diff options
| author | Paul Jensen <pauljensen@google.com> | 2015-08-28 12:00:15 -0400 |
|---|---|---|
| committer | The Android Automerger <android-build@android.com> | 2015-09-28 16:29:57 -0700 |
| commit | ee409d3ab5abc34c786a5e8d087d5a9ba61f5275 (patch) | |
| tree | 80a497836ec4ea590e5c75c774b5f4d4cdc22974 | |
| parent | 2de275c9a3b0f472f617089f1f817b09f6dad493 (diff) | |
| download | base-ee409d3ab5abc34c786a5e8d087d5a9ba61f5275.tar.gz | |
Don't mark NetworkRequests restricted when they don't have restricted caps
Requests without NET_CAPABILITIES_INTERNET and just the default network
capabilities should not be marked restricted. Without this fix apps
can hit permissions exceptions if they inadvertently make requests
without NET_CAPABILITIES_INTERNET.
Bug:23164917
Change-Id: I4c7136821315bcb05dfc42ffbc505a5d4f6109e6
(cherry picked from commit aae613d96134245af7c55976731a49fa59e77470)
| -rw-r--r-- | core/java/android/net/NetworkCapabilities.java | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/core/java/android/net/NetworkCapabilities.java b/core/java/android/net/NetworkCapabilities.java index 76c24bade95d..072088589e59 100644 --- a/core/java/android/net/NetworkCapabilities.java +++ b/core/java/android/net/NetworkCapabilities.java @@ -281,8 +281,12 @@ public final class NetworkCapabilities implements Parcelable { public void maybeMarkCapabilitiesRestricted() { // If all the capabilities are typically provided by restricted networks, conclude that this // network is restricted. - if ((mNetworkCapabilities & ~(DEFAULT_CAPABILITIES | RESTRICTED_CAPABILITIES)) == 0) + if ((mNetworkCapabilities & ~(DEFAULT_CAPABILITIES | RESTRICTED_CAPABILITIES)) == 0 && + // Must have at least some restricted capabilities, otherwise a request for an + // internet-less network will get marked restricted. + (mNetworkCapabilities & RESTRICTED_CAPABILITIES) != 0) { removeCapability(NET_CAPABILITY_NOT_RESTRICTED); + } } /** |