summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTreeHugger Robot <treehugger-gerrit@google.com>2019-11-08 21:50:02 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>2019-11-08 21:50:02 +0000
commit992cfbf63d13e9490f4726119733fda7f638089c (patch)
tree1397b3133315b80aebb453dc337b1e9a7103b39b
parent45656e296fb53ec0f60dc1ec00b06637a395bb43 (diff)
parent7e04887e5945c193bd5abf92ec6092b3a2295a04 (diff)
downloadandroid_packages_apps_Trebuchet-992cfbf63d13e9490f4726119733fda7f638089c.tar.gz
android_packages_apps_Trebuchet-992cfbf63d13e9490f4726119733fda7f638089c.tar.bz2
android_packages_apps_Trebuchet-992cfbf63d13e9490f4726119733fda7f638089c.zip
Merge "Address SessionCommitReceiver vulnerability by validating intent." into ub-launcher3-qt-future-dev
Diffstat
-rw-r--r--src/com/android/launcher3/SessionCommitReceiver.java7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/com/android/launcher3/SessionCommitReceiver.java b/src/com/android/launcher3/SessionCommitReceiver.java
index 6853bf694..a87c44658 100644
--- a/src/com/android/launcher3/SessionCommitReceiver.java
+++ b/src/com/android/launcher3/SessionCommitReceiver.java
@@ -71,8 +71,13 @@ public class SessionCommitReceiver extends BroadcastReceiver {
SessionInfo info = intent.getParcelableExtra(PackageInstaller.EXTRA_SESSION);
UserHandle user = intent.getParcelableExtra(Intent.EXTRA_USER);
- PackageInstallerCompat packageInstallerCompat = PackageInstallerCompat.getInstance(context);
+ if (!PackageInstaller.ACTION_SESSION_COMMITTED.equals(intent.getAction())
+ || info == null || user == null) {
+ // Invalid intent.
+ return;
+ }
+ PackageInstallerCompat packageInstallerCompat = PackageInstallerCompat.getInstance(context);
if (TextUtils.isEmpty(info.getAppPackageName())
|| info.getInstallReason() != PackageManager.INSTALL_REASON_USER
|| packageInstallerCompat.promiseIconAddedForId(info.getSessionId())) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 14:42:13 +0000