1 /**
2  * Copyright (C) 2020 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.security.cts;
18 
19 import static org.junit.Assert.*;
20 
21 import android.platform.test.annotations.AsbSecurityTest;
22 
23 import com.android.sts.common.tradefed.testtype.NonRootSecurityTestCase;
24 import com.android.tradefed.testtype.DeviceJUnit4ClassRunner;
25 
26 import org.junit.Test;
27 import org.junit.runner.RunWith;
28 
29 @RunWith(DeviceJUnit4ClassRunner.class)
30 public class Poc17_04 extends NonRootSecurityTestCase {
31 
32     /**
33      * b/32342065
34      */
35     @Test
36     @AsbSecurityTest(cveBugId = 32342065)
testPocCVE_2017_0553()37     public void testPocCVE_2017_0553() throws Exception {
38       // Error code of 139 represents segmentation fault
39       getDevice().executeShellCommand("chmod +x /data/local/tmp/CVE-2017-0553");
40       assertFalse("Segfault found",
41           AdbUtils.runCommandGetExitCode("/data/local/tmp/CVE-2017-0553", getDevice())==139);
42     }
43 
44     /**
45      * b/72460737
46      */
47     @Test
48     @AsbSecurityTest(cveBugId = 34469585)
testPocCVE_2014_3145()49     public void testPocCVE_2014_3145() throws Exception {
50       assertFalse("VULNERABLE DEVICE DETECTED",
51                   AdbUtils.runPocCheckExitCode("CVE-2014-3145", getDevice(), 60));
52     }
53 
54     /**
55      * b/32813456
56      */
57     @Test
58     @AsbSecurityTest(cveBugId = 32813456)
testPocCVE_2016_10229()59     public void testPocCVE_2016_10229() throws Exception {
60       String out = AdbUtils.runPoc("CVE-2016-10229", getDevice());
61       assertNotMatchesMultiLine("OVERWRITE", out);
62     }
63 
64     /**
65      * b/33621647
66      */
67     @Test
68     @AsbSecurityTest(cveBugId = 33621647)
testPocCVE_2017_0477()69     public void testPocCVE_2017_0477() throws Exception {
70         AdbUtils.pushResource("/CVE-2017-0477.gif", "/data/local/tmp/CVE-2017-0477.gif",
71                 getDevice());
72         AdbUtils.runCommandLine("logcat -c", getDevice());
73 
74         // because runPocGetExitCode() isn't a thing
75         AdbUtils.runCommandLine("chmod +x /data/local/tmp/CVE-2017-0477", getDevice());
76         int code = AdbUtils.runCommandGetExitCode("/data/local/tmp/CVE-2017-0477", getDevice());
77         assertTrue(code != 139); // 128 + signal 11
78     }
79 }
80