Add a checker for signature boundary in verifier

The 'signature_start' variable marks the location of the signature
from the end of a zip archive. And a boundary check is missing where
'signature_start' should be within the EOCD comment field. This causes
problems when sideloading a malicious package. Also add a corresponding
test.

Bug: 31914369
Test: Verification fails correctly when sideloading recovery_test.zip on
angler.

Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1
(cherry-picked from f69e6a9475983b2ad46729e44ab58d2b22cd74d0)

(cherry picked from commit 54ea136fded56810bf475885eb4bd7bf1b11f09c)
1 file changed
tree: f90c7c7c1e65b8ad4279dfe4883e46a80e0a7321
  1. Android.mk
  2. CleanSpec.mk
  3. NOTICE
  4. README.md
  5. adb_install.cpp
  6. adb_install.h
  7. applypatch/
  8. asn1_decoder.cpp
  9. asn1_decoder.h
  10. bootloader.h
  11. bootloader_message/
  12. common.h
  13. default_device.cpp
  14. device.cpp
  15. device.h
  16. edify/
  17. error_code.h
  18. etc/
  19. fonts/
  20. fuse_sdcard_provider.cpp
  21. fuse_sdcard_provider.h
  22. fuse_sideload.cpp
  23. fuse_sideload.h
  24. install.cpp
  25. install.h
  26. interlace-frames.py
  27. minadbd/
  28. minui/
  29. minzip/
  30. mtdutils/
  31. otafault/
  32. print_sha1.h
  33. recovery-persist.cpp
  34. recovery-persist.rc
  35. recovery-refresh.cpp
  36. recovery-refresh.rc
  37. recovery.cpp
  38. res-hdpi/
  39. res-mdpi/
  40. res-xhdpi/
  41. res-xxhdpi/
  42. res-xxxhdpi/
  43. roots.cpp
  44. roots.h
  45. screen_ui.cpp
  46. screen_ui.h
  47. tests/
  48. tools/
  49. ui.cpp
  50. ui.h
  51. uncrypt/
  52. unique_fd.h
  53. update_verifier/
  54. updater/
  55. verifier.cpp
  56. verifier.h
  57. wear_touch.cpp
  58. wear_touch.h
  59. wear_ui.cpp
  60. wear_ui.h
README.md

The Recovery Image

Quick turn-around testing

mm -j && m ramdisk-nodeps && m recoveryimage-nodeps

# To boot into the new recovery image
# without flashing the recovery partition:
adb reboot bootloader
fastboot boot $ANDROID_PRODUCT_OUT/recovery.img

Running the tests

# After setting up environment and lunch.
mmma -j bootable/recovery

# Running the tests on device.
adb root
adb sync data

# 32-bit device
adb shell /data/nativetest/recovery_unit_test/recovery_unit_test
adb shell /data/nativetest/recovery_component_test/recovery_component_test

# Or 64-bit device
adb shell /data/nativetest64/recovery_unit_test/recovery_unit_test
adb shell /data/nativetest64/recovery_component_test/recovery_component_test