1 /*
2 * Copyright 2022 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <base/strings/stringprintf.h>
18 #include <gtest/gtest.h>
19 #include <unistd.h>
20
21 #include <chrono>
22 #include <functional>
23 #include <memory>
24 #include <vector>
25
26 #include "btaa/activity_attribution.h"
27 #include "btaa/attribution_processor.h"
28
29 using bluetooth::hci::Address;
30 using namespace bluetooth::activity_attribution;
31 using namespace std::chrono;
32
33 // mock for std::chrono::system_clock::now
34 static AttributionProcessor::ClockType now_ret_val;
fake_now()35 static AttributionProcessor::ClockType fake_now() {
36 return now_ret_val;
37 }
38
39 class AttributionProcessorTest : public ::testing::Test {
40 protected:
SetUp()41 void SetUp() override {
42 pAttProc = std::make_unique<AttributionProcessor>(fake_now);
43 }
TearDown()44 void TearDown() override {
45 pAttProc.reset();
46 }
47
48 std::unique_ptr<AttributionProcessor> pAttProc;
49 };
50
fake_now_set_current()51 static void fake_now_set_current() {
52 now_ret_val = system_clock::now();
53 }
54
fake_now_advance_1000sec()55 static void fake_now_advance_1000sec() {
56 now_ret_val += seconds(1000s);
57 }
58
TEST_F(AttributionProcessorTest,UAFInOnWakelockReleasedRegressionTest)59 TEST_F(AttributionProcessorTest, UAFInOnWakelockReleasedRegressionTest) {
60 std::vector<BtaaHciPacket> btaaPackets;
61 Address addr;
62
63 fake_now_set_current();
64
65 // setup the condition 1 for triggering erase operation
66 // add 220 entries in app_activity_aggregator_
67 // and btaa_aggregator_
68 for (int i = 0; i < 220; i++) {
69 std::string addrStr = base::StringPrintf("21:43:65:87:a9:%02x", i + 10);
70 ASSERT_TRUE(Address::FromString(addrStr, addr));
71 BtaaHciPacket packet(Activity::ACL, addr, 30 * i);
72 btaaPackets.push_back(packet);
73 pAttProc->NotifyActivityAttributionInfo(i + 1000, "com.test.app" + std::to_string(i), addrStr);
74 }
75
76 pAttProc->OnBtaaPackets(btaaPackets);
77 pAttProc->OnWakelockReleased(100);
78
79 // setup the condition 2 for triggering erase operation
80 // make elapsed_time_sec > 900s
81 fake_now_advance_1000sec();
82
83 pAttProc->OnBtaaPackets(btaaPackets);
84 pAttProc->OnWakelockReleased(100);
85 }
86