Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / packages / services / Telephony / refs/heads/odm/dev/target/13/fp5
commita56d46baa5737bea99ebb0678b54123d0e4f0e4d[log] [tgz]
authorAshish Kumar <akgaurav@google.com>Fri May 26 14:18:46 2023 +0000
committerandroid-t1 <android-t1@t2mobile.com>Tue Aug 29 15:48:41 2023 +0800
treeef20138639bd18e86c91fe486ef4b61fc79ec603
parentc1cfe5a697557e29e00b34e2acc378723c5eaf8c [diff]
RESTRICT AUTOMERGE Fixed leak of cross user data in multiple settings.

  - Any app is allowed to receive GET_CONTENT intent. Using this, an user puts back in the intent an uri with data of another user.
  - Telephony service has INTERACT_ACROSS_USER permission. Using this, it reads and shows the deta to the evil user.

Fix: When telephony service gets the intent result, it checks if the uri is from the current user or not.

Bug: b/256591023 , b/256819787

Test: The malicious behaviour was not being reproduced. Unable to import contact from other users data.
Test2: Able to import contact from the primary user or uri with no user id
(These settings are not available for secondary users)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:36e10a6d0d7b9efc543f8004729fa85751f4f70d)
Merged-In: I1e3a643f17948153aecc1d0df9ffd9619ad678c1
Change-Id: I1e3a643f17948153aecc1d0df9ffd9619ad678c1
3 files changed
tree: ef20138639bd18e86c91fe486ef4b61fc79ec603
  1. apex/
  2. assets/
  3. client/
  4. ecc/
  5. res/
  6. sip/
  7. src/
  8. testapps/
  9. tests/
  10. Android.bp
  11. AndroidManifest.xml
  12. CleanSpec.mk
  13. lint.xml
  14. MODULE_LICENSE_APACHE2
  15. NOTICE
  16. OWNERS
  17. PREUPLOAD.cfg
  18. proguard.flags
  19. TEST_MAPPING