Update the permission check for dump
ServicePermissionsTest#testDumpProtected expects to see nothing
from dump() if the caller does not have the required permission.
After the refactor the ConnectivityService#dump(). It does not
leak real information for those callers without permission but
show the title of dumpsys, i.e. it shows "DUMP OF SERVICE HIGH
connectivity". This breaks the test since the test expects to
see nothing.
Move the permission check to the front of dump call stack since
there is no way to call other private dump related methods.
Bug: 185425662
Test: atest android.security.cts.ServicePermissionsTest
Test: adb shell dumpsys connectivity
Change-Id: I173c968a4f1c4d6f618ed87725a6ccda8d309988
diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java
index efb3768..a1e3d32 100644
--- a/services/core/java/com/android/server/ConnectivityService.java
+++ b/services/core/java/com/android/server/ConnectivityService.java
@@ -2789,6 +2789,8 @@
@Override
protected void dump(@NonNull FileDescriptor fd, @NonNull PrintWriter writer,
@Nullable String[] args) {
+ if (!checkDumpPermission(mContext, TAG, writer)) return;
+
mPriorityDumper.dump(fd, writer, args);
}
@@ -2806,7 +2808,6 @@
private void doDump(FileDescriptor fd, PrintWriter writer, String[] args) {
final IndentingPrintWriter pw = new IndentingPrintWriter(writer, " ");
- if (!checkDumpPermission(mContext, TAG, pw)) return;
if (CollectionUtils.contains(args, DIAG_ARG)) {
dumpNetworkDiagnostics(pw);
