diff options
| author | Alex Buynytskyy <alexbuy@google.com> | 2023-11-02 15:15:48 -0700 |
|---|---|---|
| committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2024-01-11 04:47:09 +0000 |
| commit | 954b2874b85b6cd0d6bb12cd677cdf22e5dbd77b (patch) | |
| tree | 087852c79e56c76563041b0b12b3fd99ddb6d685 | |
| parent | f516739398746fef7e0cf1437d9a40e2ad3c10bb (diff) | |
| download | base-954b2874b85b6cd0d6bb12cd677cdf22e5dbd77b.tar.gz | |
Validate package names passed to the installer.
Bug: 308989388
Bug: 307532206
Test: atest android.content.pm.cts.PackageManagerTest
(cherry picked from commit 1f445474cd1b902b2e7292a0d24e58f020fd51e7)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8705e13d7c0f9fd1d73ea66619dc28e966d98666)
Merged-In: I840c9c9af5752b3901d4719a13e7908faa43ab04
Change-Id: I840c9c9af5752b3901d4719a13e7908faa43ab04
| -rw-r--r-- | services/core/java/com/android/server/pm/PackageInstallerService.java | 29 |
1 files changed, 24 insertions, 5 deletions
diff --git a/services/core/java/com/android/server/pm/PackageInstallerService.java b/services/core/java/com/android/server/pm/PackageInstallerService.java index a9115371413c..b99e66f68038 100644 --- a/services/core/java/com/android/server/pm/PackageInstallerService.java +++ b/services/core/java/com/android/server/pm/PackageInstallerService.java @@ -55,6 +55,7 @@ import android.content.pm.PackageItemInfo; import android.content.pm.PackageManager; import android.content.pm.ParceledListSlice; import android.content.pm.VersionedPackage; +import android.content.pm.parsing.FrameworkParsingPackageUtils; import android.graphics.Bitmap; import android.net.Uri; import android.os.Binder; @@ -665,17 +666,22 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements // App package name and label length is restricted so that really long strings aren't // written to disk. - if (params.appPackageName != null - && params.appPackageName.length() > SessionParams.MAX_PACKAGE_NAME_LENGTH) { + if (params.appPackageName != null && !isValidPackageName(params.appPackageName)) { params.appPackageName = null; } params.appLabel = TextUtils.trimToSize(params.appLabel, PackageItemInfo.MAX_SAFE_LABEL_LENGTH); - String requestedInstallerPackageName = (params.installerPackageName != null - && params.installerPackageName.length() < SessionParams.MAX_PACKAGE_NAME_LENGTH) - ? params.installerPackageName : installerPackageName; + // Validate installer package name. + if (params.installerPackageName != null && !isValidPackageName( + params.installerPackageName)) { + params.installerPackageName = null; + } + + var requestedInstallerPackageName = + params.installerPackageName != null ? params.installerPackageName + : installerPackageName; if (PackageManagerServiceUtils.isRootOrShell(callingUid) || PackageInstallerSession.isSystemDataLoaderInstallation(params) @@ -1085,6 +1091,19 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements return Integer.parseInt(sessionId); } + private static boolean isValidPackageName(@NonNull String packageName) { + if (packageName.length() > SessionParams.MAX_PACKAGE_NAME_LENGTH) { + return false; + } + // "android" is a valid package name + var errorMessage = FrameworkParsingPackageUtils.validateName( + packageName, /* requireSeparator= */ false, /* requireFilename */ true); + if (errorMessage != null) { + return false; + } + return true; + } + private File getTmpSessionDir(String volumeUuid) { return Environment.getDataAppDirectory(volumeUuid); } |