/cts/PackageManagerTest.java b/tests/tests/security/src/android/security/cts/PackageManagerTest.java new file mode 100644 index 00000000000..8c27a70a391 --- /dev/null +++ b/tests/tests/security/src/android/security/cts/PackageManagerTest.java @@ -0,0 +1,99 @@ +/* + * Copyright (C) 2022 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.security.cts; + +import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_ENABLED; + +import static com.android.compatibility.common.util.ShellUtils.runShellCommand; + +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.containsString; +import static org.hamcrest.Matchers.not; +import static org.hamcrest.core.Is.is; + +import android.Manifest; +import android.content.ComponentName; +import android.content.pm.PackageManager; +import android.platform.test.annotations.AppModeFull; +import android.platform.test.annotations.AsbSecurityTest; + +import androidx.test.platform.app.InstrumentationRegistry; +import androidx.test.runner.AndroidJUnit4; + +import com.android.sts.common.util.StsExtraBusinessLogicTestCase; + +import org.junit.After; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; + +import java.io.File; + +@AppModeFull +@RunWith(AndroidJUnit4.class) +public class PackageManagerTest extends StsExtraBusinessLogicTestCase { + private static final String DUMMY_API15_APK_PATH = + "/data/local/tmp/cts/security/CtsDummyTargetApi15TestApp.apk"; + private static final String DUMMY_API15_PACKAGE_NAME = + "android.security.cts.dummy.api15"; + private static final ComponentName INVALID_COMPONENT_NAME = + ComponentName.createRelative(DUMMY_API15_PACKAGE_NAME, ".InvalidClassName"); + + private PackageManager mPackageManager; + + @Before + public void setUp() { + mPackageManager = InstrumentationRegistry.getInstrumentation() + .getTargetContext().getPackageManager(); + + installPackage(DUMMY_API15_APK_PATH); + InstrumentationRegistry + .getInstrumentation() + .getUiAutomation() + .adoptShellPermissionIdentity(Manifest.permission.CHANGE_COMPONENT_ENABLED_STATE); + } + + @After + public void tearDown() { + InstrumentationRegistry.getInstrumentation().getUiAutomation() + .dropShellPermissionIdentity(); + uninstallPackage(DUMMY_API15_PACKAGE_NAME); + } + + @AsbSecurityTest(cveBugId = 240936919) + @Test + public void setComponentEnabledSetting_targetPkgIsApi15_withInvalidComponentName() { + mPackageManager.setComponentEnabledSetting( + INVALID_COMPONENT_NAME, COMPONENT_ENABLED_STATE_ENABLED, 0 /* flags */); + assertThat(mPackageManager.getComponentEnabledSetting(INVALID_COMPONENT_NAME), + not(is(COMPONENT_ENABLED_STATE_ENABLED))); + } + + private static void installPackage(String apkPath) { + assertThat(new File(apkPath).exists(), is(true)); + final StringBuilder cmd = new StringBuilder("pm install "); + cmd.append(apkPath); + final String result = runShellCommand(cmd.toString()).trim(); + assertThat(result, containsString("Success")); + } + + private static void uninstallPackage(String packageName) { + final StringBuilder cmd = new StringBuilder("pm uninstall "); + cmd.append(packageName); + runShellCommand(cmd.toString()); + } +} diff --git a/tests/tests/security/test-apps/DummyTargetApi15TestApp/Android.bp b/tests/tests/security/test-apps/DummyTargetApi15TestApp/Android.bp new file mode 100644 index 00000000000..2cfcd55beae --- /dev/null +++ b/tests/tests/security/test-apps/DummyTargetApi15TestApp/Android.bp @@ -0,0 +1,27 @@ +// +// Copyright (C) 2022 The Android Open Source Project +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package { + default_applicable_licenses: ["Android-Apache-2.0"], +} + +android_test_helper_app { + name: "CtsDummyTargetApi15TestApp", + defaults: ["cts_defaults"], + sdk_version: "current", + target_sdk_version: "15", + min_sdk_version: "15", +} diff --git a/tests/tests/security/test-apps/DummyTargetApi15TestApp/AndroidManifest.xml b/tests/tests/security/test-apps/DummyTargetApi15TestApp/AndroidManifest.xml new file mode 100644 index 00000000000..aa25f1a0713 --- /dev/null +++ b/tests/tests/security/test-apps/DummyTargetApi15TestApp/AndroidManifest.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- + ~ Copyright (C) 2022 The Android Open Source Project + ~ + ~ Licensed under the Apache License, Version 2.0 (the "License"); + ~ you may not use this file except in compliance with the License. + ~ You may obtain a copy of the License at + ~ + ~ http://www.apache.org/licenses/LICENSE-2.0 + ~ + ~ Unless required by applicable law or agreed to in writing, software + ~ distributed under the License is distributed on an "AS IS" BASIS, + ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + ~ See the License for the specific language governing permissions and + ~ limitations under the License. + --> +<manifest xmlns:android="http://schemas.android.com/apk/res/android" + package="android.security.cts.dummy.api15" > + <uses-sdk android:minSdkVersion="15" android:targetSdkVersion="15" /> + <application android:hasCode="false" android:label="Dummy Test App" /> +</manifest> |