diff options
author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2021-08-12 08:05:05 +0000 |
---|---|---|
committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2021-08-12 08:05:05 +0000 |
commit | d41c828c5dfcbab66de6a77982570edef77398bd (patch) | |
tree | 433c9a07943744fe7cc2d627eb8ff11219b31425 | |
parent | 859f03d9a0143999a5d0668d0a7cae34671848a3 (diff) | |
parent | d03d598da4ce4ee12b4269b360fbe581019a1916 (diff) | |
download | base-oreo-mr1-security-release.tar.gz |
Merge cherrypicks of [15541535, 15541187, 15541188, 15541497, 15541189, 15541499] into security-aosp-oc-mr1-releaseandroid-security-8.1.0_r93oreo-mr1-security-release
Change-Id: I496e2eda4b0c82c19f5b98089ba63a34bfd5dce4
7 files changed, 48 insertions, 14 deletions
diff --git a/core/java/android/content/pm/PackageItemInfo.java b/core/java/android/content/pm/PackageItemInfo.java index 84b779466dbf..63a158b0bf40 100644 --- a/core/java/android/content/pm/PackageItemInfo.java +++ b/core/java/android/content/pm/PackageItemInfo.java @@ -43,7 +43,7 @@ import java.util.Comparator; public class PackageItemInfo { private static final float MAX_LABEL_SIZE_PX = 500f; /** The maximum length of a safe label, in characters */ - private static final int MAX_SAFE_LABEL_LENGTH = 50000; + private static final int MAX_SAFE_LABEL_LENGTH = 1000; /** * Public name of this item. From the "android:name" attribute. @@ -131,6 +131,12 @@ public class PackageItemInfo { * item does not have a label, its name is returned. */ public CharSequence loadLabel(PackageManager pm) { + // Trims the label string to the MAX_SAFE_LABEL_LENGTH. This is to prevent that the + // system is overwhelmed by an enormous string returned by the application. + return trimToSize(loadUnsafeLabel(pm), MAX_SAFE_LABEL_LENGTH); + } + + private CharSequence loadUnsafeLabel(PackageManager pm) { if (nonLocalizedLabel != null) { return nonLocalizedLabel; } @@ -146,6 +152,15 @@ public class PackageItemInfo { return packageName; } + private CharSequence trimToSize(CharSequence label, int size) { + if (TextUtils.isEmpty(label) || label.length() <= size) return label; + if (Character.isHighSurrogate(label.charAt(size - 1)) + && Character.isLowSurrogate(label.charAt(size))) { + size = size - 1; + } + return label.subSequence(0, size); + } + /** * Same as {@link #loadLabel(PackageManager)} with the addition that * the returned label is safe for being presented in the UI since it diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml index ce6815f10b30..a65176ffd149 100644 --- a/core/res/res/values/strings.xml +++ b/core/res/res/values/strings.xml @@ -3376,6 +3376,8 @@ <string name="deny">Deny</string> <string name="permission_request_notification_title">Permission requested</string> <string name="permission_request_notification_with_subtitle">Permission requested\nfor account <xliff:g id="account" example="foo@gmail.com">%s</xliff:g>.</string> + <!-- Title and subtitle for notification shown when app request account access (two lines) [CHAR LIMIT=NONE] --> + <string name="permission_request_notification_for_app_with_subtitle">Permission requested by <xliff:g id="app" example="Gmail">%1$s</xliff:g>\nfor account <xliff:g id="account" example="foo@gmail.com">%2$s</xliff:g>.</string> <!-- Message to show when an intent automatically switches users into the personal profile. --> <string name="forward_intent_to_owner">You\'re using this app outside of your work profile</string> diff --git a/core/res/res/values/symbols.xml b/core/res/res/values/symbols.xml index 15a353ba2b05..febe06a7f816 100644 --- a/core/res/res/values/symbols.xml +++ b/core/res/res/values/symbols.xml @@ -506,6 +506,7 @@ <java-symbol type="string" name="menu_space_shortcut_label" /> <java-symbol type="string" name="notification_title" /> <java-symbol type="string" name="permission_request_notification_with_subtitle" /> + <java-symbol type="string" name="permission_request_notification_for_app_with_subtitle" /> <java-symbol type="string" name="prepend_shortcut_label" /> <java-symbol type="string" name="paste_as_plain_text" /> <java-symbol type="string" name="replace" /> diff --git a/graphics/java/android/graphics/drawable/VectorDrawable.java b/graphics/java/android/graphics/drawable/VectorDrawable.java index ceac3253e178..1772ab018a6d 100644 --- a/graphics/java/android/graphics/drawable/VectorDrawable.java +++ b/graphics/java/android/graphics/drawable/VectorDrawable.java @@ -264,15 +264,19 @@ public class VectorDrawable extends Drawable { private final Rect mTmpBounds = new Rect(); public VectorDrawable() { - this(new VectorDrawableState(null), null); + this(null, null); } /** * The one constructor to rule them all. This is called by all public * constructors to set the state and initialize local properties. */ - private VectorDrawable(@NonNull VectorDrawableState state, @Nullable Resources res) { - mVectorState = state; + private VectorDrawable(@Nullable VectorDrawableState state, @Nullable Resources res) { + // As the mutable, not-thread-safe native instance is stored in VectorDrawableState, we + // need to always do a defensive copy even if mutate() isn't called. Otherwise + // draw() being called on 2 different VectorDrawable instances could still hit the same + // underlying native object. + mVectorState = new VectorDrawableState(state); updateLocalState(res); } diff --git a/packages/SystemUI/src/com/android/systemui/plugins/PluginManagerImpl.java b/packages/SystemUI/src/com/android/systemui/plugins/PluginManagerImpl.java index 03747d50a6fa..fab0e281d2c0 100644 --- a/packages/SystemUI/src/com/android/systemui/plugins/PluginManagerImpl.java +++ b/packages/SystemUI/src/com/android/systemui/plugins/PluginManagerImpl.java @@ -181,10 +181,12 @@ public class PluginManagerImpl extends BroadcastReceiver implements PluginManage IntentFilter filter = new IntentFilter(Intent.ACTION_PACKAGE_ADDED); filter.addAction(Intent.ACTION_PACKAGE_CHANGED); filter.addAction(Intent.ACTION_PACKAGE_REMOVED); + filter.addDataScheme("package"); + mContext.registerReceiver(this, filter); filter.addAction(PLUGIN_CHANGED); filter.addAction(DISABLE_PLUGIN); filter.addDataScheme("package"); - mContext.registerReceiver(this, filter); + mContext.registerReceiver(this, filter, PluginInstanceManager.PLUGIN_PERMISSION, null); filter = new IntentFilter(Intent.ACTION_USER_UNLOCKED); mContext.registerReceiver(this, filter); } diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java index c61761651cee..8756bd685258 100644 --- a/services/core/java/com/android/server/accounts/AccountManagerService.java +++ b/services/core/java/com/android/server/accounts/AccountManagerService.java @@ -438,7 +438,7 @@ public class AccountManagerService if (!checkAccess || hasAccountAccess(account, packageName, UserHandle.getUserHandleForUid(uid))) { cancelNotification(getCredentialPermissionNotificationId(account, - AccountManager.ACCOUNT_ACCESS_TOKEN_TYPE, uid), packageName, + AccountManager.ACCOUNT_ACCESS_TOKEN_TYPE, uid), UserHandle.getUserHandleForUid(uid)); } } @@ -3013,8 +3013,8 @@ public class AccountManagerService String authTokenType = intent.getStringExtra( GrantCredentialsPermissionActivity.EXTRAS_AUTH_TOKEN_TYPE); final String titleAndSubtitle = - mContext.getString(R.string.permission_request_notification_with_subtitle, - account.name); + mContext.getString(R.string.permission_request_notification_for_app_with_subtitle, + getApplicationLabel(packageName), account.name); final int index = titleAndSubtitle.indexOf('\n'); String title = titleAndSubtitle; String subtitle = ""; @@ -3036,7 +3036,16 @@ public class AccountManagerService PendingIntent.FLAG_CANCEL_CURRENT, null, user)) .build(); installNotification(getCredentialPermissionNotificationId( - account, authTokenType, uid), n, packageName, user.getIdentifier()); + account, authTokenType, uid), n, "android", user.getIdentifier()); + } + + private String getApplicationLabel(String packageName) { + try { + return mPackageManager.getApplicationLabel( + mPackageManager.getApplicationInfo(packageName, 0)).toString(); + } catch (PackageManager.NameNotFoundException e) { + return packageName; + } } private Intent newGrantCredentialsPermissionIntent(Account account, String packageName, @@ -3072,7 +3081,7 @@ public class AccountManagerService nId = accounts.credentialsPermissionNotificationIds.get(key); if (nId == null) { String tag = TAG + ":" + SystemMessage.NOTE_ACCOUNT_CREDENTIAL_PERMISSION - + ":" + account.hashCode() + ":" + authTokenType.hashCode(); + + ":" + account.hashCode() + ":" + authTokenType.hashCode() + ":" + uid; int id = SystemMessage.NOTE_ACCOUNT_CREDENTIAL_PERMISSION; nId = new NotificationId(tag, id); accounts.credentialsPermissionNotificationIds.put(key, nId); @@ -4021,7 +4030,7 @@ public class AccountManagerService private void handleAuthenticatorResponse(boolean accessGranted) throws RemoteException { cancelNotification(getCredentialPermissionNotificationId(account, - AccountManager.ACCOUNT_ACCESS_TOKEN_TYPE, uid), packageName, + AccountManager.ACCOUNT_ACCESS_TOKEN_TYPE, uid), UserHandle.getUserHandleForUid(uid)); if (callback != null) { Bundle result = new Bundle(); diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java index 5159c70e991c..0940c09049bd 100644 --- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java +++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java @@ -1155,8 +1155,8 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { builder.setContentText(body); builder.setDefaults(Notification.DEFAULT_ALL); builder.setChannelId(SystemNotificationChannels.NETWORK_ALERTS); - - final Intent snoozeIntent = buildSnoozeWarningIntent(policy.template); + final Intent snoozeIntent = buildSnoozeWarningIntent(policy.template, + mContext.getPackageName()); builder.setDeleteIntent(PendingIntent.getBroadcast( mContext, 0, snoozeIntent, PendingIntent.FLAG_UPDATE_CURRENT)); @@ -4243,9 +4243,10 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { return new Intent(ACTION_ALLOW_BACKGROUND); } - private static Intent buildSnoozeWarningIntent(NetworkTemplate template) { + private static Intent buildSnoozeWarningIntent(NetworkTemplate template, String targetPackage) { final Intent intent = new Intent(ACTION_SNOOZE_WARNING); intent.putExtra(EXTRA_NETWORK_TEMPLATE, template); + intent.setPackage(targetPackage); return intent; } |