commit 2aba11f6b9b7b202742a11797084a23d0f940c35
author Romain Guy <romainguy@google.com> Mon Mar 29 16:03:01 2010 -0700
committer Romain Guy <romainguy@google.com> Mon Mar 29 16:03:01 2010 -0700
tree d04d3e92e219ca9b591dbf98e8070d410e251c92
parent 89d4e2dd7888913d3eb1f4f669bd756a3b85f2c1

Fix possible security issue.
Bug #2553187

Limit the max number of lines for each entry in the ResolveActivity to 2. Also
make sure to discard potential styling tags and newlines/space characters from
package name and activity labels.

Change-Id: Ibda3688267aa948b921164d3d3abc8c9236e61a2

core/java/android/content/pm/ResolveInfo.java

diff --git a/core/java/android/content/pm/ResolveInfo.java b/core/java/android/content/pm/ResolveInfo.java
index b6f4acc..a35940f 100644
--- a/core/java/android/content/pm/ResolveInfo.java
+++ b/core/java/android/content/pm/ResolveInfo.java
@@ -133,7 +133,7 @@
         if (resolvePackageName != null && labelRes != 0) {
             label = pm.getText(resolvePackageName, labelRes, null);
             if (label != null) {
-                return label;
+                return label.toString().trim();
             }
         }
         ComponentInfo ci = activityInfo != null ? activityInfo : serviceInfo;
@@ -141,10 +141,14 @@
         if (labelRes != 0) {
             label = pm.getText(ci.packageName, labelRes, ai);
             if (label != null) {
-                return label;
+                return label.toString().trim();
             }
         }
-        return ci.loadLabel(pm);
+
+        CharSequence data = ci.loadLabel(pm);
+        // Make the data safe
+        if (data != null) data = data.toString().trim();
+        return data;
     }
     
     /**