diff options
author | Raman Tenneti <rtenneti@google.com> | 2019-10-01 15:20:22 -0700 |
---|---|---|
committer | Huizi Yang <yanghuiz@google.com> | 2019-10-15 19:12:32 -0700 |
commit | d7db9eeddd51d3a0a9286d00abc8b08d07ffc587 (patch) | |
tree | 205a7df644a3c041b065d01177eb189795285c8a | |
parent | d2787f631e0aa4392155f69a3784a1b72c93bd16 (diff) | |
download | Email-android10-security-release.tar.gz |
AOSP/Email - bug fix: do not allow composing message with hidden private data attachments - Switch intent filtering to be blacklist based rather than whitelist based.android-security-10.0.0_r75android-security-10.0.0_r74android-security-10.0.0_r73android-security-10.0.0_r72android-security-10.0.0_r71android-security-10.0.0_r70android-security-10.0.0_r69android-security-10.0.0_r68android-security-10.0.0_r67android-security-10.0.0_r66android-security-10.0.0_r65android-security-10.0.0_r64android-security-10.0.0_r63android-security-10.0.0_r62android-security-10.0.0_r61android-security-10.0.0_r60android-security-10.0.0_r59android-security-10.0.0_r58android-security-10.0.0_r57android-security-10.0.0_r56android-security-10.0.0_r55android-security-10.0.0_r54android-security-10.0.0_r53android-security-10.0.0_r52android-security-10.0.0_r51android-security-10.0.0_r50android-security-10.0.0_r49android-security-10.0.0_r48android-10.0.0_r47android-10.0.0_r46android10-security-release
+ Blacklist only EXTRA_IN_REFERENCE_TO_MESSAGE_URI.
+ Undoing some of the changes from https://android-review.googlesource.com/c/platform/packages/apps/Email/+/961354/
+ Ported/merged this change from CL: cl/235253805 (to match the internal version - ComposeActivityGmailExternal.java)
Bug: 127320867
Test: manual - Ran the following tests on Pixel phone. Tested the email UI.
$ make -j 40
$ make Email -j
$ make UnifiedEmailTests -j
$ make EmailTests -j
-rw-r--r-- 1 rtenneti primarygroup 6356400 Oct 1 12:07 out/target/product/marlin/testcases/Email/arm64/Email.apk
-rw-r--r-- 1 rtenneti primarygroup 389599 Oct 1 12:11 out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb install -r -d -g out/target/product/marlin/testcases/Email/arm64/Email.apk
$ adb install -r -d -g out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb shell am instrument -w com.android.email.tests
Time: 2.739
OK (157 tests)
$ atest EmailTests
Summary
-------
EmailTests: Passed: 157, Failed: 0, Ignored: 0, Assumption Failed: 0
All tests passed!
Change-Id: I5a397b61827b82502d26da2496831011956c868a
(cherry picked from commit a1fe2e84cfabd638e769010aa359049ea6cbf4d1)
-rw-r--r-- | src/com/android/email/activity/ComposeActivityEmailExternal.java | 18 |
1 files changed, 1 insertions, 17 deletions
diff --git a/src/com/android/email/activity/ComposeActivityEmailExternal.java b/src/com/android/email/activity/ComposeActivityEmailExternal.java index a94313a86..07f6fe160 100644 --- a/src/com/android/email/activity/ComposeActivityEmailExternal.java +++ b/src/com/android/email/activity/ComposeActivityEmailExternal.java @@ -48,24 +48,8 @@ public class ComposeActivityEmailExternal extends ComposeActivityEmail { private void sanitizeIntent() { Intent sanitizedIntent = getIntent(); if (sanitizedIntent != null) { - Bundle originalExtras = sanitizedIntent.getExtras(); - if (originalExtras == null) { - originalExtras = new Bundle(); - } - sanitizedIntent.replaceExtras(new Bundle()); - copyStringExtraIfExists(ComposeActivity.EXTRA_SUBJECT, originalExtras, sanitizedIntent); - copyStringExtraIfExists(ComposeActivity.EXTRA_TO, originalExtras, sanitizedIntent); - copyStringExtraIfExists(ComposeActivity.EXTRA_CC, originalExtras, sanitizedIntent); - copyStringExtraIfExists(ComposeActivity.EXTRA_BCC, originalExtras, sanitizedIntent); - copyStringExtraIfExists(ComposeActivity.EXTRA_BODY, originalExtras, sanitizedIntent); + sanitizedIntent.removeExtra(ComposeActivity.EXTRA_IN_REFERENCE_TO_MESSAGE_URI); setIntent(sanitizedIntent); } } - - private void copyStringExtraIfExists( - String extraKey, Bundle originalExtras, Intent sanitizedIntent) { - if (originalExtras.containsKey(extraKey)) { - sanitizedIntent.putExtra(extraKey, originalExtras.getString(extraKey)); - } - } } |