diff options
| author | y <rtmitchell@google.com> | 2018-04-05 17:57:27 -0700 | 
|---|---|---|
| committer | Atanas Kirilov <akirilov@google.com> | 2018-04-13 20:34:18 +0000 | 
| commit | 7e54c3f261d81316b75cb734075319108d8bc1d1 (patch) | |
| tree | 4c46c9bc01516759509d853c0c2eb9efb76b373e /tools/aapt2/diff/Diff.cpp | |
| parent | de71ee469a06fac76710874a69c97f76f4f22af7 (diff) | |
ResStringPool: Fix security vulnerability
Adds detection of attacker-modified size and data fields passed to
ResStringPool::setTo(). These attacks are modified apks that AAPT would
not normally generate. In the rare case this occurs, the installation
cannot be allowed to continue.
Bug: 71361168
Bug: 71360999
Test: run cts -m CtsAppSecurityHostTestCases \
          -t android.appsecurity.cts.CorruptApkTests
Change-Id: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
Merged-In: If7eb93a9e723b16c8a0556fc4e20006aa0391d57
Diffstat (limited to 'tools/aapt2/diff/Diff.cpp')
0 files changed, 0 insertions, 0 deletions
