From d1f548a19d1058ff806a4db89f40a64a06a7f14f Mon Sep 17 00:00:00 2001 From: Zyan Wu Date: Thu, 18 May 2023 15:46:31 +0800 Subject: [PATCH] Don't panic if no certificates found Getting the first certificate will panic if there are no certificates, which can happen when AllowMissingDependencies is set and the certificate property is a module reference to a missing module. Only get the first certificate if the list is not nil. Use mainCertificate since it handles the logic already. Test: TestAppMissingCertificateAllowMissingDependencies Bug: 283102635 Merged-In: : I8b27f65aa7d071041171ad45ac52bf47fa31bf2b Change-Id: Icaaa45d48ca4edb876687c0813165d107d28ef8a --- java/app.go | 27 ++++++++++++++------------- java/app_test.go | 8 ++++++++ 2 files changed, 22 insertions(+), 13 deletions(-) diff --git a/java/app.go b/java/app.go index 03e233059..706f99a83 100755 --- a/java/app.go +++ b/java/app.go @@ -563,19 +563,6 @@ func processMainCert(m android.ModuleBase, certPropValue string, certificates [] certificates = append([]Certificate{mainCert}, certificates...) } - if !m.Platform() { - certPath := certificates[0].Pem.String() - systemCertPath := ctx.Config().DefaultAppCertificateDir(ctx).String() - if strings.HasPrefix(certPath, systemCertPath) { - enforceSystemCert := ctx.Config().EnforceSystemCertificate() - allowed := ctx.Config().EnforceSystemCertificateAllowList() - - if enforceSystemCert && !inList(m.Name(), allowed) { - ctx.PropertyErrorf("certificate", "The module in product partition cannot be signed with certificate in system.") - } - } - } - if len(certificates) > 0 { mainCertificate = certificates[0] } else { @@ -591,6 +578,20 @@ func processMainCert(m android.ModuleBase, certPropValue string, certificates [] } } + if !m.Platform() { + certPath := mainCertificate.Pem.String() + systemCertPath := ctx.Config().DefaultAppCertificateDir(ctx).String() + if strings.HasPrefix(certPath, systemCertPath) { + enforceSystemCert := ctx.Config().EnforceSystemCertificate() + allowed := ctx.Config().EnforceSystemCertificateAllowList() + + if enforceSystemCert && !inList(m.Name(), allowed) { + ctx.PropertyErrorf("certificate", "The module in product partition cannot be signed with certificate in system.") + } + } + } + + return mainCertificate, certificates } diff --git a/java/app_test.go b/java/app_test.go index 7e97b0fb1..b154bc990 100644 --- a/java/app_test.go +++ b/java/app_test.go @@ -3382,6 +3382,14 @@ func TestAppMissingCertificateAllowMissingDependencies(t *testing.T) { srcs: ["a.java"], certificate: ":missing_certificate", sdk_version: "current", + } + + android_app { + name: "bar", + srcs: ["a.java"], + certificate: ":missing_certificate", + product_specific: true, + sdk_version: "current", }`) foo := result.ModuleForTests("foo", "android_common")