summaryrefslogtreecommitdiff
path: root/identity/aidl/default/common/WritableIdentityCredential.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'identity/aidl/default/common/WritableIdentityCredential.cpp')
-rw-r--r--identity/aidl/default/common/WritableIdentityCredential.cpp9
1 files changed, 9 insertions, 0 deletions
diff --git a/identity/aidl/default/common/WritableIdentityCredential.cpp b/identity/aidl/default/common/WritableIdentityCredential.cpp
index 25f129b14b..200ee61df4 100644
--- a/identity/aidl/default/common/WritableIdentityCredential.cpp
+++ b/identity/aidl/default/common/WritableIdentityCredential.cpp
@@ -210,6 +210,15 @@ ndk::ScopedAStatus WritableIdentityCredential::beginAddEntry(
"numAccessControlProfileRemaining_ is not zero"));
}
+ // Ensure passed-in profile ids reference valid access control profiles
+ for (const int32_t id : accessControlProfileIds) {
+ if (accessControlProfileIds_.find(id) == accessControlProfileIds_.end()) {
+ return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
+ IIdentityCredentialStore::STATUS_INVALID_DATA,
+ "An id in accessControlProfileIds references non-existing ACP"));
+ }
+ }
+
if (remainingEntryCounts_.size() == 0) {
return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
IIdentityCredentialStore::STATUS_INVALID_DATA, "No more namespaces to add to"));
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 20:38:19 +0000