summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeff Sharkey <jsharkey@android.com>2017-06-12 17:33:58 -0600
committerandroid-build-team Robot <android-build-team-robot@google.com>2017-11-08 22:40:45 +0000
commitd7cf1b830a1f4c1b7c8715472661293d1739930a (patch)
tree47276cacba7ed9ade2d8cf47584889bd03d36bf2
parent42feee786ca1e7a390edab389a7c845695a26ab1 (diff)
downloadpackages_apps_Settings-d7cf1b830a1f4c1b7c8715472661293d1739930a.tar.gz
packages_apps_Settings-d7cf1b830a1f4c1b7c8715472661293d1739930a.tar.bz2
packages_apps_Settings-d7cf1b830a1f4c1b7c8715472661293d1739930a.zip
DO NOT MERGE. ActivityPicker shouldn't grant permissions.
This picker has no business granting any Uri permissions, so remove any grant flags that malicious apps may have tried sneaking in. Test: builds, boots Bug: 32879772 Change-Id: I91c48c73287a271bd6c99e60e216dead22e68764 (cherry picked from commit 3f218e8431cb5648bcb46131551c133ba53ef870) (cherry picked from commit b5e93969a5e0c3a3f07e068dbc763cdd995a0e21)
Diffstat
-rw-r--r--src/com/android/settings/ActivityPicker.java4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/com/android/settings/ActivityPicker.java b/src/com/android/settings/ActivityPicker.java
index 2c3436fc70..ae61944cbe 100644
--- a/src/com/android/settings/ActivityPicker.java
+++ b/src/com/android/settings/ActivityPicker.java
@@ -78,6 +78,10 @@ public class ActivityPicker extends AlertActivity implements
Parcelable parcel = intent.getParcelableExtra(Intent.EXTRA_INTENT);
if (parcel instanceof Intent) {
mBaseIntent = (Intent) parcel;
+ mBaseIntent.setFlags(mBaseIntent.getFlags() & ~(Intent.FLAG_GRANT_READ_URI_PERMISSION
+ | Intent.FLAG_GRANT_WRITE_URI_PERMISSION
+ | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION
+ | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION));
} else {
mBaseIntent = new Intent(Intent.ACTION_MAIN, null);
mBaseIntent.addCategory(Intent.CATEGORY_DEFAULT);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-16 15:05:08 +0000