commit 64d8e94610cf8bcb27fb23b031a1ece78da5ecda
author stachick <stachick@google.com> Mon Jun 19 18:43:03 2017 +0000
committer android-build-merger <android-build-merger@google.com> Mon Jun 19 18:43:03 2017 +0000
tree 36c461f9f156fd7336162245e86f18d82192e971
parent 0f7d38f994dd31735ead3c21ac381fd1dde03dc1
parent ec910c9cff5df107b12e8899ed52629e6604ed37

Merge "Adding tests to detect information disclosure bugs." into nyc-dev am: 96043fd2fb am: e534e43055 am: 325b204d12
am: ec910c9cff

Change-Id: Ibab85bbfae15d193b7ef0d75416609ffa895bd91

hostsidetests/security/src/android/security/cts/AdbUtils.java

diff --git a/hostsidetests/security/src/android/security/cts/AdbUtils.java b/hostsidetests/security/src/android/security/cts/AdbUtils.java
index f44870a..da7453e 100644
--- a/hostsidetests/security/src/android/security/cts/AdbUtils.java
+++ b/hostsidetests/security/src/android/security/cts/AdbUtils.java
@@ -32,6 +32,7 @@
 import java.io.OutputStream;
 import java.util.Scanner;
 import java.util.concurrent.TimeUnit;
+import java.util.regex.Pattern;
 
 public class AdbUtils {
 
@@ -125,4 +126,27 @@
         }
 
     }
+
+    /**
+     * Runs an info disclosure related PoC, pulls logs from the device,
+     * and searches the logs for the info being disclosed.
+     * @param pocName string of the PoC name
+     * @param device device to be ran on
+     * @param timeout time to wait for output in seconds
+     * @param pattern pattern of info being disclosed
+     * @return boolean returns false if the test fails, otherwise returns true
+     **/
+    public static boolean detectInformationDisclosure(
+        String pocName, ITestDevice device, int timeout, String pattern) throws Exception {
+
+           String pocOutput = runPoc(pocName, device, timeout);
+           if (Pattern.matches(pattern, pocOutput))
+             return false;
+
+           String logcatOutput = device.executeShellCommand("logcat -d");
+           if (Pattern.matches(pattern, logcatOutput))
+             return false;
+
+           return true;
+    }
 }

hostsidetests/security/src/android/security/cts/SecurityTestCase.java

diff --git a/hostsidetests/security/src/android/security/cts/SecurityTestCase.java b/hostsidetests/security/src/android/security/cts/SecurityTestCase.java
index 5c84850..b3144e1 100644
--- a/hostsidetests/security/src/android/security/cts/SecurityTestCase.java
+++ b/hostsidetests/security/src/android/security/cts/SecurityTestCase.java
@@ -88,4 +88,14 @@
         //TODO(badash@): add ability to catch runtime restart
         getDevice().executeAdbCommand("unroot");
     }
+
+    /**
+     * Runs an info disclosure
+     **/
+    public void infoDisclosure(
+        String pocName, ITestDevice device, int timeout, String pattern ) throws Exception {
+
+        assertTrue("Pattern found. Info Disclosed.",
+                    AdbUtils.detectInformationDisclosure(pocName, device, timeout, pattern));
+     }
 }