I am particularly interested in testing the CVE-2019-2044 on Android 9.
A PoC is available in the Android CTS test suite: https://android.googlesource.com/platform/cts/+/4748e67821dd43b33999f841d6ee419c745ee8d6/hostsidetests/securitybulletin/securityPatch/CVE-2019-2044
However: the build system of Android cts' has moved from Android 9 to Android 11 from makefiles to Soong build systm (blueprints) and this poc is only integrated since tags/android-11.0.0_r38.
Hence, to try on Android 9, I have been trying to 'regress' the Android.bp into Android.mk... unsuccesfully so far (issues of dependencies, change of architecture in the modules, in the plans/subplans, in the tests of the CTS). "Just copying" the later-avalable poc does not work.
I am considering another approach: use this PoC as a native application. I am trying to take example on this repository to build it: https://github.com/jiayy/android_vuln_poc-exp/tree/master/android/
Yet, ndk-build, does not seem to make the linking to Android headers dependencies on its own, and adding the header files one after the other in an include folder leads to a waterfall of dependencies to add in that folder. NDK tools are downloaded, I also have (somewhere else) the aosp repo set to tags/android-9.0.0_r9 if necessary.
I am a bit lost in "making the glue" so to compile the PoC on my host, before pushing and executing the PoC on an Android 9 emulator (later stage).
Happy to provide further details if needed, thank you for your answers already.