[RESTRICT AUTOMERGE] Updated CTS test for b/17769851
Bug: 17769851
Bug: 72510314
Test: Ran the new testcase on android-8.0.0_r11 with/without patch
Change-Id: Icd3dceb46b7625fceb0983ff9805775b7e302a01
diff --git a/hostsidetests/securitybulletin/securityPatch/CVE-2015-6616/Android.mk b/hostsidetests/securitybulletin/securityPatch/CVE-2015-6616/Android.mk
index 272f3cf..83137a1 100644
--- a/hostsidetests/securitybulletin/securityPatch/CVE-2015-6616/Android.mk
+++ b/hostsidetests/securitybulletin/securityPatch/CVE-2015-6616/Android.mk
@@ -20,14 +20,10 @@
LOCAL_MULTILIB := both
LOCAL_MODULE_STEM_32 := $(LOCAL_MODULE)32
LOCAL_MODULE_STEM_64 := $(LOCAL_MODULE)64
-LOCAL_C_INCLUDES := frameworks/av/media/libstagefright
-LOCAL_C_INCLUDES += frameworks/av/include/media/stagefright
-LOCAL_C_INCLUDES += cts/hostsidetests/securitybulletin/securityPatch/includes
+LOCAL_C_INCLUDES := frameworks/av/include/media/stagefright
LOCAL_SHARED_LIBRARIES := libstagefright
-LOCAL_SHARED_LIBRARIES += libstagefright_foundation
-LOCAL_SHARED_LIBRARIES += libdrmframework
-LOCAL_SHARED_LIBRARIES += liblog
LOCAL_SHARED_LIBRARIES += libutils
+LOCAL_SHARED_LIBRARIES += libmedia
# Tag this module as a cts test artifact
LOCAL_COMPATIBILITY_SUITE := cts sts vts
diff --git a/hostsidetests/securitybulletin/securityPatch/CVE-2015-6616/poc.cpp b/hostsidetests/securitybulletin/securityPatch/CVE-2015-6616/poc.cpp
index 13f4f8c..e193325 100644
--- a/hostsidetests/securitybulletin/securityPatch/CVE-2015-6616/poc.cpp
+++ b/hostsidetests/securitybulletin/securityPatch/CVE-2015-6616/poc.cpp
@@ -14,9 +14,11 @@
* limitations under the License.
*/
#include <sys/types.h>
-#include <include/MPEG4Extractor.h>
-#include "FileSource.h"
-#include "common.h"
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <MediaExtractor.h>
+#include <MediaDefs.h>
+#include "../includes/common.h"
void * operator new(size_t size) {
if (size > 64 * 1024 * 1024) {
@@ -32,17 +34,28 @@
return EXIT_FAILURE;
}
- sp < DataSource > dataSource = new FileSource(argv[1]);
- if (dataSource == nullptr)
+ int32_t fd = open(argv[1], O_RDONLY);
+ if(fd < 0) {
return EXIT_FAILURE;
+ }
- MPEG4Extractor *ret = new MPEG4Extractor(dataSource.get());
- if (ret == nullptr)
+ int64_t fileSize = lseek(fd, 0, SEEK_END);
+ lseek(fd, 0, SEEK_SET);
+ sp<DataSource> dataSource = DataSource::CreateFromFd(fd, 0, fileSize);
+ if (dataSource == nullptr) {
return EXIT_FAILURE;
+ }
+
+ sp<IMediaExtractor> ret =
+ MediaExtractor::CreateFromService(dataSource, MEDIA_MIMETYPE_CONTAINER_MPEG4);
+ if (ret == nullptr) {
+ return EXIT_FAILURE;
+ }
sp < IMediaSource > source = ret->getTrack(0);
- if (source == nullptr)
+ if (source == nullptr) {
return EXIT_FAILURE;
+ }
source->start(NULL);
return EXIT_SUCCESS;
diff --git a/hostsidetests/securitybulletin/src/android/security/cts/TestMedia.java b/hostsidetests/securitybulletin/src/android/security/cts/TestMedia.java
index 13013aa..9538679 100644
--- a/hostsidetests/securitybulletin/src/android/security/cts/TestMedia.java
+++ b/hostsidetests/securitybulletin/src/android/security/cts/TestMedia.java
@@ -432,6 +432,7 @@
* b/17769851
* Vulnerability Behaviour: EXIT_VULNERABLE (113)
**/
+ @Test
@SecurityTest(minPatchLevel = "2015-12")
public void testPocCVE_2015_6616() throws Exception {
pocPusher.only64();
