Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / packages / services / Telecomm / 0b53a8482dce33fe98bd4bc144083caf160d5fb9
commit0b53a8482dce33fe98bd4bc144083caf160d5fb9[log] [tgz]
authorGrace Jia <xiaotonj@google.com>Thu Sep 22 14:20:57 2022 -0700
committerBharath <bharath@teamb58.org>Thu Jan 12 11:34:40 2023 +0530
tree483dd3a3735cef91d9a929c49a4887659d238f67
parentc756d84f4f7dd0ed171d2b4ff5d0ba3761b4c8cd [diff]
Fix security vulnerability when register phone accounts.

Currently if the registered self-managed phone account updated to a call
provider phone account, the enable state will be directly copied to the
updated one so that malicious app can perform call spoofing attack
without any permission requirements. Fix this by disallowing change a
self-managed phone account to a managed phone account.

Bug: 246930197
Test: CtsTelecomTestCases:SelfManagedConnectionSreviceTest
Change-Id: I8f7984cd491632b3219133044438b82ca4dec80e
Merged-In: I8f7984cd491632b3219133044438b82ca4dec80e
(cherry picked from commit 833dd8480adc773e36d388521a14fd8cd11d6a30)
Merged-In: I8f7984cd491632b3219133044438b82ca4dec80e
1 file changed
tree: 483dd3a3735cef91d9a929c49a4887659d238f67
  1. libs/
  2. proto/
  3. res/
  4. scripts/
  5. src/
  6. testapps/
  7. tests/
  8. .classpath
  9. .project
  10. Android.bp
  11. AndroidManifest.xml
  12. CleanSpec.mk
  13. OWNERS
  14. proguard.flags