diff options
| author | Sam Lee <samsmlee@google.com> | 2016-03-23 16:53:20 -0700 |
|---|---|---|
| committer | The Android Automerger <android-build@google.com> | 2016-03-25 17:48:07 -0700 |
| commit | a55168330d9326ff2120285763c818733590266a (patch) | |
| tree | 4e732b222d308d61bcd17e4f0a3f92e98dbde212 | |
| parent | 0471215994f2c16298e23e95465cb80565dd030e (diff) | |
| download | android_packages_apps_UnifiedEmail-a55168330d9326ff2120285763c818733590266a.tar.gz android_packages_apps_UnifiedEmail-a55168330d9326ff2120285763c818733590266a.tar.bz2 android_packages_apps_UnifiedEmail-a55168330d9326ff2120285763c818733590266a.zip | |
Don't allow cachedFile Attachments if the content Uri is pointing to EmailProvider.
This is to backport a security fix reported by b/27308057 and b/27335139.
Also, add Analytics for these errors.
Bug: b/27335139
Change-Id: I75f6d8f5feb9fc611aa2e429e2b22cbd07223ab9
| -rw-r--r-- | src/com/android/mail/compose/ComposeActivity.java | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/src/com/android/mail/compose/ComposeActivity.java b/src/com/android/mail/compose/ComposeActivity.java index 36456bf03..2dfac99b9 100644 --- a/src/com/android/mail/compose/ComposeActivity.java +++ b/src/com/android/mail/compose/ComposeActivity.java @@ -1913,6 +1913,15 @@ public class ComposeActivity extends ActionBarActivity } /** + * @return the authority of EmailProvider for this app. should be overridden in concrete + * app implementations. can't be known here because this project doesn't know about that sort + * of thing. + */ + protected String getEmailProviderAuthority() { + throw new UnsupportedOperationException("unimplemented, EmailProvider unknown"); + } + + /** * Helper function to handle a list of uris to attach. * @return the total size of all successfully attached files. */ @@ -1921,7 +1930,7 @@ public class ComposeActivity extends ActionBarActivity for (Uri uri : uris) { try { if (uri != null) { - if ("file".equals(uri.getScheme())) { + if (ContentResolver.SCHEME_FILE.equals(uri.getScheme())) { // We must not allow files from /data, even from our process. final File f = new File(uri.getPath()); final String filePath = f.getCanonicalPath(); @@ -1931,7 +1940,16 @@ public class ComposeActivity extends ActionBarActivity "send_intent_attachment", "data_dir", 0); continue; } + } else if (ContentResolver.SCHEME_CONTENT.equals(uri.getScheme())) { + // disallow attachments from our own EmailProvider (b/27308057) + if (getEmailProviderAuthority().equals(uri.getAuthority())) { + showErrorToast(getString(R.string.attachment_permission_denied)); + Analytics.getInstance().sendEvent(ANALYTICS_CATEGORY_ERRORS, + "send_intent_attachment", "email_provider", 0); + continue; + } } + if (!handleSpecialAttachmentUri(uri)) { final Attachment a = mAttachmentsView.generateLocalAttachment(uri); attachments.add(a); |