diff options
| author | Jeff Vander Stoep <jeffv@google.com> | 2014-09-23 17:12:38 +0000 |
|---|---|---|
| committer | Android Git Automerger <android-git-automerger@android.com> | 2014-09-23 17:12:38 +0000 |
| commit | 9aaf54eeb6c1dd83090235a8df5476b2f2f6473e (patch) | |
| tree | 782d4bd34ba3f0093d8f0711e0b2c9d9bbe16710 /services | |
| parent | 1cf337a222bbb0e26445e7904ece687af93aac48 (diff) | |
| parent | 71b19fc301ff08bd13d394dfa9ef6a3f535b149e (diff) | |
| download | frameworks_base-9aaf54eeb6c1dd83090235a8df5476b2f2f6473e.zip frameworks_base-9aaf54eeb6c1dd83090235a8df5476b2f2f6473e.tar.gz frameworks_base-9aaf54eeb6c1dd83090235a8df5476b2f2f6473e.tar.bz2 | |
am 71b19fc3: am 5ba31e6e: am bba79795: am 25c866a8: am e2adb1ff: Merge "Sanity-check paths of files to be restored" into jb-mr2-dev
* commit '71b19fc301ff08bd13d394dfa9ef6a3f535b149e':
Sanity-check paths of files to be restored
Diffstat (limited to 'services')
| -rw-r--r-- | services/backup/java/com/android/server/backup/BackupManagerService.java | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/services/backup/java/com/android/server/backup/BackupManagerService.java b/services/backup/java/com/android/server/backup/BackupManagerService.java index b3571d7..efb4c64 100644 --- a/services/backup/java/com/android/server/backup/BackupManagerService.java +++ b/services/backup/java/com/android/server/backup/BackupManagerService.java @@ -3595,6 +3595,14 @@ public class BackupManagerService extends IBackupManager.Stub { break; } + // The path needs to be canonical + if (info.path.contains("..") || info.path.contains("//")) { + if (MORE_DEBUG) { + Slog.w(TAG, "Dropping invalid path " + info.path); + } + okay = false; + } + // If the policy is satisfied, go ahead and set up to pipe the // data to the agent. if (DEBUG && okay && mAgent != null) { |