1 /** 2 * Copyright (C) 2020 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security.cts; 18 19 import android.platform.test.annotations.AsbSecurityTest; 20 import org.junit.Test; 21 import org.junit.runner.RunWith; 22 import com.android.tradefed.testtype.DeviceJUnit4ClassRunner; 23 24 import static org.junit.Assert.*; 25 26 @RunWith(DeviceJUnit4ClassRunner.class) 27 public class Poc18_10 extends SecurityTestCase { 28 29 /** 30 * b/111641492 31 */ 32 @Test 33 @AsbSecurityTest(cveBugId = 111641492) testPocCVE_2018_9515()34 public void testPocCVE_2018_9515() throws Exception { 35 AdbUtils.runCommandLine("rm /sdcard/Android/data/CVE-2018-9515", getDevice()); 36 AdbUtils.runCommandLine("mkdir /sdcard/Android/data/CVE-2018-9515", getDevice()); 37 AdbUtils.runPocNoOutput("CVE-2018-9515", getDevice(), 300); 38 boolean vulnerableBecauseCrashed = getDevice().waitForDeviceNotAvailable(10_000); 39 if (vulnerableBecauseCrashed) { 40 // wait for device to come online so we can clean up 41 getDevice().waitForDeviceAvailable(120_000); // 2 minutes 42 } 43 AdbUtils.runCommandLine("rm -rf /sdcard/Android/data/CVE-2018-9515", getDevice()); 44 } 45 } 46