• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2023 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.security.cts;
18 
19 import static com.android.sts.common.NativePocCrashAsserter.assertNoCrash;
20 
21 import static org.junit.Assume.assumeNoException;
22 
23 import android.platform.test.annotations.AsbSecurityTest;
24 
25 import com.android.sts.common.NativePoc;
26 import com.android.sts.common.tradefed.testtype.NonRootSecurityTestCase;
27 import com.android.sts.common.util.TombstoneUtils;
28 import com.android.sts.common.util.TombstoneUtils.Config.BacktraceFilterPattern;
29 import com.android.tradefed.testtype.DeviceJUnit4ClassRunner;
30 
31 import org.junit.Test;
32 import org.junit.runner.RunWith;
33 
34 @RunWith(DeviceJUnit4ClassRunner.class)
35 public class CVE_2023_21127 extends NonRootSecurityTestCase {
36 
37     // b/275418191
38     // Vulnerability Behaviour : SIGSEGV in self
39     // Vulnerable Library      : libstagefright (As per AOSP code)
40     // Vulnerable Function     : readSampleData (As per AOSP code)
41     @AsbSecurityTest(cveBugId = 275418191)
42     @Test
testPocCVE_2023_21127()43     public void testPocCVE_2023_21127() {
44         try {
45             // Create the crash config
46             String binary = "CVE-2023-21127";
47             String inputFile = "cve_2023_21127.ogg";
48             TombstoneUtils.Config crashConfig =
49                     new TombstoneUtils.Config()
50                             .setProcessPatterns(binary)
51                             .setBacktraceIncludes(
52                                     new BacktraceFilterPattern("libstagefright", "readSampleData"))
53                             .setSignals(TombstoneUtils.Signals.SIGSEGV);
54 
55             // Build and run the Native PoC
56             NativePoc.builder()
57                     .pocName(binary)
58                     .args(inputFile)
59                     .resources(inputFile)
60                     .asserter(assertNoCrash(crashConfig))
61                     .build()
62                     .run(this);
63         } catch (Exception e) {
64             assumeNoException(e);
65         }
66     }
67 }
68