1 /*
2  * Copyright (C) 2022 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.security.cts;
18 
19 import static org.junit.Assume.assumeNoException;
20 
21 import android.platform.test.annotations.AsbSecurityTest;
22 
23 import com.android.sts.common.tradefed.testtype.NonRootSecurityTestCase;
24 import com.android.sts.common.util.TombstoneUtils;
25 import com.android.sts.common.util.TombstoneUtils.Config.BacktraceFilterPattern;
26 import com.android.tradefed.testtype.DeviceJUnit4ClassRunner;
27 
28 import org.junit.Test;
29 import org.junit.runner.RunWith;
30 
31 import java.util.regex.Pattern;
32 
33 @RunWith(DeviceJUnit4ClassRunner.class)
34 public class CVE_2022_20147 extends NonRootSecurityTestCase {
35     /**
36      * b/221216105
37      * Vulnerability Behaviour: SIGSEGV in self
38      * Vulnerable Library: libnfc-nci (As per AOSP code)
39      * Vulnerable Function: nfa_dm_check_set_config (As per AOSP code)
40      */
41     @AsbSecurityTest(cveBugId = 221216105)
42     @Test
testPocCVE_2022_20147()43     public void testPocCVE_2022_20147() {
44         try {
45             AdbUtils.assumeHasNfc(getDevice());
46             assumeIsSupportedNfcDevice(getDevice());
47             pocPusher.only64();
48             String signals[] = { TombstoneUtils.Signals.SIGSEGV };
49             String binaryName = "CVE-2022-20147";
50             AdbUtils.pocConfig testConfig = new AdbUtils.pocConfig(binaryName,
51                     getDevice());
52             testConfig.config = new TombstoneUtils.Config()
53                     .setProcessPatterns(Pattern.compile(binaryName))
54                     .setBacktraceIncludes(new BacktraceFilterPattern(
55                             "libnfc-nci", "nfa_dm_check_set_config"));
56             testConfig.config.setBacktraceExcludes(
57                     new BacktraceFilterPattern("libdl", "__cfi_slowpath"));
58             testConfig.config.setSignals(signals);
59             AdbUtils.runPocAssertNoCrashesNotVulnerable(testConfig);
60         } catch (Exception e) {
61             assumeNoException(e);
62         }
63     }
64 }
65