summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeff Sharkey <jsharkey@android.com>2017-06-12 17:33:07 -0600
committerandroid-build-team Robot <android-build-team-robot@google.com>2017-11-03 21:20:47 +0000
commit614faf74ce20d212fbaa3099120fd9c7a6143b07 (patch)
treefe1bc2d9ef82d48195ca9a892ea15b48db702f99
parent5d261640651290ae721b4332e9c174dfd3819f25 (diff)
downloadbase-614faf74ce20d212fbaa3099120fd9c7a6143b07.tar.gz
DO NOT MERGE. KEY_INTENT shouldn't grant permissions.
KEY_INTENT has no business granting any Uri permissions, so remove any grant flags that malicious apps may have tried sneaking in. Test: builds, boots Bug: 32990341, 32879915 Change-Id: I657455a770c81f045ccce6abbd2291407a1cfb42 (cherry picked from commit c4f4dfedf8c961b7156fd3b98a4facacfa9002ff)
Diffstat
-rw-r--r--services/core/java/com/android/server/accounts/AccountManagerService.java4
1 files changed, 4 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
index 747ddc255bf6..8e4814ddfe27 100644
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -3846,6 +3846,10 @@ public class AccountManagerService
protected void checkKeyIntent(
int authUid,
Intent intent) throws SecurityException {
+ intent.setFlags(intent.getFlags() & ~(Intent.FLAG_GRANT_READ_URI_PERMISSION
+ | Intent.FLAG_GRANT_WRITE_URI_PERMISSION
+ | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION
+ | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION));
long bid = Binder.clearCallingIdentity();
try {
PackageManager pm = mContext.getPackageManager();
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 22:31:23 +0000