Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / packages / services / Telephony / refs/heads/odm/rc/qssi/12/fp4
commit3e118036167f060606865c1c2ebc69766e4b81bc[log] [tgz]
authorAshish Kumar <akgaurav@google.com>Fri May 26 14:18:46 2023 +0000
committerFairphone ODM <fairphone-odm@localhost>Thu Aug 31 16:37:05 2023 +0800
tree477cab9e4c2c75364bbbc33f6990c7a5c961b5f9
parentb368e5bef0bce214a9d04c36d0eebf8ca5758bff [diff]
Fixed leak of cross user data in multiple settings.

  - Any app is allowed to receive GET_CONTENT intent. Using this, an user puts back in the intent an uri with data of another user.
  - Telephony service has INTERACT_ACROSS_USER permission. Using this, it reads and shows the deta to the evil user.

Fix: When telephony service gets the intent result, it checks if the uri is from the current user or not.

Bug: b/256591023 , b/256819787

Test: The malicious behaviour was not being reproduced. Unable to import contact from other users data.
Test2: Able to import contact from the primary user or uri with no user id
(These settings are not available for secondary users)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ab593467e900d4a6d25a34024a06195ae863f6dc)
Merged-In: I1e3a643f17948153aecc1d0df9ffd9619ad678c1
Change-Id: I1e3a643f17948153aecc1d0df9ffd9619ad678c1
(cherry picked from commit c853a6d593a7af567fda5873122e6b93aa8fd7fc)
4 files changed
tree: 477cab9e4c2c75364bbbc33f6990c7a5c961b5f9
  1. apex/
  2. assets/
  3. client/
  4. ecc/
  5. res/
  6. sip/
  7. src/
  8. testapps/
  9. tests/
  10. Android.bp
  11. AndroidManifest.xml
  12. CleanSpec.mk
  13. lint.xml
  14. NOTICE
  15. OWNERS
  16. PREUPLOAD.cfg
  17. proguard.flags
  18. TEST_MAPPING