diff options
Diffstat (limited to 'src/com/android/providers/downloads/DownloadProvider.java')
-rw-r--r-- | src/com/android/providers/downloads/DownloadProvider.java | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/com/android/providers/downloads/DownloadProvider.java b/src/com/android/providers/downloads/DownloadProvider.java index 9336b737..d848b65b 100644 --- a/src/com/android/providers/downloads/DownloadProvider.java +++ b/src/com/android/providers/downloads/DownloadProvider.java @@ -151,6 +151,7 @@ public final class DownloadProvider extends ContentProvider { /** List of uids that can access the downloads */ private int mSystemUid = -1; private int mDefContainerUid = -1; + private File mDownloadsDataDir; @VisibleForTesting SystemFacade mSystemFacade; @@ -421,6 +422,7 @@ public final class DownloadProvider extends ContentProvider { if (appInfo != null) { mDefContainerUid = appInfo.uid; } + mDownloadsDataDir = Helpers.getDownloadsDataDirectory(getContext()); return true; } @@ -490,7 +492,8 @@ public final class DownloadProvider extends ContentProvider { && dest != Downloads.Impl.DESTINATION_EXTERNAL && dest != Downloads.Impl.DESTINATION_CACHE_PARTITION_PURGEABLE && dest != Downloads.Impl.DESTINATION_FILE_URI) { - throw new SecurityException("unauthorized destination code"); + throw new SecurityException("setting destination to : " + dest + + " not allowed, unless PERMISSION_ACCESS_ADVANCED is granted"); } // for public API behavior, if an app has CACHE_NON_PURGEABLE permission, automatically // switch to non-purgeable download @@ -508,6 +511,11 @@ public final class DownloadProvider extends ContentProvider { Binder.getCallingPid(), Binder.getCallingUid(), "need WRITE_EXTERNAL_STORAGE permission to use DESTINATION_FILE_URI"); checkFileUriDestination(values); + } else if (dest == Downloads.Impl.DESTINATION_SYSTEMCACHE_PARTITION) { + getContext().enforcePermission( + android.Manifest.permission.ACCESS_CACHE_FILESYSTEM, + Binder.getCallingPid(), Binder.getCallingUid(), + "need ACCESS_CACHE_FILESYSTEM permission to use system cache"); } filteredValues.put(Downloads.Impl.COLUMN_DESTINATION, dest); } @@ -1068,7 +1076,7 @@ public final class DownloadProvider extends ContentProvider { if (path == null) { throw new FileNotFoundException("No filename found."); } - if (!Helpers.isFilenameValid(path)) { + if (!Helpers.isFilenameValid(path, mDownloadsDataDir)) { throw new FileNotFoundException("Invalid filename."); } if (!"r".equals(mode)) { |