From cc25d6c26ff5e2744de0971c3144a6f00ea23718 Mon Sep 17 00:00:00 2001
From: Jeff Sharkey <jsharkey@android.com>
Date: Tue, 28 Jun 2016 10:07:48 -0600
Subject: Clear identity when deleting scanned entry.

When deleting a file from DownloadManager, we also reach over and
clean up any scanned MediaStore entries.  However, DownloadManager
clients may not hold the WRITE_EXTERNAL_STORAGE permission, such as
when they downloaded a file into their package-specific directories.

The safest fix for now is to clear the calling identity and always
clean up the MediaStore entries ourselves, since DownloadProvider
always holds the required storage permission.

Bug: 29777504
Change-Id: Iea8f5696410010807b118bb56e5b897c53f0e1fe
---
 src/com/android/providers/downloads/DownloadProvider.java | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/com/android/providers/downloads/DownloadProvider.java b/src/com/android/providers/downloads/DownloadProvider.java
index 4b83cacb..d30018f7 100644
--- a/src/com/android/providers/downloads/DownloadProvider.java
+++ b/src/com/android/providers/downloads/DownloadProvider.java
@@ -1229,8 +1229,13 @@ public final class DownloadProvider extends ContentProvider {
 
                         final String mediaUri = cursor.getString(2);
                         if (!TextUtils.isEmpty(mediaUri)) {
-                            getContext().getContentResolver().delete(Uri.parse(mediaUri), null,
-                                    null);
+                            final long token = Binder.clearCallingIdentity();
+                            try {
+                                getContext().getContentResolver().delete(Uri.parse(mediaUri), null,
+                                        null);
+                            } finally {
+                                Binder.restoreCallingIdentity(token);
+                            }
                         }
                     }
                 }
-- 
cgit v1.2.3