CTS test for Android Security CVE-2019-2130
Test: cts-tradefed run cts -m CtsSecurityBulletinHostTestCases -t
android.security.cts.Poc19_08#testPocCVE_2019-2130
Bug: 135207509
Bug: 132073833
Change-Id: I1b130e8766436fa58b54196d9895a9e28af3c143
diff --git a/hostsidetests/securitybulletin/res/CVE-2019-2130.pac b/hostsidetests/securitybulletin/res/CVE-2019-2130.pac
new file mode 100644
index 0000000..79d1967
--- /dev/null
+++ b/hostsidetests/securitybulletin/res/CVE-2019-2130.pac
@@ -0,0 +1,21 @@
+function FindProxyForURL(url, host){
+ function opt() {
+ opt['x'] = 1.1;
+ try {
+ Object.create(object);
+ } catch (e) {
+ }
+
+ for (let i = 0; i < 100000; i++) {
+
+ }
+ }
+
+ opt();
+ object = opt;
+ opt();
+
+ return "DIRECT";
+}
+
+var object;
\ No newline at end of file
diff --git a/hostsidetests/securitybulletin/src/android/security/cts/Poc19_08.java b/hostsidetests/securitybulletin/src/android/security/cts/Poc19_08.java
new file mode 100644
index 0000000..b7fd2f2
--- /dev/null
+++ b/hostsidetests/securitybulletin/src/android/security/cts/Poc19_08.java
@@ -0,0 +1,32 @@
+/**
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.security.cts;
+
+import android.platform.test.annotations.SecurityTest;
+
+@SecurityTest
+public class Poc19_08 extends SecurityTestCase {
+
+ /**
+ * b/129556445
+ */
+ @SecurityTest(minPatchLevel = "2019-08")
+ public void testPocCVE_2019_2130() throws Exception {
+ int code = AdbUtils.runProxyAutoConfig("CVE-2019-2130", getDevice());
+ assertTrue(code != 139); // 128 + signal 11
+ }
+}