diff options
author | Paul Hu <paulhu@google.com> | 2020-01-09 08:53:08 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2020-01-09 08:53:08 +0000 |
commit | 361f1e97f695820e5804b20c0268523ddd676c30 (patch) | |
tree | 5e3321f52dcf0f4f6f2dd8cffbc47a9e7ac80f81 | |
parent | 0cf089521af7145afee88e43d7fac4bdf3973667 (diff) | |
parent | d0205a3469dc8d8122e89072c19d0e9f18e7452f (diff) | |
download | base-361f1e97f695820e5804b20c0268523ddd676c30.tar.gz |
Merge "Fix security problem on PermissionMonitor#hasPermission" into pi-dev
-rw-r--r-- | services/core/java/com/android/server/connectivity/PermissionMonitor.java | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/services/core/java/com/android/server/connectivity/PermissionMonitor.java b/services/core/java/com/android/server/connectivity/PermissionMonitor.java index e471c7d84b56..5722f5a72af3 100644 --- a/services/core/java/com/android/server/connectivity/PermissionMonitor.java +++ b/services/core/java/com/android/server/connectivity/PermissionMonitor.java @@ -22,6 +22,7 @@ import static android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS; import static android.Manifest.permission.NETWORK_STACK; import static android.content.pm.ApplicationInfo.FLAG_SYSTEM; import static android.content.pm.ApplicationInfo.FLAG_UPDATED_SYSTEM_APP; +import static android.content.pm.PackageInfo.REQUESTED_PERMISSION_GRANTED; import static android.content.pm.PackageManager.GET_PERMISSIONS; import android.content.BroadcastReceiver; @@ -42,6 +43,7 @@ import android.text.TextUtils; import android.util.Log; import com.android.internal.annotations.VisibleForTesting; +import com.android.internal.util.ArrayUtils; import java.util.ArrayList; import java.util.HashMap; @@ -161,15 +163,13 @@ public class PermissionMonitor { } @VisibleForTesting - boolean hasPermission(PackageInfo app, String permission) { - if (app.requestedPermissions != null) { - for (String p : app.requestedPermissions) { - if (permission.equals(p)) { - return true; - } - } + boolean hasPermission(final PackageInfo app, final String permission) { + if (app.requestedPermissions == null || app.requestedPermissionsFlags == null) { + return false; } - return false; + final int index = ArrayUtils.indexOf(app.requestedPermissions, permission); + if (index < 0 || index >= app.requestedPermissionsFlags.length) return false; + return (app.requestedPermissionsFlags[index] & REQUESTED_PERMISSION_GRANTED) != 0; } private boolean hasNetworkPermission(PackageInfo app) { |