Check wallpaper image policy for validity.

Fixes that setting the policy to incorrect JSON crashes Chrome. BUG=chromium:811338 TEST=DeviceSettingsProviderTest.SetWallpaperSettings Change-Id: I4f51c4b13975215ec486618c3609b895a39f9718 Reviewed-on: https://chromium-review.googlesource.com/934447 Commit-Queue: Roman Sorokin <rsorokin@chromium.org> Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org> Cr-Commit-Position: refs/heads/master@{#539194}

Check wallpaper image policy for validity.
Fixes that setting the policy to incorrect JSON crashes Chrome. BUG=chromium:811338 TEST=DeviceSettingsProviderTest.SetWallpaperSettings Change-Id: I4f51c4b13975215ec486618c3609b895a39f9718 Reviewed-on: https://chromium-review.googlesource.com/934447 Commit-Queue: Roman Sorokin <rsorokin@chromium.org> Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org> Cr-Commit-Position: refs/heads/master@{#539194}
73920197 · Roman Sorokin · Commit Bot · b452b17c · 73920197 · 73920197
Commit 73920197 authored Feb 26, 2018 by Roman Sorokin Committed by Commit Bot Feb 26, 2018
3 changed files
--- a/chrome/browser/chromeos/policy/device_policy_decoder_chromeos.cc
+++ b/chrome/browser/chromeos/policy/device_policy_decoder_chromeos.cc
@@ -13,6 +13,7 @@
 #include "base/logging.h"
 #include "base/macros.h"
 #include "base/strings/stringprintf.h"
+#include "base/syslog_logging.h"
 #include "base/values.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chromeos/policy/device_local_account.h"
@@ -897,9 +898,14 @@ void DecodeGenericPolicies(const em::ChromeDeviceSettingsProto& policy,
      std::unique_ptr<base::DictionaryValue> dict_val =
          base::DictionaryValue::From(
              base::JSONReader::Read(container.device_wallpaper_image()));
-      policies->Set(key::kDeviceWallpaperImage, POLICY_LEVEL_MANDATORY,
-                    POLICY_SCOPE_MACHINE, POLICY_SOURCE_CLOUD,
-                    std::move(dict_val), nullptr);
+      if (dict_val) {
+        policies->Set(key::kDeviceWallpaperImage, POLICY_LEVEL_MANDATORY,
+                      POLICY_SCOPE_MACHINE, POLICY_SOURCE_CLOUD,
+                      std::move(dict_val), nullptr);
+      } else {
+        SYSLOG(ERROR) << "Value of wallpaper policy has invalid format: "
+                      << container.device_wallpaper_image();
+      }
    }
  }


--- a/chrome/browser/chromeos/settings/device_settings_provider.cc
+++ b/chrome/browser/chromeos/settings/device_settings_provider.cc
@@ -16,6 +16,7 @@
 #include "base/logging.h"
 #include "base/macros.h"
 #include "base/metrics/histogram_macros.h"
+#include "base/syslog_logging.h"
 #include "base/threading/thread_restrictions.h"
 #include "base/values.h"
 #include "chrome/browser/browser_process.h"
@@ -576,10 +577,16 @@ void DecodeGenericPolicies(

  if (policy.has_device_wallpaper_image() &&
      policy.device_wallpaper_image().has_device_wallpaper_image()) {
+    const std::string& wallpaper_policy(
+        policy.device_wallpaper_image().device_wallpaper_image());
    std::unique_ptr<base::DictionaryValue> dict_val =
-        base::DictionaryValue::From(base::JSONReader::Read(
-            policy.device_wallpaper_image().device_wallpaper_image()));
-    new_values_cache->SetValue(kDeviceWallpaperImage, std::move(dict_val));
+        base::DictionaryValue::From(base::JSONReader::Read(wallpaper_policy));
+    if (dict_val) {
+      new_values_cache->SetValue(kDeviceWallpaperImage, std::move(dict_val));
+    } else {
+      SYSLOG(ERROR) << "Value of wallpaper policy has invalid format: "
+                    << wallpaper_policy;
+    }
  }

  if (policy.has_device_off_hours()) {

--- a/chrome/browser/chromeos/settings/device_settings_provider_unittest.cc
+++ b/chrome/browser/chromeos/settings/device_settings_provider_unittest.cc
@@ -11,6 +11,7 @@
 #include "base/bind.h"
 #include "base/callback.h"
 #include "base/files/file_util.h"
+#include "base/json/json_reader.h"
 #include "base/macros.h"
 #include "base/path_service.h"
 #include "base/test/scoped_path_override.h"
@@ -125,6 +126,17 @@ class DeviceSettingsProviderTest : public DeviceSettingsTestBase {
    Mock::VerifyAndClearExpectations(this);
  }

+  // Helper routine to set device wallpaper setting in policy.
+  void SetWallpaperSettings(const std::string& wallpaper_settings) {
+    EXPECT_CALL(*this, SettingChanged(_)).Times(AtLeast(1));
+    em::DeviceWallpaperImageProto* proto =
+        device_policy_.payload().mutable_device_wallpaper_image();
+    proto->set_device_wallpaper_image(wallpaper_settings);
+    device_policy_.Build();
+    session_manager_client_.set_device_policy(device_policy_.GetBlob());
+    ReloadDeviceSettings();
+  }
+
  enum MetricsOption { DISABLE_METRICS, ENABLE_METRICS, REMOVE_METRICS_POLICY };

  // Helper routine to enable/disable metrics report upload settings in policy.
@@ -605,4 +617,18 @@ TEST_F(DeviceSettingsProviderTest, DecodeLogUploadSettings) {
  VerifyLogUploadSettings(false);
 }

+TEST_F(DeviceSettingsProviderTest, SetWallpaperSettings) {
+  // Invalid format should be ignored.
+  const std::string invalid_format = "\\\\invalid\\format";
+  SetWallpaperSettings(invalid_format);
+  EXPECT_EQ(nullptr, provider_->Get(kDeviceWallpaperImage));
+
+  // Set with valid json format.
+  const std::string valid_format("{\"type\":\"object\"}");
+  SetWallpaperSettings(valid_format);
+  std::unique_ptr<base::DictionaryValue> expected_value =
+      base::DictionaryValue::From(base::JSONReader::Read(valid_format));
+  EXPECT_EQ(*expected_value, *provider_->Get(kDeviceWallpaperImage));
+}
+
 }  // namespace chromeos