Merge "WifiConfigurationUtil: Validate UTF-8 ssid length correctly" into pi-dev

author: Roshan Pius <rpius@google.com> 2018-05-07 15:27:53 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2018-05-07 15:27:53 +0000
commit: 0234ca3935341d612f6fbfed2cc53a743fee3bcd (patch)
tree: 9cd0a5374c5c50c8ea373e8b3fc8c22717621759 /service
parent: 430be97a7c41bfa7538ebeec1d5667281a8edf73 (diff)
parent: c7b445ba6b5b5916d47daf22a77e6f67de3fc5f4 (diff)
2 files changed, 27 insertions, 16 deletions
diff --git a/service/java/com/android/server/wifi/WifiConfigurationUtil.java b/service/java/com/android/server/wifi/WifiConfigurationUtil.java
index f8b2f3d0a..8d94862e2 100644
--- a/service/java/com/android/server/wifi/WifiConfigurationUtil.java
+++ b/service/java/com/android/server/wifi/WifiConfigurationUtil.java
@@ -29,6 +29,7 @@ import android.util.Log;
 import com.android.internal.annotations.VisibleForTesting;
 import com.android.server.wifi.util.NativeUtil;
 
+import java.nio.charset.StandardCharsets;
 import java.security.cert.X509Certificate;
 import java.util.Arrays;
 import java.util.BitSet;
@@ -49,8 +50,8 @@ public class WifiConfigurationUtil {
      * Constants used for validating external config objects.
      */
     private static final int ENCLOSING_QUTOES_LEN = 2;
-    private static final int SSID_ASCII_MIN_LEN = 1 + ENCLOSING_QUTOES_LEN;
-    private static final int SSID_ASCII_MAX_LEN = 32 + ENCLOSING_QUTOES_LEN;
+    private static final int SSID_UTF_8_MIN_LEN = 1 + ENCLOSING_QUTOES_LEN;
+    private static final int SSID_UTF_8_MAX_LEN = 32 + ENCLOSING_QUTOES_LEN;
     private static final int SSID_HEX_MIN_LEN = 2;
     private static final int SSID_HEX_MAX_LEN = 64;
     private static final int PSK_ASCII_MIN_LEN = 8 + ENCLOSING_QUTOES_LEN;
@@ -282,13 +283,16 @@ public class WifiConfigurationUtil {
             return false;
         }
         if (ssid.startsWith("\"")) {
-            // ASCII SSID string
-            if (ssid.length() < SSID_ASCII_MIN_LEN) {
-                Log.e(TAG, "validateSsid failed: ascii string size too small: " + ssid.length());
+            // UTF-8 SSID string
+            byte[] ssidBytes = ssid.getBytes(StandardCharsets.UTF_8);
+            if (ssidBytes.length < SSID_UTF_8_MIN_LEN) {
+                Log.e(TAG, "validateSsid failed: utf-8 ssid string size too small: "
+                        + ssidBytes.length);
                 return false;
             }
-            if (ssid.length() > SSID_ASCII_MAX_LEN) {
-                Log.e(TAG, "validateSsid failed: ascii string size too large: " + ssid.length());
+            if (ssidBytes.length > SSID_UTF_8_MAX_LEN) {
+                Log.e(TAG, "validateSsid failed: utf-8 ssid string size too large: "
+                        + ssidBytes.length);
                 return false;
             }
         } else {
@@ -333,12 +337,13 @@ public class WifiConfigurationUtil {
         }
         if (psk.startsWith("\"")) {
             // ASCII PSK string
-            if (psk.length() < PSK_ASCII_MIN_LEN) {
-                Log.e(TAG, "validatePsk failed: ascii string size too small: " + psk.length());
+            byte[] pskBytes = psk.getBytes(StandardCharsets.US_ASCII);
+            if (pskBytes.length < PSK_ASCII_MIN_LEN) {
+                Log.e(TAG, "validatePsk failed: ascii string size too small: " + pskBytes.length);
                 return false;
             }
-            if (psk.length() > PSK_ASCII_MAX_LEN) {
-                Log.e(TAG, "validatePsk failed: ascii string size too large: " + psk.length());
+            if (pskBytes.length > PSK_ASCII_MAX_LEN) {
+                Log.e(TAG, "validatePsk failed: ascii string size too large: " + pskBytes.length);
                 return false;
             }
         } else {
diff --git a/service/java/com/android/server/wifi/util/NativeUtil.java b/service/java/com/android/server/wifi/util/NativeUtil.java
index 84f93514c..4083cefdf 100644
--- a/service/java/com/android/server/wifi/util/NativeUtil.java
+++ b/service/java/com/android/server/wifi/util/NativeUtil.java
@@ -28,6 +28,7 @@ import java.nio.ByteOrder;
 import java.nio.CharBuffer;
 import java.nio.charset.CharacterCodingException;
 import java.nio.charset.CharsetDecoder;
+import java.nio.charset.CharsetEncoder;
 import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -46,17 +47,22 @@ public class NativeUtil {
      * Convert the string to byte array list.
      *
      * @return the UTF_8 char byte values of str, as an ArrayList.
-     * @throws IllegalArgumentException if a null string is sent.
+     * @throws IllegalArgumentException if a null or unencodable string is sent.
      */
     public static ArrayList<Byte> stringToByteArrayList(String str) {
         if (str == null) {
             throw new IllegalArgumentException("null string");
         }
-        ArrayList<Byte> byteArrayList = new ArrayList<Byte>();
-        for (byte b : str.getBytes(StandardCharsets.UTF_8)) {
-            byteArrayList.add(new Byte(b));
+        // Ensure that the provided string is UTF_8 encoded.
+        CharsetEncoder encoder = StandardCharsets.UTF_8.newEncoder();
+        try {
+            ByteBuffer encoded = encoder.encode(CharBuffer.wrap(str));
+            byte[] byteArray = new byte[encoded.remaining()];
+            encoded.get(byteArray);
+            return byteArrayToArrayList(byteArray);
+        } catch (CharacterCodingException cce) {
+            throw new IllegalArgumentException("cannot be utf-8 encoded", cce);
         }
-        return byteArrayList;
     }
 
     /**
author	Roshan Pius <rpius@google.com>	2018-05-07 15:27:53 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2018-05-07 15:27:53 +0000
commit	0234ca3935341d612f6fbfed2cc53a743fee3bcd (patch)
tree	9cd0a5374c5c50c8ea373e8b3fc8c22717621759 /service
parent	430be97a7c41bfa7538ebeec1d5667281a8edf73 (diff)
parent	c7b445ba6b5b5916d47daf22a77e6f67de3fc5f4 (diff)