diff options
author | Jeff Sharkey <jsharkey@android.com> | 2017-06-12 17:33:07 -0600 |
---|---|---|
committer | android-build-team Robot <android-build-team-robot@google.com> | 2017-11-03 21:20:47 +0000 |
commit | 614faf74ce20d212fbaa3099120fd9c7a6143b07 (patch) | |
tree | fe1bc2d9ef82d48195ca9a892ea15b48db702f99 | |
parent | 5d261640651290ae721b4332e9c174dfd3819f25 (diff) | |
download | base-614faf74ce20d212fbaa3099120fd9c7a6143b07.tar.gz |
DO NOT MERGE. KEY_INTENT shouldn't grant permissions.
KEY_INTENT has no business granting any Uri permissions, so remove
any grant flags that malicious apps may have tried sneaking in.
Test: builds, boots
Bug: 32990341, 32879915
Change-Id: I657455a770c81f045ccce6abbd2291407a1cfb42
(cherry picked from commit c4f4dfedf8c961b7156fd3b98a4facacfa9002ff)
-rw-r--r-- | services/core/java/com/android/server/accounts/AccountManagerService.java | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java index 747ddc255bf6..8e4814ddfe27 100644 --- a/services/core/java/com/android/server/accounts/AccountManagerService.java +++ b/services/core/java/com/android/server/accounts/AccountManagerService.java @@ -3846,6 +3846,10 @@ public class AccountManagerService protected void checkKeyIntent( int authUid, Intent intent) throws SecurityException { + intent.setFlags(intent.getFlags() & ~(Intent.FLAG_GRANT_READ_URI_PERMISSION + | Intent.FLAG_GRANT_WRITE_URI_PERMISSION + | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION + | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION)); long bid = Binder.clearCallingIdentity(); try { PackageManager pm = mContext.getPackageManager(); |