From da68db7cadee9bca5a1dd4134a55a762a7ebc52d Mon Sep 17 00:00:00 2001 From: Becca Hughes <beccahughes@google.com> Date: Wed, 25 Oct 2023 11:20:44 -0700 Subject: [PATCH] Fix the exception thrown when API called bug The isEnabledCredentialProviderService is currently throwing an NPE when called. This updates the logic of that method to be aligned with the rest of the class and fix the error. Test: AndroidVault custom logic Bug: 307592997 Change-Id: If0091cd68f8c773d64acf37058893117555d4d73 --- .../credentials/CredentialManager.java | 9 ++- .../credentials/CredentialManagerService.java | 56 ++++++++++--------- 2 files changed, 38 insertions(+), 27 deletions(-) diff --git a/core/java/android/credentials/CredentialManager.java b/core/java/android/credentials/CredentialManager.java index 524afe975d73e..ad3ccc41cf6d8 100644 --- a/core/java/android/credentials/CredentialManager.java +++ b/core/java/android/credentials/CredentialManager.java @@ -437,7 +437,14 @@ public final class CredentialManager { * Returns {@code true} if the calling application provides a CredentialProviderService that is * enabled for the current user, or {@code false} otherwise. CredentialProviderServices are * enabled on a per-service basis so the individual component name of the service should be - * passed in here. + * passed in here. <strong>Usage of this API is discouraged as it is not fully functional, and + * may throw a NullPointerException on certain devices and/or API versions.</strong> + * + * @throws IllegalArgumentException if the componentName package does not match the calling + * package name this call will throw an exception + * + * @throws NullPointerException Usage of this API is discouraged as it is not fully + * functional, and may throw a NullPointerException on certain devices and/or API versions * * @param componentName the component name to check is enabled */ diff --git a/services/credentials/java/com/android/server/credentials/CredentialManagerService.java b/services/credentials/java/com/android/server/credentials/CredentialManagerService.java index a4adf5866f3d3..627461a2c6ed4 100644 --- a/services/credentials/java/com/android/server/credentials/CredentialManagerService.java +++ b/services/credentials/java/com/android/server/credentials/CredentialManagerService.java @@ -862,37 +862,41 @@ public final class CredentialManagerService Slog.i(TAG, "isEnabledCredentialProviderService with componentName: " + componentName.flattenToString()); - // TODO(253157366): Check additional set of services. final int userId = UserHandle.getCallingUserId(); final int callingUid = Binder.getCallingUid(); enforceCallingPackage(callingPackage, callingUid); - synchronized (mLock) { - final List<CredentialManagerServiceImpl> services = - getServiceListForUserLocked(userId); - for (CredentialManagerServiceImpl s : services) { - final ComponentName serviceComponentName = s.getServiceComponentName(); - - if (serviceComponentName.equals(componentName)) { - if (!s.getServicePackageName().equals(callingPackage)) { - // The component name and the package name do not match. - MetricUtilities.logApiCalledSimpleV2( - ApiName.IS_ENABLED_CREDENTIAL_PROVIDER_SERVICE, - ApiStatus.FAILURE, callingUid); - Slog.w( - TAG, - "isEnabledCredentialProviderService: Component name does " - + "not match package name."); - return false; - } - MetricUtilities.logApiCalledSimpleV2( - ApiName.IS_ENABLED_CREDENTIAL_PROVIDER_SERVICE, - ApiStatus.SUCCESS, callingUid); - return true; - } - } + + if (componentName == null) { + Slog.w(TAG, "isEnabledCredentialProviderService componentName is null"); + // If the component name was not specified then throw an error and + // record a failure because the request failed due to invalid input. + MetricUtilities.logApiCalledSimpleV2( + ApiName.IS_ENABLED_CREDENTIAL_PROVIDER_SERVICE, + ApiStatus.FAILURE, callingUid); + return false; + } + + if (!componentName.getPackageName().equals(callingPackage)) { + Slog.w(TAG, "isEnabledCredentialProviderService component name" + + " does not match requested component"); + // If the requested component name package name does not match + // the calling package then throw an error and record a failure + // metric (because the request failed due to invalid input). + MetricUtilities.logApiCalledSimpleV2( + ApiName.IS_ENABLED_CREDENTIAL_PROVIDER_SERVICE, + ApiStatus.FAILURE, callingUid); + throw new IllegalArgumentException("provided component name does not match" + + " does not match requesting component"); } - return false; + final Set<ComponentName> enabledProviders = getEnabledProvidersForUser(userId); + MetricUtilities.logApiCalledSimpleV2( + ApiName.IS_ENABLED_CREDENTIAL_PROVIDER_SERVICE, + ApiStatus.SUCCESS, callingUid); + if (enabledProviders == null) { + return false; + } + return enabledProviders.contains(componentName); } @Override -- GitLab