diff options
| author | Jackal Guo <jackalguo@google.com> | 2022-01-06 01:53:45 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2022-01-06 01:53:45 +0000 |
| commit | 2648ce4633bc8428f02d79532dc84c91c26a730d (patch) | |
| tree | 99646f5e2499da21d194c1934001cad79085cf2a /core/java | |
| parent | f5f9c51c888836442b0f5096a137fe2562a6df14 (diff) | |
| parent | 0033c65aa995484ea6aeaa983c1a227fd14b30a5 (diff) | |
Merge "Add enforcement for duplicate permissions"
Diffstat (limited to 'core/java')
| -rw-r--r-- | core/java/android/content/pm/parsing/ParsingPackageUtils.java | 8 | ||||
| -rw-r--r-- | core/java/android/content/pm/parsing/component/ParsedPermissionUtils.java | 27 |
2 files changed, 35 insertions, 0 deletions
diff --git a/core/java/android/content/pm/parsing/ParsingPackageUtils.java b/core/java/android/content/pm/parsing/ParsingPackageUtils.java index 16deaa05afce..f336672ffefa 100644 --- a/core/java/android/content/pm/parsing/ParsingPackageUtils.java +++ b/core/java/android/content/pm/parsing/ParsingPackageUtils.java @@ -21,6 +21,7 @@ import static android.content.pm.ActivityInfo.RESIZE_MODE_UNRESIZEABLE; import static android.content.pm.PackageManager.INSTALL_FAILED_INVALID_APK; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_BAD_MANIFEST; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES; +import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_MANIFEST_MALFORMED; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_NOT_APK; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_ONLY_COREAPP_ALLOWED; import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_RESOURCES_ARSC_COMPRESSED; @@ -934,6 +935,13 @@ public class ParsingPackageUtils { ); } + if (ParsedPermissionUtils.declareDuplicatePermission(pkg)) { + return input.error( + INSTALL_PARSE_FAILED_MANIFEST_MALFORMED, + "Declare duplicate permissions with different protection levels." + ); + } + convertCompatPermissions(pkg); convertSplitPermissions(pkg); diff --git a/core/java/android/content/pm/parsing/component/ParsedPermissionUtils.java b/core/java/android/content/pm/parsing/component/ParsedPermissionUtils.java index 66e9d3ddca1f..86c8f02f9fd9 100644 --- a/core/java/android/content/pm/parsing/component/ParsedPermissionUtils.java +++ b/core/java/android/content/pm/parsing/component/ParsedPermissionUtils.java @@ -27,6 +27,7 @@ import android.content.pm.parsing.result.ParseResult; import android.content.res.Resources; import android.content.res.TypedArray; import android.content.res.XmlResourceParser; +import android.util.ArrayMap; import android.util.Slog; import com.android.internal.R; @@ -34,6 +35,7 @@ import com.android.internal.R; import org.xmlpull.v1.XmlPullParserException; import java.io.IOException; +import java.util.List; /** @hide */ public class ParsedPermissionUtils { @@ -271,4 +273,29 @@ public class ParsedPermissionUtils { } return size; } + + /** + * @return {@code true} if the package declares duplicate permissions with different + * protection levels. + */ + public static boolean declareDuplicatePermission(@NonNull ParsingPackage pkg) { + final List<ParsedPermission> permissions = pkg.getPermissions(); + final int size = permissions.size(); + if (size > 0) { + final ArrayMap<String, ParsedPermission> checkDuplicatePerm = new ArrayMap<>(size); + for (int i = 0; i < size; i++) { + final ParsedPermission parsedPermission = permissions.get(i); + final String name = parsedPermission.getName(); + final ParsedPermission perm = checkDuplicatePerm.get(name); + // Since a permission tree is also added as a permission with normal protection + // level, we need to skip if the parsedPermission is a permission tree. + if (perm != null && !(perm.isTree() || parsedPermission.isTree()) + && perm.getProtectionLevel() != parsedPermission.getProtectionLevel()) { + return true; + } + checkDuplicatePerm.put(name, parsedPermission); + } + } + return false; + } } |