am 2ff853da: Merge "Add data validation on seinfo labels."

* commit '2ff853daa89ca47491c3f7b096872a432d4a19e7':
  Add data validation on seinfo labels.

services/java/com/android/server/pm/SELinuxMMAC.java

@@ -206,10 +206,10 @@ public final class SELinuxMMAC {
             String tagName = parser.getName();
             if ("seinfo".equals(tagName)) {
                 String seinfoValue = parser.getAttributeValue(null, "value");
-                if (seinfoValue != null) {
+                if (validateValue(seinfoValue)) {
                     seinfo = seinfoValue;
                 } else {
-                    Slog.w(TAG, "<seinfo> without value at "
+                    Slog.w(TAG, "<seinfo> without valid value at "
                            + parser.getPositionDescription());
                 }
             }
@@ -218,6 +218,28 @@ public final class SELinuxMMAC {
         return seinfo;
     }
 
+    /**
+     * General validation routine for tag values.
+     * Returns a boolean indicating if the passed string
+     * contains only letters or underscores.
+     */
+    private static boolean validateValue(String name) {
+        if (name == null)
+            return false;
+
+        final int N = name.length();
+        if (N == 0)
+            return false;
+
+        for (int i = 0; i < N; i++) {
+            final char c = name.charAt(i);
+            if ((c < 'a' || c > 'z') && (c < 'A' || c > 'Z') && (c != '_')) {
+                return false;
+            }
+        }
+        return true;
+    }
+
     /**
      * Labels a package based on an seinfo tag from install policy.
      * The label is attached to the ApplicationInfo instance of the package.