tag | e7a545b2b7c275dddede8501bf05df67eec8a67f | |
---|---|---|
tagger | The Android Open Source Project <initial-contribution@android.com> | Wed Feb 13 10:35:48 2019 -0800 |
object | ad25788d867d8dc3fc5398796cea16ddc6442e16 |
Android CTS 7.1 Release 25 (5240545)
commit | ad25788d867d8dc3fc5398796cea16ddc6442e16 | [log] [tgz] |
---|---|---|
author | Tianjie Xu <xunchang@google.com> | Fri Dec 16 16:24:09 2016 -0800 |
committer | gitbuildkicker <android-build@google.com> | Mon Jan 23 11:17:32 2017 -0800 |
tree | f90c7c7c1e65b8ad4279dfe4883e46a80e0a7321 | |
parent | 37d7d67ca216972cba9259aa5866220d6abfaf14 [diff] |
Add a checker for signature boundary in verifier The 'signature_start' variable marks the location of the signature from the end of a zip archive. And a boundary check is missing where 'signature_start' should be within the EOCD comment field. This causes problems when sideloading a malicious package. Also add a corresponding test. Bug: 31914369 Test: Verification fails correctly when sideloading recovery_test.zip on angler. Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1 (cherry-picked from f69e6a9475983b2ad46729e44ab58d2b22cd74d0) (cherry picked from commit 54ea136fded56810bf475885eb4bd7bf1b11f09c)
mm -j && m ramdisk-nodeps && m recoveryimage-nodeps # To boot into the new recovery image # without flashing the recovery partition: adb reboot bootloader fastboot boot $ANDROID_PRODUCT_OUT/recovery.img
# After setting up environment and lunch. mmma -j bootable/recovery # Running the tests on device. adb root adb sync data # 32-bit device adb shell /data/nativetest/recovery_unit_test/recovery_unit_test adb shell /data/nativetest/recovery_component_test/recovery_component_test # Or 64-bit device adb shell /data/nativetest64/recovery_unit_test/recovery_unit_test adb shell /data/nativetest64/recovery_component_test/recovery_component_test