Restrict SipProfiles to profiles directory

am: 5282303362 Change-Id: I340194219492dd5eae7da80e4ec002c37fd413ab
author: Brad Ebinger <breadley@google.com> 2016-10-14 17:47:27 +0000
committer: android-build-merger <android-build-merger@google.com> 2016-10-14 17:47:27 +0000
commit: 8b1086eb4b8c79a7bb92306d76c4e1a4ae512af9 (patch)
tree: eede7a75db4946facbc91858e55f33659abc8cf6 /sip
parent: acc453be16667295c18dff9c7caf01ca97839d08 (diff)
parent: 52823033626ee55474d942d5b9ea24e0f07dbb66 (diff)
download: android_packages_services_Telephony-8b1086eb4b8c79a7bb92306d76c4e1a4ae512af9.tar.gz
android_packages_services_Telephony-8b1086eb4b8c79a7bb92306d76c4e1a4ae512af9.tar.bz2
android_packages_services_Telephony-8b1086eb4b8c79a7bb92306d76c4e1a4ae512af9.zip
3 files changed, 33 insertions, 5 deletions
diff --git a/sip/src/com/android/services/telephony/sip/SipEditor.java b/sip/src/com/android/services/telephony/sip/SipEditor.java
index f6e9c2299..07e5b62e1 100644
--- a/sip/src/com/android/services/telephony/sip/SipEditor.java
+++ b/sip/src/com/android/services/telephony/sip/SipEditor.java
@@ -259,7 +259,7 @@ public class SipEditor extends PreferenceActivity
      *
      * @param p The {@link SipProfile} to delete.
      */
-    private void deleteAndUnregisterProfile(SipProfile p) {
+    private void deleteAndUnregisterProfile(SipProfile p) throws IOException {
         if (p == null) return;
         mProfileDb.deleteProfile(p);
         mSipAccountRegistry.stopSipService(this, p.getProfileName());
diff --git a/sip/src/com/android/services/telephony/sip/SipProfileDb.java b/sip/src/com/android/services/telephony/sip/SipProfileDb.java
index e7b201b25..bb1c7ecd3 100644
--- a/sip/src/com/android/services/telephony/sip/SipProfileDb.java
+++ b/sip/src/com/android/services/telephony/sip/SipProfileDb.java
@@ -21,6 +21,7 @@ import com.android.internal.os.AtomicFile;
 import android.content.Context;
 import android.net.sip.SipProfile;
 import android.text.TextUtils;
+import android.util.EventLog;
 import android.util.Log;
 
 import java.io.File;
@@ -66,9 +67,13 @@ class SipProfileDb {
         mSipPreferences = new SipPreferences(mContext);
     }
 
-    public void deleteProfile(SipProfile p) {
+    public void deleteProfile(SipProfile p) throws IOException {
         synchronized(SipProfileDb.class) {
-            deleteProfile(new File(mProfilesDirectory + p.getProfileName()));
+            File profileFile = new File(mProfilesDirectory, p.getProfileName());
+            if (!isChild(new File(mProfilesDirectory), profileFile)) {
+                throw new IOException("Invalid Profile Credentials!");
+            }
+            deleteProfile(profileFile);
             if (mProfilesCount < 0) retrieveSipProfileListInternal();
         }
     }
@@ -93,7 +98,10 @@ class SipProfileDb {
     public void saveProfile(SipProfile p) throws IOException {
         synchronized(SipProfileDb.class) {
             if (mProfilesCount < 0) retrieveSipProfileListInternal();
-            File f = new File(mProfilesDirectory + p.getProfileName());
+            File f = new File(mProfilesDirectory, p.getProfileName());
+            if (!isChild(new File(mProfilesDirectory), f)) {
+                throw new IOException("Invalid Profile Credentials!");
+            }
             if (!f.exists()) f.mkdirs();
             AtomicFile atomicFile = new AtomicFile(new File(f, PROFILE_OBJ_FILE));
             FileOutputStream fos = null;
@@ -173,4 +181,19 @@ class SipProfileDb {
     private static void log(String msg) {
         Log.d(SipUtil.LOG_TAG, PREFIX + msg);
     }
+
+    /**
+     * Verifies that the file is a direct child of the base directory.
+     */
+    private boolean isChild(File base, File file) {
+        if (base == null || file == null) {
+            return false;
+        }
+        if (!base.equals(file.getAbsoluteFile().getParentFile())) {
+            Log.w(SipUtil.LOG_TAG, "isChild, file is not a child of the base dir.");
+            EventLog.writeEvent(0x534e4554, "31530456", -1, "");
+            return false;
+        }
+        return true;
+    }
 }
diff --git a/sip/src/com/android/services/telephony/sip/SipUtil.java b/sip/src/com/android/services/telephony/sip/SipUtil.java
index 3678c462f..cf03dd373 100644
--- a/sip/src/com/android/services/telephony/sip/SipUtil.java
+++ b/sip/src/com/android/services/telephony/sip/SipUtil.java
@@ -164,7 +164,12 @@ public class SipUtil {
                 }
                 Log.i(LOG_TAG, "(Migration) Deleting SIP profile: " +
                         profileToMove.getProfileName());
-                dbDeStorage.deleteProfile(profileToMove);
+                try {
+                    dbDeStorage.deleteProfile(profileToMove);
+                } catch (IOException e) {
+                    Log.w(LOG_TAG, "Error Deleting file: " +
+                            profileToMove.getProfileName(), e);
+                }
             }
         }
         // Delete supporting structures if they exist
author	Brad Ebinger <breadley@google.com>	2016-10-14 17:47:27 +0000
committer	android-build-merger <android-build-merger@google.com>	2016-10-14 17:47:27 +0000
commit	8b1086eb4b8c79a7bb92306d76c4e1a4ae512af9 (patch)
tree	eede7a75db4946facbc91858e55f33659abc8cf6 /sip
parent	acc453be16667295c18dff9c7caf01ca97839d08 (diff)
parent	52823033626ee55474d942d5b9ea24e0f07dbb66 (diff)
download	android_packages_services_Telephony-8b1086eb4b8c79a7bb92306d76c4e1a4ae512af9.tar.gz android_packages_services_Telephony-8b1086eb4b8c79a7bb92306d76c4e1a4ae512af9.tar.bz2 android_packages_services_Telephony-8b1086eb4b8c79a7bb92306d76c4e1a4ae512af9.zip