diff options
| author | Stephen Bird <sbird@cyngn.com> | 2016-04-22 12:27:37 -0700 |
|---|---|---|
| committer | Stephen Bird <sbird@cyngn.com> | 2016-04-26 16:32:19 -0700 |
| commit | f03cfa66361936b0a444ebac3ef8ee6127229905 (patch) | |
| tree | 291a49b485cd73931f19e9cdc61e08f947d634d2 | |
| parent | 62f9ccb88e5a4569e5d95d49998027549b9ad489 (diff) | |
| download | android_packages_apps_InCallUI-f03cfa66361936b0a444ebac3ef8ee6127229905.tar.gz android_packages_apps_InCallUI-f03cfa66361936b0a444ebac3ef8ee6127229905.tar.bz2 android_packages_apps_InCallUI-f03cfa66361936b0a444ebac3ef8ee6127229905.zip | |
CallButtons: Prevent FRP bypass via the video calling option
When OOBE is open, phone calls can be placed to the device.
The incall dialog feature to change to a video call is exploitable
via the dialogs that it creates.
Check to ensure that the device is provisioned by us before showing
this button.
Ticket: CD-545
Change-Id: I49db4df359118a8ea4194b94abf9024fd32064d5
(cherry picked from commit 536b9f5beb1a7d367bd306c0c664ed5cc6f9ee1c)
| -rw-r--r-- | src/com/android/incallui/CallButtonPresenter.java | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/src/com/android/incallui/CallButtonPresenter.java b/src/com/android/incallui/CallButtonPresenter.java index cb7b6a03..648bf431 100644 --- a/src/com/android/incallui/CallButtonPresenter.java +++ b/src/com/android/incallui/CallButtonPresenter.java @@ -32,6 +32,7 @@ import android.os.Bundle; import android.os.Handler; import android.os.Looper; import android.os.ResultReceiver; +import android.provider.Settings; import android.telecom.CallAudioState; import android.telecom.InCallService.VideoCall; import android.telecom.PhoneAccount; @@ -61,6 +62,8 @@ import com.cyanogen.ambient.incall.extension.OriginCodes; import com.cyanogen.ambient.incall.extension.StatusCodes; import com.cyanogen.ambient.incall.extension.StartCallRequest; +import cyanogenmod.providers.CMSettings; + import java.util.List; import java.util.Objects; @@ -578,6 +581,13 @@ public class CallButtonPresenter extends Presenter<CallButtonPresenter.CallButto QtiCallUtils.hasVoiceCapabilities(mCall)); } + private boolean isDeviceProvisionedInSettingsDb(Context context) { + return (CMSettings.Secure.getInt(context.getContentResolver(), + CMSettings.Secure.CM_SETUP_WIZARD_COMPLETED, 0) != 0) + && (Settings.Global.getInt(context.getContentResolver(), + Settings.Global.DEVICE_PROVISIONED, 0) != 0); + } + /** * Updates the buttons applicable for the UI. * @@ -609,7 +619,8 @@ public class CallButtonPresenter extends Presenter<CallButtonPresenter.CallButto (QtiCallUtils.hasVideoCapabilities(call) || QtiCallUtils.hasVoiceCapabilities(call) || (contactInCallPlugins != null && !contactInCallPlugins.isEmpty())) && - (callState == Call.State.ACTIVE || callState == Call.State.ONHOLD); + (callState == Call.State.ACTIVE || callState == Call.State.ONHOLD) + && isDeviceProvisionedInSettingsDb(ui.getContext()); final boolean showMute = call.can(android.telecom.Call.Details.CAPABILITY_MUTE); final boolean showAddParticipant = call.can( |