am 18b3aa18: am 68212ccd: am 2ef7a650: am d5a4e173: am 5576641a: Merge "Fix issue #17614141: Add protection for accessing images" into lmp-dev
* commit '18b3aa187f4ccfea6f9c9e6e4d5e5eb3bd2e4296':
Fix issue #17614141: Add protection for accessing images
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index 8cb12cd..cc01989 100755
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -8398,6 +8398,10 @@
@Override
public Bitmap getTaskDescriptionIcon(String filename) {
+ if (!FileUtils.isValidExtFilename(filename)
+ || !filename.contains(ActivityRecord.ACTIVITY_ICON_SUFFIX)) {
+ throw new IllegalArgumentException("Bad filename: " + filename);
+ }
return mTaskPersister.getTaskDescriptionIcon(filename);
}
diff --git a/services/core/java/com/android/server/am/ActivityRecord.java b/services/core/java/com/android/server/am/ActivityRecord.java
index 2db7cec..198273e 100755
--- a/services/core/java/com/android/server/am/ActivityRecord.java
+++ b/services/core/java/com/android/server/am/ActivityRecord.java
@@ -79,7 +79,7 @@
private static final String ATTR_LAUNCHEDFROMPACKAGE = "launched_from_package";
private static final String ATTR_RESOLVEDTYPE = "resolved_type";
private static final String ATTR_COMPONENTSPECIFIED = "component_specified";
- private static final String ACTIVITY_ICON_SUFFIX = "_activity_icon_";
+ static final String ACTIVITY_ICON_SUFFIX = "_activity_icon_";
final ActivityManagerService service; // owner
final IApplicationToken.Stub appToken; // window manager token