diff options
author | Aseem Kumar <aseemk@google.com> | 2021-05-17 09:25:03 +0000 |
---|---|---|
committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2021-09-20 22:30:09 +0000 |
commit | fa4a00fecbabb8b494a6b642a8cf3cd38c28446d (patch) | |
tree | aedc293432c15fe0738f48bbe12ac80c2c74f2bf | |
parent | 5734eae8718fdb53cef6464fd1c18aa32ae8e48b (diff) | |
download | base-fa4a00fecbabb8b494a6b642a8cf3cd38c28446d.tar.gz |
Prevent apps from spamming addAccountExplicitly.
See comment here for the discussion on solution
https://b.corp.google.com/issues/169762606#comment14
Change-Id: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253
Bug: 169762606
(cherry picked from commit 11053c17b397db67b20e96ce769508766cef7db9)
Change-Id: Ia048d20c377ed2bde0efb0506ec61ae9d8356bf0
Merged-In: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253
(cherry picked from commit 1877d8ec29b19a3997cc3dfb884059bfb53b05f9)
-rw-r--r-- | core/java/android/accounts/Account.java | 7 | ||||
-rw-r--r-- | services/core/java/com/android/server/accounts/AccountManagerService.java | 5 |
2 files changed, 12 insertions, 0 deletions
diff --git a/core/java/android/accounts/Account.java b/core/java/android/accounts/Account.java index 0d6a07938e95..e6cdcc0ee742 100644 --- a/core/java/android/accounts/Account.java +++ b/core/java/android/accounts/Account.java @@ -31,6 +31,7 @@ import android.util.Log; import com.android.internal.annotations.GuardedBy; +import java.util.Objects; import java.util.Set; /** @@ -86,6 +87,12 @@ public class Account implements Parcelable { if (TextUtils.isEmpty(type)) { throw new IllegalArgumentException("the type must not be empty: " + type); } + if (name.length() > 200) { + throw new IllegalArgumentException("account name is longer than 200 characters"); + } + if (type.length() > 200) { + throw new IllegalArgumentException("account type is longer than 200 characters"); + } this.name = name; this.type = type; this.accessId = accessId; diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java index a6a8cf018eef..400b084ee966 100644 --- a/services/core/java/com/android/server/accounts/AccountManagerService.java +++ b/services/core/java/com/android/server/accounts/AccountManagerService.java @@ -1833,6 +1833,11 @@ public class AccountManagerService + ", skipping since the account already exists"); return false; } + if (accounts.accountsDb.findAllDeAccounts().size() > 100) { + Log.w(TAG, "insertAccountIntoDatabase: " + account.toSafeString() + + ", skipping since more than 50 accounts on device exist"); + return false; + } long accountId = accounts.accountsDb.insertCeAccount(account, password); if (accountId < 0) { Log.w(TAG, "insertAccountIntoDatabase: " + account.toSafeString() |