Merge "Restrict bindIsolatedService instanceName to just letters, digits, '_', and '.'" into qt-dev
diff --git a/core/java/android/content/Context.java b/core/java/android/content/Context.java
index 00238bf..3dd510c 100644
--- a/core/java/android/content/Context.java
+++ b/core/java/android/content/Context.java
@@ -3015,7 +3015,8 @@
* specify an explicit component name.
* @param flags Operation options for the binding as per {@link #bindService}.
* @param instanceName Unique identifier for the service instance. Each unique
- * name here will result in a different service instance being created.
+ * name here will result in a different service instance being created. Identifiers
+ * must only contain ASCII letters, digits, underscores, and periods.
* @return Returns success of binding as per {@link #bindService}.
* @param executor Callbacks on ServiceConnection will be called on executor.
* Must use same instance for the same instance of ServiceConnection.
@@ -3023,6 +3024,7 @@
* This must be a valid ServiceConnection object; it must not be null.
*
* @throws SecurityException If the caller does not have permission to access the service
+ * @throws IllegalArgumentException If the instanceName is invalid.
*
* @see #bindService
*/
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index dcb3a22..fc5d393 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -13853,6 +13853,18 @@
throw new IllegalArgumentException("callingPackage cannot be null");
}
+ // Ensure that instanceName, which is caller provided, does not contain
+ // unusual characters.
+ if (instanceName != null) {
+ for (int i = 0; i < instanceName.length(); ++i) {
+ char c = instanceName.charAt(i);
+ if (!((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z')
+ || (c >= '0' && c <= '9') || c == '_' || c == '.')) {
+ throw new IllegalArgumentException("Illegal instanceName");
+ }
+ }
+ }
+
synchronized(this) {
return mServices.bindServiceLocked(caller, token, service,
resolvedType, connection, flags, instanceName, callingPackage, userId);