Sanity-check paths of files to be restored

The duplicated implementations are an artifact of an ongoing refactor of the full-data restore code. The adb-specific path will be switched to use the FullRestoreEngine [as has already been done for the 'adb backup' path using the parallel full backup engine], at which point the extra implementation here will be removed, but for now we need to make sure that all bases are covered. Bug 16298491 Change-Id: I9cdb8a1c537939a620208df3cf0e921061b981ad
author: Christopher Tate <ctate@google.com> 2014-08-04 14:49:26 -0700
committer: Christopher Tate <ctate@google.com> 2014-08-04 15:13:16 -0700
commit: cce476034388383a6006555a225e2170f3b4dcd9 (patch)
tree: 2475f4269260adf175fbdff03f4f9e8ceeed41ec /services/backup/java/com/android
parent: b942035837b5206b232081d724916eabb7dd4c6b (diff)
download: frameworks_base-cce476034388383a6006555a225e2170f3b4dcd9.zip
frameworks_base-cce476034388383a6006555a225e2170f3b4dcd9.tar.gz
frameworks_base-cce476034388383a6006555a225e2170f3b4dcd9.tar.bz2
1 files changed, 16 insertions, 0 deletions
diff --git a/services/backup/java/com/android/server/backup/BackupManagerService.java b/services/backup/java/com/android/server/backup/BackupManagerService.java
index d434d7a..f59ec71 100644
--- a/services/backup/java/com/android/server/backup/BackupManagerService.java
+++ b/services/backup/java/com/android/server/backup/BackupManagerService.java
@@ -5107,6 +5107,14 @@ public class BackupManagerService extends IBackupManager.Stub {
                 }
             }
 
+            // The path needs to be canonical
+            if (info.path.contains("..") || info.path.contains("//")) {
+                if (MORE_DEBUG) {
+                    Slog.w(TAG, "Dropping invalid path " + info.path);
+                }
+                return false;
+            }
+
             // Otherwise we think this file is good to go
             return true;
         }
@@ -5658,6 +5666,14 @@ if (MORE_DEBUG) Slog.v(TAG, "   + got " + nRead + "; now wanting " + (size - soF
                                 break;
                         }
 
+                        // The path needs to be canonical
+                        if (info.path.contains("..") || info.path.contains("//")) {
+                            if (MORE_DEBUG) {
+                                Slog.w(TAG, "Dropping invalid path " + info.path);
+                            }
+                            okay = false;
+                        }
+
                         // If the policy is satisfied, go ahead and set up to pipe the
                         // data to the agent.
                         if (DEBUG && okay && mAgent != null) {
author	Christopher Tate <ctate@google.com>	2014-08-04 14:49:26 -0700
committer	Christopher Tate <ctate@google.com>	2014-08-04 15:13:16 -0700
commit	cce476034388383a6006555a225e2170f3b4dcd9 (patch)
tree	2475f4269260adf175fbdff03f4f9e8ceeed41ec /services/backup/java/com/android
parent	b942035837b5206b232081d724916eabb7dd4c6b (diff)
download	frameworks_base-cce476034388383a6006555a225e2170f3b4dcd9.zip frameworks_base-cce476034388383a6006555a225e2170f3b4dcd9.tar.gz frameworks_base-cce476034388383a6006555a225e2170f3b4dcd9.tar.bz2