[RESTRICT AUTOMERGE] Limit length of the name in <uses-permission>

To mitigate a boot loop with a huge name string, this CL restricts the max length of the name in <users-permission> attr. Bug: 259942609 Test: manually using the PoC in the buganizer to ensure the symptom no longer exists. Change-Id: I35dde9d6bea9eb7c1b81e8cbadeeb908b3fb713f (cherry picked from commit de8ef32d020ce4efe5dcaae09c9b8e0cf7efb2db) Merged-In: I35dde9d6bea9eb7c1b81e8cbadeeb908b3fb713f
author: Jackal Guo <jackalguo@google.com> 2023-01-11 14:36:32 +0800
committer: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> 2023-02-14 18:17:15 +0000
commit: 955123a6dfe17fbf30f3cd1898dd8229032274c7 (patch)
tree: ee2bb90676868b63fd6be956d25455e4a77e5236
parent: 7a04beeda00aff327afee9436fd7aed954ee4127 (diff)
download: base-955123a6dfe17fbf30f3cd1898dd8229032274c7.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/pm/pkg/parsing/ParsingPackageUtils.java b/services/core/java/com/android/server/pm/pkg/parsing/ParsingPackageUtils.java
index 7ce7f7ebf6cc..810fa5f1e4b3 100644
--- a/services/core/java/com/android/server/pm/pkg/parsing/ParsingPackageUtils.java
+++ b/services/core/java/com/android/server/pm/pkg/parsing/ParsingPackageUtils.java
@@ -247,6 +247,9 @@ public class ParsingPackageUtils {
     private static final String MAX_NUM_COMPONENTS_ERR_MSG =
             "Total number of components has exceeded the maximum number: " + MAX_NUM_COMPONENTS;
 
+    /** The maximum permission name length. */
+    private static final int MAX_PERMISSION_NAME_LENGTH = 512;
+
     @IntDef(flag = true, prefix = { "PARSE_" }, value = {
             PARSE_CHATTY,
             PARSE_COLLECT_CERTIFICATES,
@@ -1275,6 +1278,11 @@ public class ParsingPackageUtils {
             // that may change.
             String name = sa.getNonResourceString(
                     R.styleable.AndroidManifestUsesPermission_name);
+            if (TextUtils.length(name) > MAX_PERMISSION_NAME_LENGTH) {
+                return input.error(INSTALL_PARSE_FAILED_MANIFEST_MALFORMED,
+                        "The name in the <uses-permission> is greater than "
+                                + MAX_PERMISSION_NAME_LENGTH);
+            }
 
             int maxSdkVersion = 0;
             TypedValue val = sa.peekValue(
author	Jackal Guo <jackalguo@google.com>	2023-01-11 14:36:32 +0800
committer	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	2023-02-14 18:17:15 +0000
commit	955123a6dfe17fbf30f3cd1898dd8229032274c7 (patch)
tree	ee2bb90676868b63fd6be956d25455e4a77e5236
parent	7a04beeda00aff327afee9436fd7aed954ee4127 (diff)
download	base-955123a6dfe17fbf30f3cd1898dd8229032274c7.tar.gz