1 // Copyright (C) 2017 The Android Open Source Project
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //      http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 #define DEBUG false
15 #include "Log.h"
16 
17 #include "FdBuffer.h"
18 #include "PrivacyFilter.h"
19 
20 #include <android-base/file.h>
21 #include <android-base/test_utils.h>
22 #include <android/os/IncidentReportArgs.h>
23 #include <gmock/gmock.h>
24 #include <gtest/gtest.h>
25 #include <string.h>
26 
27 using namespace android;
28 using namespace android::base;
29 using namespace android::os;
30 using namespace android::os::incidentd;
31 using ::testing::StrEq;
32 using ::testing::Test;
33 using ::testing::internal::CaptureStdout;
34 using ::testing::internal::GetCapturedStdout;
35 
36 const uint8_t OTHER_TYPE = 1;
37 const uint8_t STRING_TYPE = 9;
38 const uint8_t MESSAGE_TYPE = 11;
39 const std::string STRING_FIELD_0 = "\x02\viamtestdata";
40 const std::string VARINT_FIELD_1 = "\x08\x96\x01";  // 150
41 const std::string STRING_FIELD_2 = "\x12\vandroidwins";
42 const std::string FIX64_FIELD_3 = "\x19\xff\xff\xff\xff\xff\xff\xff\xff";  // -1
43 const std::string FIX32_FIELD_4 = "\x25\xff\xff\xff\xff";                  // -1
44 const std::string MESSAGE_FIELD_5 = "\x2a\x10" + VARINT_FIELD_1 + STRING_FIELD_2;
45 const std::string NEGATIVE_VARINT_FIELD_6 = "\x30\xff\xff\xff\xff\xff\xff\xff\xff\xff\x01";  // -1
46 
47 #if 0
48 class PrivacyFilterTest : public Test {
49 public:
50     virtual ~PrivacyFilterTest() {
51         // Delete in reverse order of construction, to be consistent with
52         // regular allocation/deallocation.
53         while (!privacies.empty()) {
54             delete privacies.back();
55             privacies.pop_back();
56         }
57     }
58 
59     virtual void SetUp() override { ASSERT_NE(tf.fd, -1); }
60 
61     void writeToFdBuffer(std::string str) {
62         ASSERT_TRUE(WriteStringToFile(str, tf.path));
63         ASSERT_EQ(NO_ERROR, buffer.read(tf.fd, 10000));
64         ASSERT_EQ(str.size(), buffer.size());
65     }
66 
67     void assertBuffer(PrivacyFilter& buf, std::string expected) {
68         ASSERT_EQ(buf.size(), expected.size());
69         CaptureStdout();
70         ASSERT_EQ(buf.flush(STDOUT_FILENO), NO_ERROR);
71         ASSERT_THAT(GetCapturedStdout(), StrEq(expected));
72     }
73 
74     void assertStrip(uint8_t privacyPolicy, std::string expected, Privacy* policy) {
75         PrivacySpec spec = PrivacySpec::new_spec(privacyPolicy);
76         EncodedBuffer::iterator bufData = buffer.data();
77         PrivacyFilter filter(policy, bufData);
78         ASSERT_EQ(filter.strip(spec), NO_ERROR);
79         assertBuffer(filter, expected);
80     }
81 
82     void assertStripByFields(uint8_t privacyPolicy, std::string expected, int size,
83             Privacy* privacy, ...) {
84         Privacy* list[size + 1];
85         list[0] = privacy;
86         va_list args;
87         va_start(args, privacy);
88         for (int i = 1; i < size; i++) {
89             Privacy* p = va_arg(args, Privacy*);
90             list[i] = pPrivacyFilter
91         }
92         va_end(args);
93         list[size] = NULL;
94         assertStrip(privacyPolicy, expected, create_message_privacy(300, list));
95     }
96 
97     Privacy* create_privacy(uint32_t field_id, uint8_t type, uint8_t privacyPolicy) {
98         Privacy* p = new_uninit_privacy();
99         p->field_id = field_id;
100         p->type = type;
101         p->children = NULL;
102         p->policy = privacyPolicy;
103         p->patterns = NULL;
104         return p;
105     }
106 
107     Privacy* create_message_privacy(uint32_t field_id, Privacy** children) {
108         Privacy* p = new_uninit_privacy();
109         p->field_id = field_id;
110         p->type = MESSAGE_TYPE;
111         p->children = children;
112         p->policy = PRIVACY_POLICY_UNSET;
113         p->patterns = NULL;
114         return p;
115     }
116 
117     FdBuffer buffer;
118 
119 private:
120     TemporaryFile tf;
121     // Littering this code with unique_ptr (or similar) is ugly, so we just
122     // mass-free everything after the test completes.
123     std::vector<Privacy*> privacies;
124 
125     Privacy* new_uninit_privacy() {
126         Privacy* p = new Privacy;
127         privacies.push_back(p);
128         return p;
129     }
130 };
131 
132 TEST_F(PrivacyFilterTest, NullPolicy) {
133     writeToFdBuffer(STRING_FIELD_0);
134     assertStrip(PRIVACY_POLICY_EXPLICIT, STRING_FIELD_0, NULL);
135 }
136 
137 TEST_F(PrivacyFilterTest, StripUnsetField) {
138     writeToFdBuffer(STRING_FIELD_0);
139     assertStripByFields(PRIVACY_POLICY_AUTOMATIC, "", 1,
140             create_privacy(0, STRING_TYPE, PRIVACY_POLICY_UNSET));
141 }
142 
143 TEST_F(PrivacyFilterTest, StripVarintField) {
144     writeToFdBuffer(VARINT_FIELD_1);
145     assertStripByFields(PRIVACY_POLICY_EXPLICIT, "", 1,
146             create_privacy(1, OTHER_TYPE, PRIVACY_POLICY_LOCAL));
147 }
148 
149 TEST_F(PrivacyFilterTest, StripLengthDelimitedField_String) {
150     writeToFdBuffer(STRING_FIELD_2);
151     assertStripByFields(PRIVACY_POLICY_EXPLICIT, "", 1,
152             create_privacy(2, STRING_TYPE, PRIVACY_POLICY_LOCAL));
153 }
154 
155 TEST_F(PrivacyFilterTest, StripFixed64Field) {
156     writeToFdBuffer(FIX64_FIELD_3);
157     assertStripByFields(PRIVACY_POLICY_EXPLICIT, "", 1,
158             create_privacy(3, OTHER_TYPE, PRIVACY_POLICY_LOCAL));
159 }
160 
161 TEST_F(PrivacyFilterTest, StripFixed32Field) {
162     writeToFdBuffer(FIX32_FIELD_4);
163     assertStripByFields(PRIVACY_POLICY_EXPLICIT, "", 1,
164             create_privacy(4, OTHER_TYPE, PRIVACY_POLICY_LOCAL));
165 }
166 
167 TEST_F(PrivacyFilterTest, StripLengthDelimitedField_Message) {
168     writeToFdBuffer(MESSAGE_FIELD_5);
169     assertStripByFields(PRIVACY_POLICY_EXPLICIT, "", 1,
170             create_privacy(5, MESSAGE_TYPE, PRIVACY_POLICY_LOCAL));
171 }
172 
173 TEST_F(PrivacyFilterTest, StripNegativeVarint) {
174     writeToFdBuffer(NEGATIVE_VARINT_FIELD_6);
175     assertStripByFields(PRIVACY_POLICY_EXPLICIT, "", 1,
176             create_privacy(6, OTHER_TYPE, PRIVACY_POLICY_LOCAL));
177 }
178 
179 TEST_F(PrivacyFilterTest, NoStripVarintField) {
180     writeToFdBuffer(VARINT_FIELD_1);
181     assertStripByFields(PRIVACY_POLICY_EXPLICIT, VARINT_FIELD_1, 1,
182             create_privacy(1, OTHER_TYPE, PRIVACY_POLICY_AUTOMATIC));
183 }
184 
185 TEST_F(PrivacyFilterTest, NoStripLengthDelimitedField_String) {
186     writeToFdBuffer(STRING_FIELD_2);
187     assertStripByFields(PRIVACY_POLICY_EXPLICIT, STRING_FIELD_2, 1,
188             create_privacy(2, STRING_TYPE, PRIVACY_POLICY_AUTOMATIC));
189 }
190 
191 TEST_F(PrivacyFilterTest, NoStripFixed64Field) {
192     writeToFdBuffer(FIX64_FIELD_3);
193     assertStripByFields(PRIVACY_POLICY_EXPLICIT, FIX64_FIELD_3, 1,
194             create_privacy(3, OTHER_TYPE, PRIVACY_POLICY_AUTOMATIC));
195 }
196 
197 TEST_F(PrivacyFilterTest, NoStripFixed32Field) {
198     writeToFdBuffer(FIX32_FIELD_4);
199     assertStripByFields(PRIVACY_POLICY_EXPLICIT, FIX32_FIELD_4, 1,
200             create_privacy(4, OTHER_TYPE, PRIVACY_POLICY_AUTOMATIC));
201 }
202 
203 TEST_F(PrivacyFilterTest, NoStripLengthDelimitedField_Message) {
204     writeToFdBuffer(MESSAGE_FIELD_5);
205     assertStripByFields(PRIVACY_POLICY_EXPLICIT, MESSAGE_FIELD_5, 1,
206             create_privacy(5, MESSAGE_TYPE, PRIVACY_POLICY_AUTOMATIC));
207 }
208 
209 TEST_F(PrivacyFilterTest, NoStripNegativeVarintField) {
210     writeToFdBuffer(NEGATIVE_VARINT_FIELD_6);
211     assertStripByFields(PRIVACY_POLICY_EXPLICIT, NEGATIVE_VARINT_FIELD_6, 1,
212             create_privacy(6, OTHER_TYPE, PRIVACY_POLICY_AUTOMATIC));
213 }
214 
215 TEST_F(PrivacyFilterTest, StripVarintAndString) {
216     writeToFdBuffer(STRING_FIELD_0 + VARINT_FIELD_1 + STRING_FIELD_2 + FIX64_FIELD_3 +
217                     FIX32_FIELD_4);
218     std::string expected = STRING_FIELD_0 + FIX64_FIELD_3 + FIX32_FIELD_4;
219     assertStripByFields(PRIVACY_POLICY_EXPLICIT, expected, 2,
220             create_privacy(1, OTHER_TYPE, PRIVACY_POLICY_LOCAL),
221             create_privacy(2, STRING_TYPE, PRIVACY_POLICY_LOCAL));
222 }
223 
224 TEST_F(PrivacyFilterTest, StripVarintAndFixed64) {
225     writeToFdBuffer(STRING_FIELD_0 + VARINT_FIELD_1 + STRING_FIELD_2 + FIX64_FIELD_3 +
226                     FIX32_FIELD_4);
227     std::string expected = STRING_FIELD_0 + STRING_FIELD_2 + FIX32_FIELD_4;
228     assertStripByFields(PRIVACY_POLICY_EXPLICIT, expected, 2,
229             create_privacy(1, OTHER_TYPE, PRIVACY_POLICY_LOCAL),
230             create_privacy(3, OTHER_TYPE, PRIVACY_POLICY_LOCAL));
231 }
232 
233 TEST_F(PrivacyFilterTest, StripVarintInNestedMessage) {
234     writeToFdBuffer(STRING_FIELD_0 + MESSAGE_FIELD_5);
235     Privacy* list[] = {create_privacy(1, OTHER_TYPE, PRIVACY_POLICY_LOCAL), NULL};
236     std::string expected = STRING_FIELD_0 + "\x2a\xd" + STRING_FIELD_2;
237     assertStripByFields(PRIVACY_POLICY_EXPLICIT, expected, 1, create_message_privacy(5, list));
238 }
239 
240 TEST_F(PrivacyFilterTest, StripFix64AndVarintInNestedMessage) {
241     writeToFdBuffer(STRING_FIELD_0 + FIX64_FIELD_3 + MESSAGE_FIELD_5);
242     Privacy* list[] = {create_privacy(1, OTHER_TYPE, PRIVACY_POLICY_LOCAL), NULL};
243     std::string expected = STRING_FIELD_0 + "\x2a\xd" + STRING_FIELD_2;
244     assertStripByFields(PRIVACY_POLICY_EXPLICIT, expected, 2,
245             create_privacy(3, OTHER_TYPE, PRIVACY_POLICY_LOCAL),
246             create_message_privacy(5, list));
247 }
248 
249 TEST_F(PrivacyFilterTest, ClearAndStrip) {
250     string data = STRING_FIELD_0 + VARINT_FIELD_1;
251     writeToFdBuffer(data);
252     Privacy* list[] = {create_privacy(1, OTHER_TYPE, PRIVACY_POLICY_LOCAL), NULL};
253     EncodedBuffer::iterator bufData = buffer.data();
254     PrivacyFilter filter(create_message_privacy(300, list), bufData);
255     PrivacySpec spec1 = PrivacySpec::new_spec(PRIVACY_POLICY_EXPLICIT);
256     PrivacySpec spec2 = PrivacySpec::new_spec(PRIVACY_POLICY_LOCAL);
257 
258     ASSERT_EQ(filter.strip(spec1), NO_ERROR);
259     assertBuffer(filter, STRING_FIELD_0);
260     ASSERT_EQ(filter.strip(spec2), NO_ERROR);
261     assertBuffer(filter, data);
262 }
263 
264 TEST_F(PrivacyFilterTest, BadDataInFdBuffer) {
265     writeToFdBuffer("iambaddata");
266     Privacy* list[] = {create_privacy(4, OTHER_TYPE, PRIVACY_POLICY_AUTOMATIC), NULL};
267     EncodedBuffer::iterator bufData = buffer.data();
268     PrivacyFilter filter(create_message_privacy(300, list), bufData);
269     PrivacySpec spec;
270     ASSERT_EQ(filter.strip(spec), BAD_VALUE);
271 }
272 
273 TEST_F(PrivacyFilterTest, BadDataInNestedMessage) {
274     writeToFdBuffer(STRING_FIELD_0 + MESSAGE_FIELD_5 + "aoeoe");
275     Privacy* list[] = {create_privacy(1, OTHER_TYPE, PRIVACY_POLICY_LOCAL), NULL};
276     Privacy* field5[] = {create_message_privacy(5, list), NULL};
277     EncodedBuffer::iterator bufData = buffer.data();
278     PrivacyFilter filter(create_message_privacy(300, field5), bufData);
279     PrivacySpec spec;
280     ASSERT_EQ(filter.strip(spec), BAD_VALUE);
281 }
282 
283 TEST_F(PrivacyFilterTest, SelfRecursionMessage) {
284     string input = "\x2a\"" + VARINT_FIELD_1 + STRING_FIELD_2 + MESSAGE_FIELD_5;
285     writeToFdBuffer(input);
286     Privacy* field5 = create_message_privacy(5, NULL);
287     Privacy* list[] = {create_privacy(1, OTHER_TYPE, PRIVACY_POLICY_LOCAL), field5, NULL};
288     field5->children = list;
289     std::string expected = "\x2a\x1c" + STRING_FIELD_2 + "\x2a\xd" + STRING_FIELD_2;
290     assertStrip(PRIVACY_POLICY_EXPLICIT, expected, field5);
291 }
292 
293 TEST_F(PrivacyFilterTest, AutoMessage) {
294     writeToFdBuffer(STRING_FIELD_2 + MESSAGE_FIELD_5);
295     Privacy* list[] = {create_privacy(1, OTHER_TYPE, PRIVACY_POLICY_LOCAL), NULL};
296     Privacy* autoMsg = create_privacy(5, MESSAGE_TYPE, PRIVACY_POLICY_AUTOMATIC);
297     autoMsg->children = list;
298     std::string expected = "\x2a\xd" + STRING_FIELD_2;
299     assertStripByFields(PRIVACY_POLICY_AUTOMATIC, expected, 1, autoMsg);
300 }
301 
302 #endif
303