[security] SubscriptionGroup is exposed to unprivileged callers

SubscriptionInfo.mGroupUUID is not cleared in conditionallyRemoveIdentifiers if the caller only has READ_PHONE_STATE (based on a check to checkReadPhoneState) and not READ_DEVICE_IDENTIFIERS. Bug: 181053462 Test: atest SubscriptionManagerTest Change-Id: Ic2b62523330dc6e2169ad851715c4ab3da3b29cf Merged-In: Ic2b62523330dc6e2169ad851715c4ab3da3b29cf (cherry picked from commit 219d284a68f56093aa9ca6610a4999b35c4cf5a9)
author: SongFerngWang <songferngwang@google.com> 2021-05-05 21:33:00 +0800
committer: android-build-team Robot <android-build-team-robot@google.com> 2021-06-16 01:11:11 +0000
commit: bb2279de3ca08408433dc82496b60ecf4e2b9520 (patch)
tree: 6bd4cd6b2c87472344246a7a8f26e8769797e9d3
parent: f49416b2abe24a53a4593da4c099634abeee80da (diff)
download: base-bb2279de3ca08408433dc82496b60ecf4e2b9520.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/telephony/java/android/telephony/SubscriptionInfo.java b/telephony/java/android/telephony/SubscriptionInfo.java
index 0ee6568b6430..90d7a161767c 100644
--- a/telephony/java/android/telephony/SubscriptionInfo.java
+++ b/telephony/java/android/telephony/SubscriptionInfo.java
@@ -569,6 +569,13 @@ public class SubscriptionInfo implements Parcelable {
     /**
      * @hide
      */
+    public void clearGroupUuid() {
+        this.mGroupUUID = null;
+    }
+
+    /**
+     * @hide
+     */
     public List<String> getEhplmns() {
         return mEhplmns == null ? Collections.emptyList() : Arrays.asList(mEhplmns);
     }
author	SongFerngWang <songferngwang@google.com>	2021-05-05 21:33:00 +0800
committer	android-build-team Robot <android-build-team-robot@google.com>	2021-06-16 01:11:11 +0000
commit	bb2279de3ca08408433dc82496b60ecf4e2b9520 (patch)
tree	6bd4cd6b2c87472344246a7a8f26e8769797e9d3
parent	f49416b2abe24a53a4593da4c099634abeee80da (diff)
download	base-bb2279de3ca08408433dc82496b60ecf4e2b9520.tar.gz