问题描述
junit.framework.AssertionFailedError: Expected exception type java.lang.SecurityException was not thrown
解决方案
https://issuetracker.google.com/issues/118855387
[Analysis report]
1>. Fail stack as blew:
failed: testSpoofingPublisher(android.content.pm.cts.shortcutmanager.ShortcutManagerFakingPublisherTest)
----- begin exception -----
junit.framework.AssertionFailedError: Expected exception type
java.lang.SecurityException was not thrown
at junit.framework.Assert.fail(Assert.java:50)
at com.android.server.pm.shortcutmanagertest.ShortcutManagerTestUtils.assertExpectException(ShortcutManagerTestUtils.java:436)
at android.content.pm.cts.shortcutmanager.ShortcutManagerFakingPublisherTest.assertShortcutPackageMismatch(ShortcutManagerFakingPublisherTest.java:172)
at android.content.pm.cts.shortcutmanager.ShortcutManagerFakingPublisherTest.lambda$
android_content_pm_cts_shortcutmanager_ShortcutManagerFakingPublisherTest_3016(ShortcutManagerFakingPublisherTest.java:
78)
at android.content.pm.cts.shortcutmanager.-$Lambda$k0JM_SMMd-SXHHK2rfp7nkL1Fds.$m$40(Unknown
Source:8)
at android.content.pm.cts.shortcutmanager.-$Lambda$k0JM_SMMd-SXHHK2rfp7nkL1Fds.run(Unknown
Source:171)
at android.content.pm.cts.shortcutmanager.ShortcutManagerCtsTestsBase.runWithCaller(ShortcutManagerCtsTestsBase.java:284)
at android.content.pm.cts.shortcutmanager.ShortcutManagerFakingPublisherTest.testSpoofingPublisher(ShortcutManagerFakingPublisherTest.java:75)
2>.The root cause is there has a new case from partner group git branch :
https://android.googlesource.com/platform/cts/+/android-vts-8.1_r6/tests/tests/shortcutmanager/src/android/content/pm/cts/shortcutmanager/ShortcutManagerFakingPublisherTest.java
[RESTRICT AUTOMERGE] Backport CTS for [Prevent shortcut info package
name spoofing]
Test: cts-tradefed run cts -m CtsShortcutManagerTestCases -t
android.content.pm.cts.shortcutmanager.ShortcutManagerFakingPublisherTest
Bug: 109824443
Bug: 111128116
Change-Id: Id754ac5a5d97122c06a119658bb65185b12c7d0b<https://android-review.googlesource.com/#/q/Id754ac5a5d97122c06a119658bb65185b12c7d0b>
But there are missed a security patch(ID: CVE-2018-9469) for verify
blew PMS shortcut in official release o1 gsi branch.
https://android.googlesource.com/platform/frameworks/base/+/android-vts-8.1_r6/services/core/java/com/android/server/pm/ShortcutService.java
Please see detail of the security patch in the attachment:
0001-Backport-Prevent-shortcut-info-package-name-spoofing.bulletin
3>. After I add the PMS shortcut security patch, test will pass. And
we waive this case in Android P with waive id: 112668540.
[Mediatek Suggestion]
For Android official release latest GSI is official 8.1_r6 which did
not include PMS shortcut security path,
please approve waive pass in this official GSI version.
There is a patch in master branch
https://android.googlesource.com/platform/frameworks/base/+/9e21579a11219581a0c08ff5dd6ac4dc22e988a4