Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / cts / f890b6b123e4209677ceff26549039115956c815
commitf890b6b123e4209677ceff26549039115956c815[log] [tgz]
authorSongFerngWang <songferngwang@google.com>Wed May 05 21:35:01 2021 +0800
committerAndroid Build Coastguard Worker <android-build-coastguard-worker@google.com>Thu Jul 01 10:59:06 2021 +0000
tree40c106aa78049acc159b363a7974d18f621ea6d5
parentc3946c3d4860ffcca3d8afb30b5411b2df3f0a15 [diff]
[security] SubscriptionGroup is exposed to unprivileged callers

SubscriptionInfo.mGroupUUID is not cleared in
conditionallyRemoveIdentifiers if the caller only has READ_PHONE_STATE
(based on a check to checkReadPhoneState) and not READ_DEVICE_IDENTIFIERS.
Bug: 181053462
Test: atest SubscriptionManagerTest

Change-Id: Ic371faf1ded5186fd6aad022ffd3bf06066e663a
Merged-In: Ic371faf1ded5186fd6aad022ffd3bf06066e663a
(cherry picked from commit 91f5aa165e6a62511d9450de67da26377d9815c4)
1 file changed
tree: 40c106aa78049acc159b363a7974d18f621ea6d5
  1. .prebuilt_info/
  2. apps/
  3. build/
  4. common/
  5. development/
  6. helpers/
  7. hostsidetests/
  8. libs/
  9. suite/
  10. tests/
  11. tools/
  12. .gitignore
  13. Android.bp
  14. Android.mk
  15. CleanSpec.mk
  16. CtsCoverage.mk
  17. error_prone_rules.mk
  18. error_prone_rules_tests.mk
  19. PREUPLOAD.cfg
  20. run_unit_tests.sh
  21. test_defs.sh