Added limitations for attributions to handle invalid cases

Bug: 304983146
Test: Modified and introduced new tests to verify change -> atest CtsAppOpsTestCases:AttributionTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ed1b87a33bcf66976b05b81090734da8dff9db3f)
Merged-In: Iaaee30990bf3b4feaa734eff10409cc9501265e7
Change-Id: Iaaee30990bf3b4feaa734eff10409cc9501265e7

2 files changed, 39 insertions, 1 deletions

diff --git a/core/java/com/android/internal/pm/pkg/component/ParsedAttributionImpl.java b/core/java/com/android/internal/pm/pkg/component/ParsedAttributionImpl.java
index e3bfb38802db..e419d13730c2 100644
--- a/core/java/com/android/internal/pm/pkg/component/ParsedAttributionImpl.java
+++ b/core/java/com/android/internal/pm/pkg/component/ParsedAttributionImpl.java
@@ -38,7 +38,7 @@ import java.util.List;
 public class ParsedAttributionImpl implements ParsedAttribution, Parcelable {
 
     /** Maximum amount of attributions per package */
-    static final int MAX_NUM_ATTRIBUTIONS = 10000;
+    static final int MAX_NUM_ATTRIBUTIONS = 400;
 
     /** Tag of the attribution */
     private @NonNull String tag;
diff --git a/services/core/java/com/android/server/appop/AppOpsService.java b/services/core/java/com/android/server/appop/AppOpsService.java
index d80638af697e..8e8b9956f3cc 100644
--- a/services/core/java/com/android/server/appop/AppOpsService.java
+++ b/services/core/java/com/android/server/appop/AppOpsService.java
@@ -2880,6 +2880,10 @@ public class AppOpsService extends IAppOpsService.Stub {
             return new SyncNotedAppOp(AppOpsManager.MODE_ERRORED, code, attributionTag,
                     packageName);
         }
+        if (proxyAttributionTag != null
+                && !isAttributionTagDefined(packageName, proxyPackageName, proxyAttributionTag)) {
+            proxyAttributionTag = null;
+        }
 
         synchronized (this) {
             final Ops ops = getOpsLocked(uid, packageName, attributionTag,
@@ -3453,6 +3457,10 @@ public class AppOpsService extends IAppOpsService.Stub {
             return new SyncNotedAppOp(AppOpsManager.MODE_ERRORED, code, attributionTag,
                     packageName);
         }
+        if (proxyAttributionTag != null
+                && !isAttributionTagDefined(packageName, proxyPackageName, proxyAttributionTag)) {
+            proxyAttributionTag = null;
+        }
 
         boolean isRestricted = false;
         int startType = START_TYPE_FAILED;
@@ -4306,6 +4314,36 @@ public class AppOpsService extends IAppOpsService.Stub {
         return false;
     }
 
+    /**
+     * Checks to see if the attribution tag is defined in either package or proxyPackage.
+     * This method is intended for ProxyAttributionTag validation and returns false
+     * if it does not exist in either one of them.
+     *
+     * @param packageName Name of the package
+     * @param proxyPackageName Name of the proxy package
+     * @param attributionTag attribution tag to be checked
+     *
+     * @return boolean specifying if attribution tag is valid or not
+     */
+    private boolean isAttributionTagDefined(@Nullable String packageName,
+                                          @Nullable String proxyPackageName,
+                                          @Nullable String attributionTag) {
+        if (packageName == null) {
+            return false;
+        } else if (attributionTag == null) {
+            return true;
+        }
+        PackageManagerInternal pmInt = LocalServices.getService(PackageManagerInternal.class);
+        if (proxyPackageName != null) {
+            AndroidPackage proxyPkg = pmInt.getPackage(proxyPackageName);
+            if (proxyPkg != null && isAttributionInPackage(proxyPkg, attributionTag)) {
+                return true;
+            }
+        }
+        AndroidPackage pkg = pmInt.getPackage(packageName);
+        return isAttributionInPackage(pkg, attributionTag);
+    }
+
     private void logVerifyAndGetBypassFailure(int uid, @NonNull SecurityException e,
             @NonNull String methodName) {
         if (Process.isIsolated(uid)) {