Merge "Sanity-check paths of files to be restored" into lmp-dev
diff --git a/services/backup/java/com/android/server/backup/BackupManagerService.java b/services/backup/java/com/android/server/backup/BackupManagerService.java
index 59aef32..77b14ac 100644
--- a/services/backup/java/com/android/server/backup/BackupManagerService.java
+++ b/services/backup/java/com/android/server/backup/BackupManagerService.java
@@ -5129,6 +5129,14 @@
}
}
+ // The path needs to be canonical
+ if (info.path.contains("..") || info.path.contains("//")) {
+ if (MORE_DEBUG) {
+ Slog.w(TAG, "Dropping invalid path " + info.path);
+ }
+ return false;
+ }
+
// Otherwise we think this file is good to go
return true;
}
@@ -5680,6 +5688,14 @@
break;
}
+ // The path needs to be canonical
+ if (info.path.contains("..") || info.path.contains("//")) {
+ if (MORE_DEBUG) {
+ Slog.w(TAG, "Dropping invalid path " + info.path);
+ }
+ okay = false;
+ }
+
// If the policy is satisfied, go ahead and set up to pipe the
// data to the agent.
if (DEBUG && okay && mAgent != null) {