diff options
author | android-build-team Robot <android-build-team-robot@google.com> | 2021-04-10 01:00:34 +0000 |
---|---|---|
committer | android-build-team Robot <android-build-team-robot@google.com> | 2021-04-10 01:00:34 +0000 |
commit | d5a1d0f29e1ad1629c86125821783c69ddea671c (patch) | |
tree | d88486ccb6d2b515d0d851fd40c9f6046e0b9122 | |
parent | 486f0790f033745145277359e36609c9a9471a98 (diff) | |
parent | f2f76bd354af9a292ab1a4d001b303ac53f7dfba (diff) | |
download | cts-android11-qpr3-release.tar.gz |
Snap for 7272552 from f2f76bd354af9a292ab1a4d001b303ac53f7dfba to rvc-qpr3-releaseandroid-11.0.0_r46android-11.0.0_r43android-11.0.0_r40android-11.0.0_r39android-11.0.0_r38android11-qpr3-s1-releaseandroid11-qpr3-release
Change-Id: I1c9e683db279148d6b03c3d22807136ac25d6752
3 files changed, 5 insertions, 98 deletions
diff --git a/hostsidetests/securitybulletin/securityPatch/CVE-2020-0224/Android.bp b/hostsidetests/securitybulletin/securityPatch/CVE-2020-0224/Android.bp deleted file mode 100644 index 084a1fe3d2c..00000000000 --- a/hostsidetests/securitybulletin/securityPatch/CVE-2020-0224/Android.bp +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright (C) 2021 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -cc_test { - name: "CVE-2020-0224", - defaults: ["cts_hostsidetests_securitybulletin_defaults"], - shared_libs: [ - "libpac", - ], - srcs: [ - "poc.cpp", - ], -} diff --git a/hostsidetests/securitybulletin/securityPatch/CVE-2020-0224/poc.cpp b/hostsidetests/securitybulletin/securityPatch/CVE-2020-0224/poc.cpp deleted file mode 100644 index de62221ca8e..00000000000 --- a/hostsidetests/securitybulletin/securityPatch/CVE-2020-0224/poc.cpp +++ /dev/null @@ -1,60 +0,0 @@ -/** - * Copyright (C) 2021 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include <codecvt> -#include <fstream> -#include "../includes/common.h" -#include <proxy_resolver_v8_wrapper.h> - -using namespace std; - -void poc(char* raw) { - ProxyResolverV8Handle* handle = ProxyResolverV8Handle_new(); - string u8Script(raw); - u16string u16Script = - wstring_convert<codecvt_utf8_utf16<char16_t>, char16_t> { } - .from_bytes(u8Script); - - ProxyResolverV8Handle_SetPacScript(handle, u16Script.data()); - const char16_t* spec = u"", *host = u""; - ProxyResolverV8Handle_GetProxyForURL(handle, spec, host); - ProxyResolverV8Handle_delete(handle); -} - -int main(int argc, char **argv) { - if (argc != 2) { - return EXIT_FAILURE; - } - - ifstream stream; - stream.open(argv[1]); - if (stream.rdstate() != ifstream::goodbit) { - return EXIT_FAILURE; - } - - stream.seekg(0, ios::end); - size_t size = stream.tellg(); - stream.seekg(0); - char* raw = (char*) calloc(size + 1, sizeof(char)); - stream.read(raw, size); - time_t currentTime = start_timer(); - while (timer_active(currentTime)) { - poc(raw); - } - - free(raw); - return EXIT_SUCCESS; -} diff --git a/hostsidetests/securitybulletin/src/android/security/cts/CVE_2020_0224.java b/hostsidetests/securitybulletin/src/android/security/cts/CVE_2020_0224.java index b02eeea126a..4cd94c9187f 100644 --- a/hostsidetests/securitybulletin/src/android/security/cts/CVE_2020_0224.java +++ b/hostsidetests/securitybulletin/src/android/security/cts/CVE_2020_0224.java @@ -33,16 +33,10 @@ public class CVE_2020_0224 extends SecurityTestCase { @SecurityTest(minPatchLevel = "2020-07") @Test public void testPocCVE_2020_0224() throws Exception { - String inputFiles[] = {"cve_2020_0224.pac"}; - String binaryName = "CVE-2020-0224"; - String signals[] = {CrashUtils.SIGSEGV, CrashUtils.SIGBUS, CrashUtils.SIGABRT}; - AdbUtils.pocConfig testConfig = new AdbUtils.pocConfig(binaryName, getDevice()); - testConfig.config = new CrashUtils.Config().setProcessPatterns(binaryName); - testConfig.config.setSignals(signals); - testConfig.config.checkMinAddress(false); - testConfig.arguments = AdbUtils.TMP_PATH + inputFiles[0]; - testConfig.inputFiles = Arrays.asList(inputFiles); - testConfig.inputFilesDestination = AdbUtils.TMP_PATH; - AdbUtils.runPocAssertNoCrashesNotVulnerable(testConfig); + AdbUtils.runProxyAutoConfig("cve_2020_0224", getDevice()); + AdbUtils.assertNoCrashes(getDevice(), new CrashUtils.Config() + .setProcessPatterns("pacrunner") + .checkMinAddress(false) + .appendSignals(CrashUtils.SIGABRT)); } } |