diff options
author | Raman Tenneti <rtenneti@google.com> | 2019-05-13 13:29:40 -0700 |
---|---|---|
committer | Kevin F. Haggerty <haggertk@lineageos.org> | 2019-09-05 22:00:10 -0600 |
commit | dfc2cbb2669bf170588d9086f5a0d4e8be94b732 (patch) | |
tree | 707250691fe30553f9a3988239845db3fc0fc8cf | |
parent | 9a8f747b68fcef836d1cd1486c1c6bc5829ef8f9 (diff) | |
download | android_packages_apps_Email-dfc2cbb2669bf170588d9086f5a0d4e8be94b732.tar.gz android_packages_apps_Email-dfc2cbb2669bf170588d9086f5a0d4e8be94b732.tar.bz2 android_packages_apps_Email-dfc2cbb2669bf170588d9086f5a0d4e8be94b732.zip |
AOSP/Email - bug fix: do not allow composing message with hidden private data attachments.
Ported/merged thefollowing from CL
https://critique.corp.google.com/#review/247540041
original file:
java/com/google/android/apps/gmail/unifiedgmail/src/com/google/android/gm/ComposeActivityGmailExternal.java
aosp's version:
src/com/android/email/activity/ComposeActivityEmailExternal.java
Change description from the above CL:
"Switch intent filtering to be whitelist based rather than blacklist based.
ComposeActivityGmailExternal should whitelist what extras we allow in.
This is a very belated follow up to cl/235253805 where I wrote a quick fix
as a blacklist based solution."
Bug: 127320867
Test: manual - Ran the following tests on Pixel phone. Tested the email UI.
$ make -j 40
-rw-r--r-- 1 rtenneti primarygroup 6375626 May 5 19:49 out/target/product/marlin/system/product/app/Email/Email.apk
$ make UnifiedEmailTests -j
-rw-r--r-- 1 rtenneti primarygroup 311703 May 5 20:04 out/target/product/marlin/testcases/UnifiedEmailTests/arm64/UnifiedEmailTests.apk
$ make EmailTests -j
-rw-r--r-- 1 rtenneti primarygroup 365023 May 13 14:39 out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb install -r out/target/product/marlin/system/product/app/Email/Email.apk
$ adb install -r out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb install -r out/target/product/marlin/testcases/UnifiedEmailTests/arm64/UnifiedEmailTests.apk
$ adb shell am instrument -w com.android.mail.emailtests
Time: 3.519
OK (157 tests)
Change-Id: I5f6541ceb79a1a1c598d0c8207e3cab98d1a8ac5
Merged-In: I5f6541ceb79a1a1c598d0c8207e3cab98d1a8ac5
(cherry picked from commit e81f6f92bbdd43f34aa25fc2b7605aeb887af2cc)
-rw-r--r-- | src/com/android/email/activity/ComposeActivityEmailExternal.java | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/src/com/android/email/activity/ComposeActivityEmailExternal.java b/src/com/android/email/activity/ComposeActivityEmailExternal.java index 455193bea..a5cbe9d3a 100644 --- a/src/com/android/email/activity/ComposeActivityEmailExternal.java +++ b/src/com/android/email/activity/ComposeActivityEmailExternal.java @@ -16,11 +16,21 @@ package com.android.email.activity; +import android.content.Intent; +import android.os.Bundle; +import com.android.mail.compose.ComposeActivity; + /** * A subclass of {@link ComposeActivityEmail} which is exported for other Android packages to open. */ public class ComposeActivityEmailExternal extends ComposeActivityEmail { + @Override + protected void onCreate(Bundle savedInstanceState) { + sanitizeIntent(); + super.onCreate(savedInstanceState); + } + /** * Only relevant when WebView Compose is enabled. Change this when WebView * Compose is enabled for Email. @@ -29,4 +39,30 @@ public class ComposeActivityEmailExternal extends ComposeActivityEmail { public boolean isExternal() { return false; } + + /** + * Overrides the value of {@code #getIntent()} so any future callers will get a sanitized version + * of the intent. + */ + // See b/114493057 for context. + private void sanitizeIntent() { + Intent sanitizedIntent = getIntent(); + if (sanitizedIntent != null) { + Bundle originalExtras = sanitizedIntent.getExtras(); + sanitizedIntent.replaceExtras(new Bundle()); + copyStringExtraIfExists(ComposeActivity.EXTRA_SUBJECT, originalExtras, sanitizedIntent); + copyStringExtraIfExists(ComposeActivity.EXTRA_TO, originalExtras, sanitizedIntent); + copyStringExtraIfExists(ComposeActivity.EXTRA_CC, originalExtras, sanitizedIntent); + copyStringExtraIfExists(ComposeActivity.EXTRA_BCC, originalExtras, sanitizedIntent); + copyStringExtraIfExists(ComposeActivity.EXTRA_BODY, originalExtras, sanitizedIntent); + setIntent(sanitizedIntent); + } + } + + private void copyStringExtraIfExists( + String extraKey, Bundle originalExtras, Intent sanitizedIntent) { + if (originalExtras.containsKey(extraKey)) { + sanitizedIntent.putExtra(extraKey, originalExtras.getString(extraKey)); + } + } } |