CVE_2013_6282.java

package fuzion24.device.vulnerability.vulnerabilities.kernel;

import android.content.Context;

import java.util.ArrayList;
import java.util.List;

import fuzion24.device.vulnerability.util.CPUArch;
import fuzion24.device.vulnerability.vulnerabilities.VulnerabilityTest;

public class CVE_2013_6282 implements VulnerabilityTest {
   static {
     System.loadLibrary("CVE-2013-6282");
   }

    @Override
    public List<CPUArch> getSupportedArchitectures() {
        ArrayList<CPUArch> archs = new ArrayList<>();
        archs.add(CPUArch.ARM);
        archs.add(CPUArch.ARM7);
        archs.add(CPUArch.ARM8);
        return archs;
    }

    @Override
    public String getCVEorID() {
        return "CVE-2013-6282";
    }

    private native int checkGetPutUser();

    @Override
    public boolean isVulnerable(Context context) throws Exception {
        int checkVal = checkGetPutUser();

        //TODO: If we declare a different type of socket do we still need internet permission?
        if(checkVal == 0) {
            return false;
        }else if(checkVal == 1) {
            return true;
        }else {
            //TODO: grab more information about failure, errno and error string
            throw new Exception("Error running test");
        }
    }
}