FPII-1812: DO NOT MERGE addNewIncomingCall now checks PAH
DO NOT MERGE addNewIncomingCall now checks PAH
TelecomManager.addNewIncomingCall now verifies the PhoneAccountHandle
belongs to a registered PhoneAccount before adding the incoming call.
Otherwise, it throws a SecurityException.
Bug: 26864502
Change-Id: I9a7ad810f266a55f2358fca94539a7556989bee8
diff --git a/src/com/android/server/telecom/TelecomService.java b/src/com/android/server/telecom/TelecomService.java
index b655af9..3941a8f 100755
--- a/src/com/android/server/telecom/TelecomService.java
+++ b/src/com/android/server/telecom/TelecomService.java
@@ -43,6 +43,8 @@
import android.telephony.TelephonyManager;
import android.text.TextUtils;
+import android.util.EventLog;
+
// TODO: Needed for move to system service: import com.android.internal.R;
import com.android.internal.telecom.ITelecomService;
import com.android.internal.util.IndentingPrintWriter;
@@ -660,6 +662,7 @@
mAppOpsManager.checkPackage(
Binder.getCallingUid(), phoneAccountHandle.getComponentName().getPackageName());
+ enforcePhoneAccountIsRegistered(phoneAccountHandle);
// Make sure it doesn't cross the UserHandle boundary
enforceUserHandleMatchesCaller(phoneAccountHandle);
@@ -685,6 +688,7 @@
mAppOpsManager.checkPackage(
Binder.getCallingUid(), phoneAccountHandle.getComponentName().getPackageName());
+ enforcePhoneAccountIsRegistered(phoneAccountHandle);
// Make sure it doesn't cross the UserHandle boundary
enforceUserHandleMatchesCaller(phoneAccountHandle);
@@ -866,6 +870,16 @@
return false;
}
+ // Enforce that the PhoneAccountHandle being passed in is registered to a valid PhoneAccount.
+ private void enforcePhoneAccountIsRegistered(PhoneAccountHandle phoneAccountHandle) {
+ PhoneAccount phoneAccount = mPhoneAccountRegistrar.getPhoneAccount(phoneAccountHandle);
+ if(phoneAccount == null) {
+ EventLog.writeEvent(0x534e4554, "26864502", Binder.getCallingUid(), "R");
+ throw new SecurityException("This PhoneAccountHandle is not registered to a valid " +
+ "PhoneAccount!");
+ }
+ }
+
private void enforcePhoneAccountModificationForPackage(String packageName) {
// TODO: Use a new telecomm permission for this instead of reusing modify.