Revise the IllegalArgumentException check
Combining the two IllegalArgumentException check in getSigningKeySet
to mitigate the potential information leakage.
Bug: 189857801
Test: atest PackageManagerTests
Test: manually using the PoC in the buganizer to ensure the symptom
no longer exists.
Change-Id: Ieaedb7305300a96a83f99895435c9577351831b9
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index a8cc5fd..7d9ef0e 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -26445,14 +26445,10 @@
final int callingUid = Binder.getCallingUid();
final int callingUserId = UserHandle.getUserId(callingUid);
final AndroidPackage pkg = mPackages.get(packageName);
- if (pkg == null) {
- Slog.w(TAG, "KeySet requested for unknown package: " + packageName);
- throw new IllegalArgumentException("Unknown package: " + packageName);
- }
- final PackageSetting ps = getPackageSetting(pkg.getPackageName());
- if (shouldFilterApplicationLocked(ps, callingUid, callingUserId)) {
- // filter and pretend the package doesn't exist
- Slog.w(TAG, "KeySet requested for filtered package: " + packageName
+ if (pkg == null
+ || shouldFilterApplicationLocked(getPackageSetting(pkg.getPackageName()),
+ callingUid, callingUserId)) {
+ Slog.w(TAG, "KeySet requested for unknown package: " + packageName
+ ", uid:" + callingUid);
throw new IllegalArgumentException("Unknown package: " + packageName);
}