Add limits on BlobHandle label and lease expiry strings.

Fixes: 157221032 Test: atest --test-mapping apex/blobstore Change-Id: Ic8eac1d956b60fbcd171c2705d5a151c7d5baf87
author: Sudheer Shanka <sudheersai@google.com> 2020-06-26 15:02:04 -0700
committer: Sudheer Shanka <sudheersai@google.com> 2020-06-29 10:36:38 -0700
commit: 94b852f9a6ba2fd87d7ab9c818935ae19d500698 (patch)
tree: 9b6414a53f86c2dc46dad27c2149dee717d0c84c /apex/blobstore/framework
parent: aeb6e127806c33f8a8979ecf39ed8ac58eced513 (diff)
2 files changed, 13 insertions, 4 deletions
diff --git a/apex/blobstore/framework/java/android/app/blob/BlobHandle.java b/apex/blobstore/framework/java/android/app/blob/BlobHandle.java
index ecc78ce7cf34..113f8fe9e248 100644
--- a/apex/blobstore/framework/java/android/app/blob/BlobHandle.java
+++ b/apex/blobstore/framework/java/android/app/blob/BlobHandle.java
@@ -51,6 +51,7 @@ public final class BlobHandle implements Parcelable {
     };
 
     private static final int LIMIT_BLOB_TAG_LENGTH = 128; // characters
+    private static final int LIMIT_BLOB_LABEL_LENGTH = 100; // characters
 
     /**
      * Cyrptographically secure hash algorithm used to generate hash of the blob this handle is
@@ -128,6 +129,9 @@ public final class BlobHandle implements Parcelable {
      *
      * @param digest the SHA-256 hash of the blob this is representing.
      * @param label a label indicating what the blob is, that can be surfaced to the user.
+     *              The length of the label cannot be more than 100 characters. It is recommended
+     *              to keep this brief. This may be truncated and ellipsized if it is too long
+     *              to be displayed to the user.
      * @param expiryTimeMillis the time in secs after which the blob should be invalidated and not
      *                         allowed to be accessed by any other app,
      *                         in {@link System#currentTimeMillis()} timebase or {@code 0} to
@@ -205,9 +209,9 @@ public final class BlobHandle implements Parcelable {
         final BlobHandle other = (BlobHandle) obj;
         return this.algorithm.equals(other.algorithm)
                 && Arrays.equals(this.digest, other.digest)
-                && this.label.equals(other.label)
+                && this.label.toString().equals(other.label.toString())
                 && this.expiryTimeMillis == other.expiryTimeMillis
-                && this.tag.equals(tag);
+                && this.tag.equals(other.tag);
     }
 
     @Override
@@ -233,6 +237,7 @@ public final class BlobHandle implements Parcelable {
         Preconditions.checkArgumentIsSupported(SUPPORTED_ALGOS, algorithm);
         Preconditions.checkByteArrayNotEmpty(digest, "digest");
         Preconditions.checkStringNotEmpty(label, "label must not be null");
+        Preconditions.checkArgument(label.length() <= LIMIT_BLOB_LABEL_LENGTH, "label too long");
         Preconditions.checkArgumentNonnegative(expiryTimeMillis,
                 "expiryTimeMillis must not be negative");
         Preconditions.checkStringNotEmpty(tag, "tag must not be null");
diff --git a/apex/blobstore/framework/java/android/app/blob/BlobStoreManager.java b/apex/blobstore/framework/java/android/app/blob/BlobStoreManager.java
index 9c1acafa800d..39f7526560a9 100644
--- a/apex/blobstore/framework/java/android/app/blob/BlobStoreManager.java
+++ b/apex/blobstore/framework/java/android/app/blob/BlobStoreManager.java
@@ -347,7 +347,9 @@ public class BlobStoreManager {
      * @param blobHandle the {@link BlobHandle} representing the blob that the caller wants to
      *                   acquire a lease for.
      * @param description a short description string that can be surfaced
-     *                    to the user explaining what the blob is used for.
+     *                    to the user explaining what the blob is used for. It is recommended to
+     *                    keep this description brief. This may be truncated and ellipsized
+     *                    if it is too long to be displayed to the user.
      * @param leaseExpiryTimeMillis the time in milliseconds after which the lease can be
      *                              automatically released, in {@link System#currentTimeMillis()}
      *                              timebase. If its value is {@code 0}, then the behavior of this
@@ -458,7 +460,9 @@ public class BlobStoreManager {
      * @param blobHandle the {@link BlobHandle} representing the blob that the caller wants to
      *                   acquire a lease for.
      * @param description a short description string that can be surfaced
-     *                    to the user explaining what the blob is used for.
+     *                    to the user explaining what the blob is used for. It is recommended to
+     *                    keep this description brief. This may be truncated and
+     *                    ellipsized if it is too long to be displayed to the user.
      *
      * @throws IOException when there is an I/O error while acquiring a lease to the blob.
      * @throws SecurityException when the blob represented by the {@code blobHandle} does not
author	Sudheer Shanka <sudheersai@google.com>	2020-06-26 15:02:04 -0700
committer	Sudheer Shanka <sudheersai@google.com>	2020-06-29 10:36:38 -0700
commit	94b852f9a6ba2fd87d7ab9c818935ae19d500698 (patch)
tree	9b6414a53f86c2dc46dad27c2149dee717d0c84c /apex/blobstore/framework
parent	aeb6e127806c33f8a8979ecf39ed8ac58eced513 (diff)