Home | History | Annotate | Download | only in cts 
      1 /**
      2  * Copyright (C) 2016 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 package android.security.cts;
     18 
     19 import android.platform.test.annotations.SecurityTest;
     20 
     21 @SecurityTest
     22 public class Poc17_04 extends SecurityTestCase {
     23 
     24   /**
     25    * b/32342065
     26    */
     27   @SecurityTest(minPatchLevel = "2017-04")
     28   public void testPocCVE_2017_0553() throws Exception {
     29     // Error code of 139 represents segmentation fault
     30     getDevice().executeShellCommand("chmod +x /data/local/tmp/CVE-2017-0553");
     31     assertFalse("Segfault found",
     32         AdbUtils.runCommandGetExitCode("/data/local/tmp/CVE-2017-0553", getDevice())==139);
     33   }
     34 
     35   /**
     36    * b/72460737
     37    */
     38   @SecurityTest(minPatchLevel = "2017-04")
     39   public void testPocCVE_2014_3145() throws Exception {
     40     assertFalse("VULNERABLE DEVICE DETECTED",
     41                 AdbUtils.runPocCheckExitCode("CVE-2014-3145", getDevice(), 60));
     42   }
     43 
     44   /**
     45    * b/32813456
     46    */
     47   @SecurityTest(minPatchLevel = "2017-04")
     48   public void testPocCVE_2016_10229() throws Exception {
     49     String out = AdbUtils.runPoc("CVE-2016-10229", getDevice());
     50     assertNotMatchesMultiLine("OVERWRITE", out);
     51   }
     52 
     53     /**
     54      * b/33621647
     55      */
     56     @SecurityTest(minPatchLevel = "2017-04")
     57     public void testPocCVE_2017_0477() throws Exception {
     58         AdbUtils.pushResource("/CVE-2017-0477.gif", "/data/local/tmp/CVE-2017-0477.gif",
     59                 getDevice());
     60         AdbUtils.runCommandLine("logcat -c", getDevice());
     61 
     62         // because runPocGetExitCode() isn't a thing
     63         AdbUtils.runCommandLine("chmod +x /data/local/tmp/CVE-2017-0477", getDevice());
     64         int code = AdbUtils.runCommandGetExitCode("/data/local/tmp/CVE-2017-0477", getDevice());
     65         assertTrue(code != 139); // 128 + signal 11
     66     }
     67 }
     68