diff options
author | rtmitchell@google.com <rtmitchell@google.com> | 2018-04-05 17:57:27 -0700 |
---|---|---|
committer | Tim Schumacher <timschumi@gmx.de> | 2018-06-19 19:33:06 +0200 |
commit | 59941bdc226a2b779613701f221f76d65ffa40ba (patch) | |
tree | d4487aa2a0b7c189d102f3a6cdea6cbf888ad797 /keystore | |
parent | f625911138d99203939ae256a48619b4883bb9cc (diff) | |
download | frameworks_base-59941bdc226a2b779613701f221f76d65ffa40ba.tar.gz frameworks_base-59941bdc226a2b779613701f221f76d65ffa40ba.tar.bz2 frameworks_base-59941bdc226a2b779613701f221f76d65ffa40ba.zip |
ResStringPool: Fix security vulnerability
Adds detection of attacker-modified size and data fields passed to
ResStringPool::setTo(). These attacks are modified apks that AAPT would
not normally generate. In the rare case this occurs, the installation
cannot be allowed to continue.
Bug: 71361168
Bug: 71360999
Test: run cts -m CtsAppSecurityHostTestCases \
-t android.appsecurity.cts.CorruptApkTests
Change-Id: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
Merged-In: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
(cherry picked from commit 7e54c3f261d81316b75cb734075319108d8bc1d1)
CVE-2018-9338, CVE-2018-9340
Diffstat (limited to 'keystore')
0 files changed, 0 insertions, 0 deletions