commit 5465eb43da60f00e09f921f992d4931384db8409
author Android Build Coastguard Worker <android-build-coastguard-worker@google.com> Thu Jun 08 20:35:07 2023 +0000
committer Android Build Coastguard Worker <android-build-coastguard-worker@google.com> Thu Jun 08 20:35:07 2023 +0000
tree 10a217874e356ddf10d92a0fc0d72f66fd807e62
parent 64d5bddce84ecae1648949ba2faed1950919db4d
parent ca4c9a19635119d95900793e7a41b820cd1d94d9

Merge cherrypicks of ['googleplex-android-review.googlesource.com/23185329'] into security-aosp-tm-release.

Change-Id: Ia64b8e358269e5d67da1de9932a02e19d36b38c9

src/com/android/providers/telephony/MmsProvider.java

diff --git a/src/com/android/providers/telephony/MmsProvider.java b/src/com/android/providers/telephony/MmsProvider.java
index 5ddd6ac..18f170a 100644
--- a/src/com/android/providers/telephony/MmsProvider.java
+++ b/src/com/android/providers/telephony/MmsProvider.java
@@ -828,15 +828,16 @@
                         uri.getPathSegments().get(1);
 
                 try {
+                    File canonicalFile = new File(path).getCanonicalFile();
                     String partsDirPath = getContext().getDir(PARTS_DIR_NAME, 0).getCanonicalPath();
-                    if (!new File(path).getCanonicalPath().startsWith(partsDirPath)) {
+                    if (!canonicalFile.getPath().startsWith(partsDirPath + '/')) {
                         EventLog.writeEvent(0x534e4554, "240685104",
                                 Binder.getCallingUid(), (TAG + " update: path " + path +
                                         " does not start with " + partsDirPath));
                         return 0;
                     }
                     // Reset the file permission back to read for everyone but me.
-                    Os.chmod(path, 0644);
+                    Os.chmod(canonicalFile.getPath(), 0644);
                     if (LOCAL_LOGV) {
                         Log.d(TAG, "MmsProvider.update chmod is successful for path: " + path);
                     }