Google Git
Sign in
android / platform / frameworks / av / 6111b2b92a1844f5796c718bf0736102b876c2b9
commit6111b2b92a1844f5796c718bf0736102b876c2b9[log] [tgz]
authorJames Wei <jameswei@google.com>Tue May 28 17:18:21 2019 +0800
committerJames Wei <jameswei@google.com>Thu Feb 13 14:03:38 2020 +0800
tree4602e69e50256ce7cc852e840e990ed0b36b9492
parent58cc8f2c0254f03d66a28ae1cf0809c171d4ac7d [diff]
MTP: Sanitize filename provided from MTP host

Fix potential security vulnerability via MTP path traversal

Bug: 130656917
Test: atest frameworks/av/media/mtp/tests
Test: Manual test: modified libmtp for path traversal attack
Test: Manual test: normal recursive folder copy
Note: Also patched with 68ccf5c (b/135764253)
Change-Id: I467e1e6a76d09951050f7f45e5a63419e540c572
(cherry picked from commit e783e4b24b9e4080e50c50d62a24bcbfabb3e03d)
Merged-In: I467e1e6a76d09951050f7f45e5a63419e540c572
1 file changed
tree: 4602e69e50256ce7cc852e840e990ed0b36b9492
  1. apex/
  2. camera/
  3. cmds/
  4. drm/
  5. include/
  6. media/
  7. services/
  8. soundtrigger/
  9. tools/
  10. CleanSpec.mk
  11. MODULE_LICENSE_APACHE2
  12. NOTICE
  13. OWNERS