setActiveGroup null, 0 length, unwritable dir should fail

author Kevin Chyn <kchyn@google.com>

Fri, 7 Apr 2017 21:39:50 +0000 (14:39 -0700)

committer Kevin Chyn <kchyn@google.com>

Fri, 14 Apr 2017 21:10:19 +0000 (14:10 -0700)
author Kevin Chyn <kchyn@google.com>
Fri, 7 Apr 2017 21:39:50 +0000 (14:39 -0700)
committer Kevin Chyn <kchyn@google.com>
Fri, 14 Apr 2017 21:10:19 +0000 (14:10 -0700)
diff --git a/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp b/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp

index 5b00675..83c7de8 100644 (file)
--- a/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp
+++ b/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp
@@ -25,6 +25,7 @@
  #include "BiometricsFingerprint.h"
  
  #include <inttypes.h>
+#include <unistd.h>
  
  namespace android {
  namespace hardware {
@@ -189,7 +190,12 @@ Return<RequestStatus> BiometricsFingerprint::setActiveGroup(uint32_t gid,
          const hidl_string& storePath) {
      if (storePath.size() >= PATH_MAX || storePath.size() <= 0) {
          ALOGE("Bad path length: %zd", storePath.size());
+        return RequestStatus::SYS_EINVAL;
      }
+    if (access(storePath.c_str(), W_OK)) {
+        return RequestStatus::SYS_EINVAL;
+    }
+
      return ErrorFilter(mDevice->set_active_group(mDevice, gid,
                                                      storePath.c_str()));
  }
diff --git a/biometrics/fingerprint/2.1/vts/functional/VtsHalBiometricsFingerprintV2_1TargetTest.cpp b/biometrics/fingerprint/2.1/vts/functional/VtsHalBiometricsFingerprintV2_1TargetTest.cpp

index d3f6612..29776b4 100644 (file)
--- a/biometrics/fingerprint/2.1/vts/functional/VtsHalBiometricsFingerprintV2_1TargetTest.cpp
+++ b/biometrics/fingerprint/2.1/vts/functional/VtsHalBiometricsFingerprintV2_1TargetTest.cpp
@@ -43,7 +43,7 @@ namespace {
  static const uint32_t kTimeout = 3;
  static const std::chrono::seconds kTimeoutInSeconds = std::chrono::seconds(kTimeout);
  static const uint32_t kGroupId = 99;
-static const std::string kTmpDir = "/data/local/tmp/";
+static const std::string kTmpDir = "/data/system/";
  static const uint32_t kIterations = 1000;
  
  // Wait for a callback to occur (signaled by the given future) up to the
@@ -186,6 +186,8 @@ class FingerprintHidlTest : public ::testing::VtsHalHidlTargetTestBase {
      ASSERT_FALSE(mService == nullptr);
  
      // Create an active group
+    // FP service can only write to /data/system due to
+    // SELinux Policy and Linux Dir Permissions
      Return<RequestStatus> res = mService->setActiveGroup(kGroupId, kTmpDir);
      ASSERT_EQ(RequestStatus::SYS_OK, static_cast<RequestStatus>(res));
    }
author	Kevin Chyn <kchyn@google.com>
	Fri, 7 Apr 2017 21:39:50 +0000 (14:39 -0700)
committer	Kevin Chyn <kchyn@google.com>
	Fri, 14 Apr 2017 21:10:19 +0000 (14:10 -0700)
biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp		patch \| blob \| history
biometrics/fingerprint/2.1/vts/functional/VtsHalBiometricsFingerprintV2_1TargetTest.cpp		patch \| blob \| history