Clear identity when deleting scanned entry.

When deleting a file from DownloadManager, we also reach over and
clean up any scanned MediaStore entries.  However, DownloadManager
clients may not hold the WRITE_EXTERNAL_STORAGE permission, such as
when they downloaded a file into their package-specific directories.

The safest fix for now is to clear the calling identity and always
clean up the MediaStore entries ourselves, since DownloadProvider
always holds the required storage permission.

Bug: 29777504
Change-Id: Iea8f5696410010807b118bb56e5b897c53f0e1fe

1 files changed, 7 insertions, 2 deletions

diff --git a/src/com/android/providers/downloads/DownloadProvider.java b/src/com/android/providers/downloads/DownloadProvider.java
index 4b83cacb..d30018f7 100644
--- a/src/com/android/providers/downloads/DownloadProvider.java
+++ b/src/com/android/providers/downloads/DownloadProvider.java
@@ -1229,8 +1229,13 @@ public final class DownloadProvider extends ContentProvider {
 
                         final String mediaUri = cursor.getString(2);
                         if (!TextUtils.isEmpty(mediaUri)) {
-                            getContext().getContentResolver().delete(Uri.parse(mediaUri), null,
-                                    null);
+                            final long token = Binder.clearCallingIdentity();
+                            try {
+                                getContext().getContentResolver().delete(Uri.parse(mediaUri), null,
+                                        null);
+                            } finally {
+                                Binder.restoreCallingIdentity(token);
+                            }
                         }
                     }
                 }