Test validation of commands and arguments.
Bug: 5465176
Change-Id: I32fd41408045a18f7b39cb55806021d82e94337f
diff --git a/tests/tests/security/src/android/security/cts/VoldExploitTest.java b/tests/tests/security/src/android/security/cts/VoldExploitTest.java
index 8fbf874..00d0c1a 100644
--- a/tests/tests/security/src/android/security/cts/VoldExploitTest.java
+++ b/tests/tests/security/src/android/security/cts/VoldExploitTest.java
@@ -39,6 +39,20 @@
public class VoldExploitTest extends AndroidTestCase {
/**
+ * Try to inject vold commands.
+ */
+ public void testTryCommandInjection() throws Exception {
+ final StorageManager sm = (StorageManager) getContext().getSystemService(
+ Context.STORAGE_SERVICE);
+ try {
+ sm.getMountedObbPath("/dev/null\0asec list");
+ fail("able to inject vold commands");
+ } catch(IllegalArgumentException e) {
+ // expected
+ }
+ }
+
+ /**
* Validate that this device isn't vulnerable to the "ZergRush"
* vold vulnerability (CVE-2011-3874).
*