Return null RtNetlinkAddressMessage if IFA_FLAGS attr is malformed.
Bug: 163492391
Test: atest NetworkStaticLibsTests
Change-Id: I62732634d7cc31c6ca8a3ea63bb76079d8d22c14
diff --git a/staticlibs/device/com/android/net/module/util/netlink/RtNetlinkAddressMessage.java b/staticlibs/device/com/android/net/module/util/netlink/RtNetlinkAddressMessage.java
index a518c76..f7b0d02 100644
--- a/staticlibs/device/com/android/net/module/util/netlink/RtNetlinkAddressMessage.java
+++ b/staticlibs/device/com/android/net/module/util/netlink/RtNetlinkAddressMessage.java
@@ -114,9 +114,10 @@
// and will overwrite the flags set above.
byteBuffer.position(baseOffset);
nlAttr = StructNlAttr.findNextAttrOfType(IFA_FLAGS, byteBuffer);
- if (nlAttr != null) {
- addrMsg.mFlags = nlAttr.getValueAsInt(0 /* default value */);
- }
+ if (nlAttr == null) return null;
+ final Integer value = nlAttr.getValueAsInteger();
+ if (value == null) return null;
+ addrMsg.mFlags = value;
return addrMsg;
}
diff --git a/staticlibs/device/com/android/net/module/util/netlink/StructNlAttr.java b/staticlibs/device/com/android/net/module/util/netlink/StructNlAttr.java
index 485e67c..a9b6495 100644
--- a/staticlibs/device/com/android/net/module/util/netlink/StructNlAttr.java
+++ b/staticlibs/device/com/android/net/module/util/netlink/StructNlAttr.java
@@ -287,14 +287,22 @@
}
/**
- * Get attribute value as Integer.
+ * Get attribute value as Integer, or null if malformed (e.g., length is not 4 bytes).
*/
- public int getValueAsInt(int defaultValue) {
+ public Integer getValueAsInteger() {
final ByteBuffer byteBuffer = getValueAsByteBuffer();
if (byteBuffer == null || byteBuffer.remaining() != Integer.BYTES) {
- return defaultValue;
+ return null;
}
- return getValueAsByteBuffer().getInt();
+ return byteBuffer.getInt();
+ }
+
+ /**
+ * Get attribute value as Int, default value if malformed.
+ */
+ public int getValueAsInt(int defaultValue) {
+ final Integer value = getValueAsInteger();
+ return (value != null) ? value : defaultValue;
}
/**
@@ -341,6 +349,7 @@
public String getValueAsString() {
if (nla_value == null) return null;
// Check the attribute value length after removing string termination flag '\0'.
+ // This assumes that all netlink strings are null-terminated.
if (nla_value.length < (nla_len - NLA_HEADERLEN - 1)) return null;
try {
diff --git a/staticlibs/tests/unit/src/com/android/net/module/util/netlink/StructNlAttrTest.java b/staticlibs/tests/unit/src/com/android/net/module/util/netlink/StructNlAttrTest.java
index 72e179b..af3fac2 100644
--- a/staticlibs/tests/unit/src/com/android/net/module/util/netlink/StructNlAttrTest.java
+++ b/staticlibs/tests/unit/src/com/android/net/module/util/netlink/StructNlAttrTest.java
@@ -16,6 +16,7 @@
package com.android.net.module.util.netlink;
+import static com.android.net.module.util.netlink.RtNetlinkAddressMessage.IFA_FLAGS;
import static com.android.net.module.util.netlink.RtNetlinkLinkMessage.IFLA_ADDRESS;
import static com.android.net.module.util.netlink.RtNetlinkLinkMessage.IFLA_IFNAME;
@@ -35,6 +36,7 @@
public class StructNlAttrTest {
private static final MacAddress TEST_MAC_ADDRESS = MacAddress.fromString("00:11:22:33:44:55");
private static final String TEST_INTERFACE_NAME = "wlan0";
+ private static final int TEST_ADDR_FLAGS = 0x80;
@Test
public void testGetValueAsMacAddress() {
@@ -65,4 +67,29 @@
final String str2 = attr2.getValueAsString();
assertEquals(str2, TEST_INTERFACE_NAME);
}
+
+ @Test
+ public void testGetValueAsIntger() {
+ final StructNlAttr attr1 = new StructNlAttr(IFA_FLAGS, TEST_ADDR_FLAGS);
+ final Integer integer1 = attr1.getValueAsInteger();
+ final int int1 = attr1.getValueAsInt(0x08 /* default value */);
+ assertEquals(integer1, new Integer(TEST_ADDR_FLAGS));
+ assertEquals(int1, TEST_ADDR_FLAGS);
+
+ // Malformed attribute.
+ final byte[] malformed_int = new byte[] { (byte) 0x0, (byte) 0x0, (byte) 0x80, };
+ final StructNlAttr attr2 = new StructNlAttr(IFA_FLAGS, malformed_int);
+ final Integer integer2 = attr2.getValueAsInteger();
+ final int int2 = attr2.getValueAsInt(0x08 /* default value */);
+ assertNull(integer2);
+ assertEquals(int2, 0x08 /* default value */);
+
+ // Null attribute value.
+ final byte[] null_int = null;
+ final StructNlAttr attr3 = new StructNlAttr(IFA_FLAGS, null_int);
+ final Integer integer3 = attr3.getValueAsInteger();
+ final int int3 = attr3.getValueAsInt(0x08 /* default value */);
+ assertNull(integer3);
+ assertEquals(int3, 0x08 /* default value */);
+ }
}