Google Git
Sign in
android / platform / bootable / recovery / 424502259819a78ca36c83aef35b942af75f4ca2
commit424502259819a78ca36c83aef35b942af75f4ca2[log] [tgz]
authorTianjie Xu <xunchang@google.com>Fri Dec 16 16:24:09 2016 -0800
committerFeng Yu <feny@google.com>Fri Jan 20 00:57:14 2017 +0000
treefd8ea77ea19e10e3fca4927b296d5c65463589bb
parent88563bd636cc2aa435623c0f965fd445994c9f30 [diff]
Add a checker for signature boundary in verifier

The 'signature_start' variable marks the location of the signature
from the end of a zip archive. And a boundary check is missing where
'signature_start' should be within the EOCD comment field. This causes
problems when sideloading a malicious package. Also add a corresponding
test.

Bug: 31914369
Test: Verification fails correctly when sideloading recovery_test.zip on
angler.

Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1
(cherry-picked from f69e6a9475983b2ad46729e44ab58d2b22cd74d0)
(cherry picked from commit 54ea136fded56810bf475885eb4bd7bf1b11f09c)
1 file changed
tree: fd8ea77ea19e10e3fca4927b296d5c65463589bb
  1. applypatch/
  2. edify/
  3. etc/
  4. fonts/
  5. minadbd/
  6. minui/
  7. minzip/
  8. mtdutils/
  9. res-hdpi/
  10. res-mdpi/
  11. res-xhdpi/
  12. res-xxhdpi/
  13. res-xxxhdpi/
  14. testdata/
  15. tests/
  16. tools/
  17. uncrypt/
  18. updater/
  19. adb_install.cpp
  20. adb_install.h
  21. Android.mk
  22. asn1_decoder.cpp
  23. asn1_decoder.h
  24. bootloader.cpp
  25. bootloader.h
  26. CleanSpec.mk
  27. common.h
  28. default_device.cpp
  29. device.cpp
  30. device.h
  31. fuse_sdcard_provider.c
  32. fuse_sdcard_provider.h
  33. fuse_sideload.c
  34. fuse_sideload.h
  35. install.cpp
  36. install.h
  37. interlace-frames.py
  38. NOTICE
  39. README.md
  40. recovery.cpp
  41. roots.cpp
  42. roots.h
  43. screen_ui.cpp
  44. screen_ui.h
  45. ui.cpp
  46. ui.h
  47. verifier.cpp
  48. verifier.h
  49. verifier_test.cpp
  50. verifier_test.sh
README.md

The Recovery Image

Quick turn-around testing

mm -j && m ramdisk-nodeps && m recoveryimage-nodeps

# To boot into the new recovery image
# without flashing the recovery partition:
adb reboot bootloader
fastboot boot $ANDROID_PRODUCT_OUT/recovery.img