Merge "Fix security problem on PermissionMonitor#hasPermission" into oc-dev am: 5e0b069876

Change-Id: I4c255820617a86afdfa239febdd46fff7d082381
author: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2020-01-09 13:40:20 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2020-01-09 13:40:20 +0000
commit: 81db8d8a83dc6a52cb53ad2bcfa30b7acd591ad1 (patch)
tree: 0a8b8a9645ea93f5a2fe07a56881ee394280f3aa
parent: 43d5e3bb626564e4fbae663f37796273e18a8ea1 (diff)
parent: 5e0b06987666bdb15620184726bb332e186d85c1 (diff)
download: base-81db8d8a83dc6a52cb53ad2bcfa30b7acd591ad1.tar.gz
1 files changed, 9 insertions, 8 deletions
diff --git a/services/core/java/com/android/server/connectivity/PermissionMonitor.java b/services/core/java/com/android/server/connectivity/PermissionMonitor.java
index e084ff827c09..57dbfd1e15bf 100644
--- a/services/core/java/com/android/server/connectivity/PermissionMonitor.java
+++ b/services/core/java/com/android/server/connectivity/PermissionMonitor.java
@@ -21,6 +21,7 @@ import static android.Manifest.permission.CONNECTIVITY_INTERNAL;
 import static android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS;
 import static android.content.pm.ApplicationInfo.FLAG_SYSTEM;
 import static android.content.pm.ApplicationInfo.FLAG_UPDATED_SYSTEM_APP;
+import static android.content.pm.PackageInfo.REQUESTED_PERMISSION_GRANTED;
 import static android.content.pm.PackageManager.GET_PERMISSIONS;
 
 import android.content.BroadcastReceiver;
@@ -39,6 +40,8 @@ import android.os.UserManager;
 import android.text.TextUtils;
 import android.util.Log;
 
+import com.android.internal.util.ArrayUtils;
+
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -150,15 +153,13 @@ public class PermissionMonitor {
         update(mUsers, mApps, true);
     }
 
-    private boolean hasPermission(PackageInfo app, String permission) {
-        if (app.requestedPermissions != null) {
-            for (String p : app.requestedPermissions) {
-                if (permission.equals(p)) {
-                    return true;
-                }
-            }
+    private boolean hasPermission(final PackageInfo app, final String permission) {
+        if (app.requestedPermissions == null || app.requestedPermissionsFlags == null) {
+            return false;
         }
-        return false;
+        final int index = ArrayUtils.indexOf(app.requestedPermissions, permission);
+        if (index < 0 || index >= app.requestedPermissionsFlags.length) return false;
+        return (app.requestedPermissionsFlags[index] & REQUESTED_PERMISSION_GRANTED) != 0;
     }
 
     private boolean hasNetworkPermission(PackageInfo app) {
author	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2020-01-09 13:40:20 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2020-01-09 13:40:20 +0000
commit	81db8d8a83dc6a52cb53ad2bcfa30b7acd591ad1 (patch)
tree	0a8b8a9645ea93f5a2fe07a56881ee394280f3aa
parent	43d5e3bb626564e4fbae663f37796273e18a8ea1 (diff)
parent	5e0b06987666bdb15620184726bb332e186d85c1 (diff)
download	base-81db8d8a83dc6a52cb53ad2bcfa30b7acd591ad1.tar.gz