commit | 6923b72ccc4bd57939cc7d529be385d1afc4a23f | [log] [tgz] |
---|---|---|
author | Sergey Nikolaienkov <sergeynv@google.com> | Tue Mar 28 12:22:31 2023 +0200 |
committer | Fairphone ODM <fairphone-odm@localhost> | Mon Sep 25 15:03:56 2023 +0800 |
tree | cf42355f715644f517a5c829f710a879ef0d1078 | |
parent | 428bb98193bf6f305e1fbf27542fa6c21ca2a0d5 [diff] |
Fix path traversal vulnerabilities in MediaProvider Canonicalize filepath provided by the caller when hanling SCAN_FILE_CALL method call in MediaProvider. Additionally, make sure to check access permission in SCAN_FILE_CALL (using enforceCallingPermissionInternal()). Preemptively canonicalize Files provided as an arguments to the public API methods in ModernMediaScanner (scanFile(), scanDirectory() and onDirectoryDirty()) to prevent path traversal attacks. Bug: 262244882 Test: atest MediaProviderTests (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:dc981046aba07e1a83c8be3885d98aa2fd6b3002) Merged-In: I61e77d69ae857984b819fa0ea27bec5c26a34842 Change-Id: I61e77d69ae857984b819fa0ea27bec5c26a34842 (cherry picked from commit 80a223a20fed91ddfecddf2a1c6a6581b828c52f)