commit 0d6e59407d7b57805a72fe4d3df03c5249ea7ae8
author Dimitry Ivanov <dimitry@google.com> Tue Dec 08 11:16:56 2015 -0800
committer Dimitry Ivanov <dimitry@google.com> Wed Dec 09 15:39:36 2015 -0800
tree f590d4490e1fe6e7f95837e6a985ba23596b36bb
parent 9729392ffa40ed37aab7fd535c6644d20279bbf0

Apply permitted path to the classloader-namespace

Bug: http://b/25853516
Bug: http://b/22548808
Change-Id: I283e6ee8d743bc3ab41aab9f36af0abbe729943f

libnativeloader/native_loader.cpp

diff --git a/libnativeloader/native_loader.cpp b/libnativeloader/native_loader.cpp
index 654bcb8..cef2d75 100644
--- a/libnativeloader/native_loader.cpp
+++ b/libnativeloader/native_loader.cpp
@@ -55,10 +55,18 @@
  public:
   LibraryNamespaces() : initialized_(false) { }
 
-  android_namespace_t* GetOrCreate(JNIEnv* env, jobject class_loader, jstring library_path) {
-    ScopedUtfChars libraryPath(env, library_path);
+  android_namespace_t* GetOrCreate(JNIEnv* env, jobject class_loader,
+                                   jstring java_library_path,
+                                   jstring java_permitted_path) {
+    ScopedUtfChars library_path(env, java_library_path);
 
-    if (!initialized_ && !InitPublicNamespace(libraryPath.c_str())) {
+    std::string permitted_path;
+    if (java_permitted_path != nullptr) {
+      ScopedUtfChars path(env, java_permitted_path);
+      permitted_path = path.c_str();
+    }
+
+    if (!initialized_ && !InitPublicNamespace(library_path.c_str())) {
       return nullptr;
     }
 
@@ -73,8 +81,11 @@
     android_namespace_t* ns =
             android_create_namespace("classloader-namespace",
                                      nullptr,
-                                     libraryPath.c_str(),
-                                     true);
+                                     library_path.c_str(),
+                                     true,
+                                     java_permitted_path != nullptr ?
+                                        permitted_path.c_str() :
+                                        nullptr);
 
     namespaces_.push_back(std::make_pair(env->NewWeakGlobalRef(class_loader), ns));
 
@@ -118,13 +129,16 @@
 
 
 void* OpenNativeLibrary(JNIEnv* env, int32_t target_sdk_version, const char* path,
-                        jobject class_loader, jstring library_path) {
+                        jobject class_loader, jstring java_library_path,
+                        jstring java_permitted_path) {
 #if defined(__ANDROID__)
   if (target_sdk_version == 0 || class_loader == nullptr) {
     return dlopen(path, RTLD_NOW);
   }
 
-  android_namespace_t* ns = g_namespaces->GetOrCreate(env, class_loader, library_path);
+  android_namespace_t* ns =
+      g_namespaces->GetOrCreate(env, class_loader, java_library_path,
+                                java_permitted_path);
 
   if (ns == nullptr) {
     return nullptr;
@@ -136,7 +150,8 @@
 
   return android_dlopen_ext(path, RTLD_NOW, &extinfo);
 #else
-  UNUSED(env, target_sdk_version, class_loader, library_path);
+  UNUSED(env, target_sdk_version, class_loader,
+         java_library_path, java_permitted_path);
   return dlopen(path, RTLD_NOW);
 #endif
 }