Google Git
Sign in
android / platform / frameworks / base / 0f3c01c326b6966590c652adec5baa61351756e4
commit0f3c01c326b6966590c652adec5baa61351756e4[log] [tgz]
authoryutingfang <yutingfang@google.com>Thu Jan 23 11:18:35 2025 -0800
committerAndroid Build Coastguard Worker <android-build-coastguard-worker@google.com>Wed Mar 12 16:48:23 2025 -0700
tree080f973cafeb3510272713811c8ada2c6adbe2eb
parentb66817d2ed3b6ef29873bfe9857081cdef63681f [diff]
Impose a threshold on the number of attributed op entries returned in a binder call

In the binder call IAppOpsService#getPackagesForOpsForDevice, we return
attributed op entries encapsulated in PackageOps. When there are too
many attribution tags used for a lot of ops, the size of PackageOps can
be bloated and exceeds the binder transaction limit. However, this is
usually caused by DoS attack from malicious apps. A normal app wouldn't
run into this problem.

This CL adds a threshold on the number of attributed op entries that can
be returned in a binder call. The threshold is calculated assuming each
attribution tag is 50 bytes long.

Bug: 372678095
Test: manual. Using provided POC app from the reporter.
Verified the exception is gone after the fix.
Flag: EXEMPT bugfix
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:eec34e2716bfa613be30b0a0b9a173e2005a6c00)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:767b4f7c3657fa29548a4464da6790dbca8aebda)
Merged-In: I43cd4b9774dbe554edcec296c4b8a3d7fc60c85c
Change-Id: I43cd4b9774dbe554edcec296c4b8a3d7fc60c85c
1 file changed
tree: 080f973cafeb3510272713811c8ada2c6adbe2eb
  1. .prebuilt_info/
  2. apct-tests/
  3. apex/
  4. api/
  5. boot/
  6. cmds/
  7. config/
  8. core/
  9. data/
  10. docs/
  11. drm/
  12. errorprone/
  13. graphics/
  14. identity/
  15. keystore/
  16. libs/
  17. location/
  18. media/
  19. mime/
  20. mms/
  21. native/
  22. nfc/
  23. nfc-extras/
  24. obex/
  25. omapi/
  26. opengl/
  27. packages/
  28. proto/
  29. ravenwood/
  30. rs/
  31. samples/
  32. sax/
  33. services/
  34. startop/
  35. telecomm/
  36. telephony/
  37. test-base/
  38. test-junit/
  39. test-legacy/
  40. test-mock/
  41. test-runner/
  42. tests/
  43. tools/
  44. wifi/
  45. .clang-format
  46. .gitignore
  47. .mailmap
  48. AconfigFlags.bp
  49. ADPF_OWNERS
  50. Android.bp
  51. BAL_OWNERS
  52. BATTERY_STATS_OWNERS
  53. BROADCASTS_OWNERS
  54. CleanSpec.mk
  55. framework-jarjar-rules.txt
  56. GAME_MANAGER_OWNERS
  57. INPUT_OWNERS
  58. INTENT_OWNERS
  59. lint-baseline.xml
  60. LSE_APP_COMPAT_OWNERS
  61. MEMORY_OWNERS
  62. METADATA
  63. MODULE_LICENSE_APACHE2
  64. MULTIUSER_OWNERS
  65. NOTICE
  66. OWNERS
  67. OWNERS.md
  68. PACKAGE_MANAGER_OWNERS
  69. pathmap.mk
  70. PERFORMANCE_OWNERS
  71. PREUPLOAD.cfg
  72. ProtoLibraries.bp
  73. Ravenwood.bp
  74. SECURITY_STATE_OWNERS
  75. SQLITE_OWNERS
  76. TEST_MAPPING
  77. TestProtoLibraries.bp
  78. THERMAL_OWNERS
  79. TRACE_OWNERS
  80. WEAR_OWNERS
  81. ZYGOTE_OWNERS