Test validation of commands and arguments. Bug: 5465176 Change-Id: I32fd41408045a18f7b39cb55806021d82e94337f

commit: 48780b9b09b64b97225605a70904a7cd23d312a3 [log] [tgz]
author: Jeff Sharkey <jsharkey@android.com> Mon Oct 17 12:59:04 2011 -0700
committer: Jeff Sharkey <jsharkey@android.com> Mon Oct 17 14:32:05 2011 -0700
tree: 1e248661400f180529b8e79ea0a32e9d684b6c4f
parent: a8510ab0bad0819407d19d5dd816f70a70f01f26 [diff]
diff --git a/tests/tests/security/src/android/security/cts/VoldExploitTest.java b/tests/tests/security/src/android/security/cts/VoldExploitTest.java
index 8fbf874..00d0c1a 100644
--- a/tests/tests/security/src/android/security/cts/VoldExploitTest.java
+++ b/tests/tests/security/src/android/security/cts/VoldExploitTest.java

@@ -39,6 +39,20 @@
 public class VoldExploitTest extends AndroidTestCase {
 
     /**
+     * Try to inject vold commands.
+     */
+    public void testTryCommandInjection() throws Exception {
+        final StorageManager sm = (StorageManager) getContext().getSystemService(
+                Context.STORAGE_SERVICE);
+        try {
+            sm.getMountedObbPath("/dev/null\0asec list");
+            fail("able to inject vold commands");
+        } catch(IllegalArgumentException e) {
+            // expected
+        }
+    }
+
+    /**
      * Validate that this device isn't vulnerable to the "ZergRush"
      * vold vulnerability (CVE-2011-3874).
      *
commit	48780b9b09b64b97225605a70904a7cd23d312a3	[log] [tgz]
author	Jeff Sharkey <jsharkey@android.com>	Mon Oct 17 12:59:04 2011 -0700
committer	Jeff Sharkey <jsharkey@android.com>	Mon Oct 17 14:32:05 2011 -0700
tree	1e248661400f180529b8e79ea0a32e9d684b6c4f
parent	a8510ab0bad0819407d19d5dd816f70a70f01f26 [diff]