From e9929515e446a468b9e82b2cabd856a7feaa964b Mon Sep 17 00:00:00 2001 From: ligongshao Date: Tue, 14 Nov 2023 14:45:50 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9C=AC=E5=9C=B0=E7=AD=BE=E5=90=8D=E5=AF=B9?= =?UTF-8?q?=E7=AD=BE=E5=90=8D=E4=B8=AD=E7=9A=84app-id=E5=81=9A=E9=95=BF?= =?UTF-8?q?=E5=BA=A6=E9=99=90=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: ligongshao Change-Id: Ib10cf0c0cfb435954db4d231081d69eba39e64a0 Signed-off-by: ligongshao --- .../src/local_code_sign_service.cpp | 5 +++++ test/unittest/local_code_sign_test.cpp | 16 ++++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/services/local_code_sign/src/local_code_sign_service.cpp b/services/local_code_sign/src/local_code_sign_service.cpp index b67df95..47b1001 100644 --- a/services/local_code_sign/src/local_code_sign_service.cpp +++ b/services/local_code_sign/src/local_code_sign_service.cpp @@ -29,6 +29,7 @@ namespace CodeSign { const std::string DEFAULT_HASH_ALGORITHM = "sha256"; const std::string TASK_ID = "unload"; constexpr int32_t DELAY_TIME = 180000; +constexpr uint32_t MAX_OWNER_ID_LEN = 32; // owner id in signature should not exceed 32 bytes const bool REGISTER_RESULT = SystemAbility::MakeAndRegisterAbility(DelayedSingleton::GetInstance().get()); @@ -116,6 +117,10 @@ int32_t LocalCodeSignService::InitLocalCertificate(ByteBuffer &cert) int32_t LocalCodeSignService::SignLocalCode(const std::string &ownerID, const std::string &filePath, ByteBuffer &signature) { + if (ownerID.length() > MAX_OWNER_ID_LEN) { + LOG_ERROR(LABEL, "ownerID len %{public}u should not exceed %{public}u", ownerID.length(), MAX_OWNER_ID_LEN); + return CS_ERR_INVALID_OWNER_ID; + } ByteBuffer digest; std::string realPath; if (!OHOS::PathToRealPath(filePath, realPath)) { diff --git a/test/unittest/local_code_sign_test.cpp b/test/unittest/local_code_sign_test.cpp index e0fe1eb..71dbbe0 100644 --- a/test/unittest/local_code_sign_test.cpp +++ b/test/unittest/local_code_sign_test.cpp @@ -249,6 +249,22 @@ HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0013, TestSize.Level0) int ret = LocalCodeSignKit::SignLocalCode(ownerID, DEMO_AN_PATH2, sig); EXPECT_EQ(ret, CS_ERR_NO_PERMISSION); } + +/** + * @tc.name: LocalCodeSignTest_0014 + * @tc.desc: sign local code failed with ownerID exceed 128 bytes + * @tc.type: Func + * @tc.require: issueI8FCGF + */ +HWTEST_F(LocalCodeSignTest, LocalCodeSignTest_0014, TestSize.Level0) +{ + ByteBuffer sig; + uint64_t selfTokenId = NativeTokenSet("installs"); + std::string ownerID(33, 'a'); + int ret = LocalCodeSignKit::SignLocalCode(ownerID, DEMO_AN_PATH2, sig); + NativeTokenReset(selfTokenId); + EXPECT_EQ(ret, CS_ERR_INVALID_OWNER_ID); +} } // namespace CodeSign } // namespace Security } // namespace OHOS -- Gitee