Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / aee02f6ffe859852afec3d02287647c658a40967
commitaee02f6ffe859852afec3d02287647c658a40967[log] [tgz]
authorChris Wailes <chriswailes@google.com>Thu Apr 18 18:25:57 2019 -0700
committerChristian Wailes <chriswailes@google.com>Thu Apr 25 21:03:09 2019 +0000
tree7d159295fbe5dcd1328d7877cfafdef4019e4c90
parent6ee42f473c1fe99c3901b61032ead7a8f2d1f4c5 [diff]
Adds additional sanitization for Zygote command arguments.

Previously we were only insuring that the arguments provided to the
Zygote didn't contain any newlines.  This adds additional checks for
carriage returns and standalone integer arguments to protect against
malicious argument and packet injection respectively.

Bug: 130164289
Test: m & flash & boot & check logs
Change-Id: I4055c50d52db0047c02c11096710fd07b429660c
Merged-In: I4055c50d52db0047c02c11096710fd07b429660c
(cherry picked from commit c99198249f8bb79487d4f9f0f45b5b2fefaba41a)
1 file changed
tree: 7d159295fbe5dcd1328d7877cfafdef4019e4c90
  1. apct-tests/
  2. api/
  3. cmds/
  4. config/
  5. core/
  6. data/
  7. docs/
  8. drm/
  9. graphics/
  10. keystore/
  11. libs/
  12. location/
  13. lowpan/
  14. media/
  15. native/
  16. nfc-extras/
  17. obex/
  18. opengl/
  19. packages/
  20. proto/
  21. rs/
  22. samples/
  23. sax/
  24. services/
  25. startop/
  26. telecomm/
  27. telephony/
  28. test-base/
  29. test-legacy/
  30. test-mock/
  31. test-runner/
  32. tests/
  33. tools/
  34. wifi/
  35. .gitignore
  36. Android.bp
  37. Android.mk
  38. CleanSpec.mk
  39. jarjar_rules_hidl.txt
  40. MODULE_LICENSE_APACHE2
  41. NOTICE
  42. pathmap.mk
  43. PREUPLOAD.cfg