3 files changed, 76 insertions, 1 deletions
diff --git a/tests/Android.mk b/tests/Android.mk
index 974aa0e2d..a1f0d4892 100644
--- a/tests/Android.mk
+++ b/tests/Android.mk
@@ -93,6 +93,7 @@ LOCAL_SRC_FILES := \
     component/bootloader_message_test.cpp \
     component/edify_test.cpp \
     component/imgdiff_test.cpp \
+    component/install_test.cpp \
     component/sideload_test.cpp \
     component/uncrypt_test.cpp \
     component/updater_test.cpp \
@@ -117,6 +118,7 @@ LOCAL_STATIC_LIBRARIES := \
     libbsdiff \
     libbspatch \
     libotafault \
+    librecovery \
     libupdater \
     libbootloader_message \
     libverifier \
@@ -131,7 +133,6 @@ LOCAL_STATIC_LIBRARIES := \
     libsparse \
     libcrypto_utils \
     libcrypto \
-    libcutils \
     libbz \
     libziparchive \
     libutils \
diff --git a/tests/component/install_test.cpp b/tests/component/install_test.cpp
new file mode 100644
index 000000000..3b6fbc301
--- /dev/null
+++ b/tests/component/install_test.cpp
@@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2017 The Android Open Source Project
+ *
+ * Licensed under the Apache License, version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agree to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+
+#include <android-base/test_utils.h>
+#include <gtest/gtest.h>
+#include <ziparchive/zip_archive.h>
+#include <ziparchive/zip_writer.h>
+
+#include "install.h"
+
+TEST(InstallTest, verify_package_compatibility_no_entry) {
+  TemporaryFile temp_file;
+  FILE* zip_file = fdopen(temp_file.fd, "w");
+  ZipWriter writer(zip_file);
+  // The archive must have something to be opened correctly.
+  ASSERT_EQ(0, writer.StartEntry("dummy_entry", 0));
+  ASSERT_EQ(0, writer.FinishEntry());
+  ASSERT_EQ(0, writer.Finish());
+  ASSERT_EQ(0, fclose(zip_file));
+
+  // Doesn't contain compatibility zip entry.
+  ZipArchiveHandle zip;
+  ASSERT_EQ(0, OpenArchive(temp_file.path, &zip));
+  ASSERT_TRUE(verify_package_compatibility(zip));
+  CloseArchive(zip);
+}
+
+TEST(InstallTest, verify_package_compatibility_invalid_entry) {
+  TemporaryFile temp_file;
+  FILE* zip_file = fdopen(temp_file.fd, "w");
+  ZipWriter writer(zip_file);
+  ASSERT_EQ(0, writer.StartEntry("compatibility.zip", 0));
+  ASSERT_EQ(0, writer.FinishEntry());
+  ASSERT_EQ(0, writer.Finish());
+  ASSERT_EQ(0, fclose(zip_file));
+
+  // Empty compatibility zip entry.
+  ZipArchiveHandle zip;
+  ASSERT_EQ(0, OpenArchive(temp_file.path, &zip));
+  ASSERT_FALSE(verify_package_compatibility(zip));
+  CloseArchive(zip);
+}
diff --git a/tests/component/verifier_test.cpp b/tests/component/verifier_test.cpp
index 2cfb6d301..61ceadc9c 100644
--- a/tests/component/verifier_test.cpp
+++ b/tests/component/verifier_test.cpp
@@ -33,6 +33,8 @@
 #include "otautil/SysUtil.h"
 #include "verifier.h"
 
+using namespace std::string_literals;
+
 class VerifierTest : public testing::TestWithParam<std::vector<std::string>> {
  protected:
   void SetUp() override {
@@ -115,6 +117,21 @@ TEST(VerifierTest, load_keys_invalid_keys) {
   ASSERT_FALSE(load_keys(key_file5.path, certs));
 }
 
+TEST(VerifierTest, BadPackage_SignatureStartOutOfBounds) {
+  std::string testkey_v3;
+  ASSERT_TRUE(android::base::ReadFileToString(from_testdata_base("testkey_v3.txt"), &testkey_v3));
+
+  TemporaryFile key_file;
+  ASSERT_TRUE(android::base::WriteStringToFile(testkey_v3, key_file.path));
+  std::vector<Certificate> certs;
+  ASSERT_TRUE(load_keys(key_file.path, certs));
+
+  // Signature start is 65535 (0xffff) while comment size is 0 (Bug: 31914369).
+  std::string package = "\x50\x4b\x05\x06"s + std::string(12, '\0') + "\xff\xff\xff\xff\x00\x00"s;
+  ASSERT_EQ(VERIFY_FAILURE, verify_file(reinterpret_cast<const unsigned char*>(package.data()),
+                                        package.size(), certs));
+}
+
 TEST(VerifierTest, BadPackage_AlteredFooter) {
   std::string testkey_v3;
   ASSERT_TRUE(android::base::ReadFileToString(from_testdata_base("testkey_v3.txt"), &testkey_v3));