RESTRICT AUTOMERGE: CTS: Verify DynamicRefTable::load security fix
This tests that corrupted apks fail to install on P and later as well as
adds a new test to verify that the DynamicRedTable::load security fix
prevents out-of-bounds reads from occurring.
Bug: 79488511
Test: run cts -m CtsAppSecurityHostTestCases \
-t android.appsecurity.cts.CorruptApkTests
Change-Id: I5b60758cb4979c6a593ff57e73acdd559b5d1be7
Merged-In: I5b60758cb4979c6a593ff57e73acdd559b5d1be7
diff --git a/hostsidetests/appsecurity/Android.mk b/hostsidetests/appsecurity/Android.mk
index 975bcb5..2a8c819 100644
--- a/hostsidetests/appsecurity/Android.mk
+++ b/hostsidetests/appsecurity/Android.mk
@@ -30,6 +30,11 @@
# tag this module as a cts test artifact
LOCAL_COMPATIBILITY_SUITE := cts vts general-tests
+LOCAL_REQUIRED_MODULES := \
+ CtsCorruptApkTests_b71360999 \
+ CtsCorruptApkTests_b71361168 \
+ CtsCorruptApkTests_b79488511
+
include $(BUILD_CTS_HOST_JAVA_LIBRARY)
# Build the test APKs using their own makefiles
diff --git a/hostsidetests/appsecurity/src/android/appsecurity/cts/CorruptApkTests.java b/hostsidetests/appsecurity/src/android/appsecurity/cts/CorruptApkTests.java
index 3220de6..978ec9e 100644
--- a/hostsidetests/appsecurity/src/android/appsecurity/cts/CorruptApkTests.java
+++ b/hostsidetests/appsecurity/src/android/appsecurity/cts/CorruptApkTests.java
@@ -34,7 +34,8 @@
*/
public class CorruptApkTests extends DeviceTestCase implements IBuildReceiver {
private final String B71360999_PKG = "com.android.appsecurity.b71360999";
- private final String B71361168_PKG = "com.example.helloworld";
+ private final String B71361168_PKG = "com.android.appsecurity.b71361168";
+ private final String B79488511_PKG = "com.android.appsecurity.b79488511";
private IBuildInfo mBuildInfo;
@@ -49,6 +50,7 @@
super.setUp();
uninstall(B71360999_PKG);
uninstall(B71361168_PKG);
+ uninstall(B79488511_PKG);
}
@After
@@ -57,6 +59,7 @@
super.tearDown();
uninstall(B71360999_PKG);
uninstall(B71361168_PKG);
+ uninstall(B79488511_PKG);
}
/** Uninstall the apk if the test failed previously. */
@@ -68,11 +71,11 @@
}
/**
- * Tests that apks described in b/71360999 do not install successfully nor cause
+ * Tests that apks described in b/71360999 do not install successfully.
*/
public void testFailToInstallCorruptStringPoolHeader_b71360999() throws Exception {
final String APK_PATH = "CtsCorruptApkTests_b71360999.apk";
- assertFailsToInstall(APK_PATH, B71360999_PKG);
+ assertInstallNoFatalError(APK_PATH, B71360999_PKG);
}
/**
@@ -80,24 +83,34 @@
*/
public void testFailToInstallCorruptStringPoolHeader_b71361168() throws Exception {
final String APK_PATH = "CtsCorruptApkTests_b71361168.apk";
- assertFailsToInstall(APK_PATH, B71361168_PKG);
+ assertInstallNoFatalError(APK_PATH, B71361168_PKG);
}
/**
- * Assert that the app fails to install and the reason for failing is not caused by a buffer
- * overflow nor a out of bounds read.
+ * Tests that apks described in b/79488511 do not install successfully.
+ */
+ public void testFailToInstallCorruptStringPoolHeader_b79488511() throws Exception {
+ final String APK_PATH = "CtsCorruptApkTests_b79488511.apk";
+ assertInstallNoFatalError(APK_PATH, B79488511_PKG);
+ }
+
+ /**
+ * Assert that installing the app does not cause a native error caused by a buffer overflow
+ * or an out-of-bounds read.
**/
- private void assertFailsToInstall(String filename, String pkg) throws Exception {
+ private void assertInstallNoFatalError(String filename, String pkg) throws Exception {
ITestDevice device = getDevice();
device.clearLogcat();
-
final String result = device.installPackage(
new CompatibilityBuildHelper(mBuildInfo).getTestFile(filename),
true /*reinstall*/);
- assertNotNull(result);
- assertFalse(result.isEmpty());
- assertFalse(device.getInstalledPackageNames().contains(pkg));
+ // Starting from P, corrupt apks should always fail to install
+ if (device.getApiLevel() >= 28) {
+ assertNotNull(result);
+ assertFalse(result.isEmpty());
+ assertFalse(device.getInstalledPackageNames().contains(pkg));
+ }
// This catches if the device fails to install the app because a segmentation fault
// or out of bounds read created by the bug occurs
diff --git a/hostsidetests/appsecurity/test-apps/CorruptApkTests/Android.mk b/hostsidetests/appsecurity/test-apps/CorruptApkTests/Android.mk
index feaaa03..9fd8b98 100644
--- a/hostsidetests/appsecurity/test-apps/CorruptApkTests/Android.mk
+++ b/hostsidetests/appsecurity/test-apps/CorruptApkTests/Android.mk
@@ -28,4 +28,12 @@
LOCAL_SRC_FILES := b71361168.apk
LOCAL_COMPATIBILITY_SUITE := cts vts general-tests
LOCAL_CERTIFICATE := PRESIGNED
+include $(BUILD_PREBUILT)
+
+include $(CLEAR_VARS)
+LOCAL_MODULE := CtsCorruptApkTests_b79488511
+LOCAL_MODULE_CLASS := APPS
+LOCAL_SRC_FILES := b79488511.apk
+LOCAL_COMPATIBILITY_SUITE := cts vts general-tests
+LOCAL_CERTIFICATE := PRESIGNED
include $(BUILD_PREBUILT)
\ No newline at end of file
diff --git a/hostsidetests/appsecurity/test-apps/CorruptApkTests/b71361168.apk b/hostsidetests/appsecurity/test-apps/CorruptApkTests/b71361168.apk
index ef1e2bf..dc00656 100644
--- a/hostsidetests/appsecurity/test-apps/CorruptApkTests/b71361168.apk
+++ b/hostsidetests/appsecurity/test-apps/CorruptApkTests/b71361168.apk
Binary files differ
diff --git a/hostsidetests/appsecurity/test-apps/CorruptApkTests/b79488511.apk b/hostsidetests/appsecurity/test-apps/CorruptApkTests/b79488511.apk
new file mode 100644
index 0000000..22af499
--- /dev/null
+++ b/hostsidetests/appsecurity/test-apps/CorruptApkTests/b79488511.apk
Binary files differ