Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_native / 8e4d346c0c09b03c24689035003ef38affc6235e^! / . / cmds / installd / InstalldNativeService.cpp
commit8e4d346c0c09b03c24689035003ef38affc6235e[log] [tgz]
authorNikita Ioffe <ioffe@google.com>Mon Jan 21 17:56:03 2019 +0000
committerNikita Ioffe <ioffe@google.com>Mon Jan 28 20:18:48 2019 +0000
treeb9b815c85bc1f88f48c7094ff867af82dbdb19af
parent73bc78fe431cdfc821aa128783924987cf6b05b0 [diff] [blame]
installd: Validate volumeUuid in snapshotAppData and restoreAppDataSnapshot

Only supported values are nullptr and "TEST".

Bug: 112431924
Test: installd_service_test
Change-Id: I27260a3554d009053206d8e3d1e213306ff3d7d5

diff --git a/cmds/installd/InstalldNativeService.cpp b/cmds/installd/InstalldNativeService.cpp
index 99f1a18..cae212c 100644
--- a/cmds/installd/InstalldNativeService.cpp
+++ b/cmds/installd/InstalldNativeService.cpp

@@ -77,6 +77,9 @@
 namespace android {
 namespace installd {
 
+// An uuid used in unit tests.
+static constexpr const char* kTestUuid = "TEST";
+
 static constexpr const char* kCpPath = "/system/bin/cp";
 static constexpr const char* kXattrDefault = "user.default";
 
@@ -766,21 +769,21 @@
 // TODO(narayan): We should pass through the ceDataInode so that we can call
 // clearAppData(FLAG_CLEAR_CACHE_ONLY | FLAG_CLEAR_CODE_CACHE before we commence
 // the copy.
-//
-// TODO(narayan): For snapshotAppData as well as restoreAppDataSnapshot, we
-// should validate that volumeUuid is either nullptr or TEST, we won't support
-// anything else.
 binder::Status InstalldNativeService::snapshotAppData(
         const std::unique_ptr<std::string>& volumeUuid,
         const std::string& packageName, int32_t user, int32_t storageFlags) {
     ENFORCE_UID(AID_SYSTEM);
-    CHECK_ARGUMENT_UUID(volumeUuid);
     CHECK_ARGUMENT_PACKAGE_NAME(packageName);
     std::lock_guard<std::recursive_mutex> lock(mLock);
 
     const char* volume_uuid = volumeUuid ? volumeUuid->c_str() : nullptr;
     const char* package_name = packageName.c_str();
 
+    if (volume_uuid && strcmp(volume_uuid, kTestUuid)) {
+        return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
+                StringPrintf("volumeUuid must be null or \"%s\", got: %s", kTestUuid, volume_uuid));
+    }
+
     binder::Status res = ok();
     bool clear_ce_on_exit = false;
     bool clear_de_on_exit = false;
@@ -854,13 +857,17 @@
         const int32_t appId, const int64_t ceDataInode, const std::string& seInfo,
         const int32_t user, int32_t storageFlags) {
     ENFORCE_UID(AID_SYSTEM);
-    CHECK_ARGUMENT_UUID(volumeUuid);
     CHECK_ARGUMENT_PACKAGE_NAME(packageName);
     std::lock_guard<std::recursive_mutex> lock(mLock);
 
     const char* volume_uuid = volumeUuid ? volumeUuid->c_str() : nullptr;
     const char* package_name = packageName.c_str();
 
+    if (volume_uuid && strcmp(volume_uuid, kTestUuid)) {
+        return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
+                StringPrintf("volumeUuid must be null or \"%s\", got: %s", kTestUuid, volume_uuid));
+    }
+
     auto from_ce = create_data_misc_ce_rollback_package_path(volume_uuid,
             user, package_name);
     auto from_de = create_data_misc_de_rollback_package_path(volume_uuid,