1 /** 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security.cts; 18 19 import android.platform.test.annotations.SecurityTest; 20 21 @SecurityTest 22 public class Poc17_04 extends SecurityTestCase { 23 24 /** 25 * b/32342065 26 */ 27 @SecurityTest(minPatchLevel = "2017-04") 28 public void testPocCVE_2017_0553() throws Exception { 29 // Error code of 139 represents segmentation fault 30 getDevice().executeShellCommand("chmod +x /data/local/tmp/CVE-2017-0553"); 31 assertFalse("Segfault found", 32 AdbUtils.runCommandGetExitCode("/data/local/tmp/CVE-2017-0553", getDevice())==139); 33 } 34 35 /** 36 * b/72460737 37 */ 38 @SecurityTest(minPatchLevel = "2017-04") 39 public void testPocCVE_2014_3145() throws Exception { 40 assertFalse("VULNERABLE DEVICE DETECTED", 41 AdbUtils.runPocCheckExitCode("CVE-2014-3145", getDevice(), 60)); 42 } 43 44 /** 45 * b/32813456 46 */ 47 @SecurityTest(minPatchLevel = "2017-04") 48 public void testPocCVE_2016_10229() throws Exception { 49 String out = AdbUtils.runPoc("CVE-2016-10229", getDevice()); 50 assertNotMatchesMultiLine("OVERWRITE", out); 51 } 52 53 /** 54 * b/33621647 55 */ 56 @SecurityTest(minPatchLevel = "2017-04") 57 public void testPocCVE_2017_0477() throws Exception { 58 AdbUtils.pushResource("/CVE-2017-0477.gif", "/data/local/tmp/CVE-2017-0477.gif", 59 getDevice()); 60 AdbUtils.runCommandLine("logcat -c", getDevice()); 61 62 // because runPocGetExitCode() isn't a thing 63 AdbUtils.runCommandLine("chmod +x /data/local/tmp/CVE-2017-0477", getDevice()); 64 int code = AdbUtils.runCommandGetExitCode("/data/local/tmp/CVE-2017-0477", getDevice()); 65 assertTrue(code != 139); // 128 + signal 11 66 } 67 } 68