Merge "Fix security problem on PermissionMonitor#hasPermission" into oc-dev am: 5e0b069876 am: 81db8d8a83

Change-Id: I5660cafce05a0e3c6edff03bd645d8df329c5d50
author: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2020-01-09 13:53:42 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2020-01-09 13:53:42 +0000
commit: 5b6d8d7724abad726227b62b87fdbed400fb1ae1 (patch)
tree: b9901c0f7fdccce27aad2579b2e4b772033b783f
parent: 929c2c5e1b388f34a235083ec358ecbb58dae532 (diff)
parent: 81db8d8a83dc6a52cb53ad2bcfa30b7acd591ad1 (diff)
download: base-5b6d8d7724abad726227b62b87fdbed400fb1ae1.tar.gz
1 files changed, 9 insertions, 8 deletions
diff --git a/services/core/java/com/android/server/connectivity/PermissionMonitor.java b/services/core/java/com/android/server/connectivity/PermissionMonitor.java
index e084ff827c09..57dbfd1e15bf 100644
--- a/services/core/java/com/android/server/connectivity/PermissionMonitor.java
+++ b/services/core/java/com/android/server/connectivity/PermissionMonitor.java
@@ -21,6 +21,7 @@ import static android.Manifest.permission.CONNECTIVITY_INTERNAL;
 import static android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS;
 import static android.content.pm.ApplicationInfo.FLAG_SYSTEM;
 import static android.content.pm.ApplicationInfo.FLAG_UPDATED_SYSTEM_APP;
+import static android.content.pm.PackageInfo.REQUESTED_PERMISSION_GRANTED;
 import static android.content.pm.PackageManager.GET_PERMISSIONS;
 
 import android.content.BroadcastReceiver;
@@ -39,6 +40,8 @@ import android.os.UserManager;
 import android.text.TextUtils;
 import android.util.Log;
 
+import com.android.internal.util.ArrayUtils;
+
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -150,15 +153,13 @@ public class PermissionMonitor {
         update(mUsers, mApps, true);
     }
 
-    private boolean hasPermission(PackageInfo app, String permission) {
-        if (app.requestedPermissions != null) {
-            for (String p : app.requestedPermissions) {
-                if (permission.equals(p)) {
-                    return true;
-                }
-            }
+    private boolean hasPermission(final PackageInfo app, final String permission) {
+        if (app.requestedPermissions == null || app.requestedPermissionsFlags == null) {
+            return false;
         }
-        return false;
+        final int index = ArrayUtils.indexOf(app.requestedPermissions, permission);
+        if (index < 0 || index >= app.requestedPermissionsFlags.length) return false;
+        return (app.requestedPermissionsFlags[index] & REQUESTED_PERMISSION_GRANTED) != 0;
     }
 
     private boolean hasNetworkPermission(PackageInfo app) {
author	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2020-01-09 13:53:42 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2020-01-09 13:53:42 +0000
commit	5b6d8d7724abad726227b62b87fdbed400fb1ae1 (patch)
tree	b9901c0f7fdccce27aad2579b2e4b772033b783f
parent	929c2c5e1b388f34a235083ec358ecbb58dae532 (diff)
parent	81db8d8a83dc6a52cb53ad2bcfa30b7acd591ad1 (diff)
download	base-5b6d8d7724abad726227b62b87fdbed400fb1ae1.tar.gz