diff options
| author | Xin Li <delphij@google.com> | 2023-08-14 15:42:05 -0700 |
|---|---|---|
| committer | Xin Li <delphij@google.com> | 2023-08-14 15:42:05 -0700 |
| commit | cc70e7f9120455c6b31ff6fc073b6424a448224c (patch) | |
| tree | c964658298f4e799817774b14ec0ac72c3f36c10 | |
| parent | 591bf2432c041fa521a6bd29846fe433c4229e1e (diff) | |
| parent | ec2af4c798777d8806d2db97b1c72bd5ab6b64bc (diff) | |
| download | Messaging-tmp_amf_298295554.tar.gz | |
Merge Android U (ab/10368041)tmp_amf_298295554
Bug: 291102124
Merged-In: I14048e3a7575f49da4cc945f32d2df839a4f0a00
Change-Id: If29d13904ad08d858094db9dd4b4abace9ce81b9
4 files changed, 49 insertions, 2 deletions
diff --git a/src/android/support/v7/mms/MmsNetworkManager.java b/src/android/support/v7/mms/MmsNetworkManager.java index 059ca8f..1021b5a 100644 --- a/src/android/support/v7/mms/MmsNetworkManager.java +++ b/src/android/support/v7/mms/MmsNetworkManager.java @@ -324,7 +324,8 @@ class MmsNetworkManager { private void registerConnectivityChangeReceiverLocked() { if (!mReceiverRegistered) { - mContext.registerReceiver(mConnectivityChangeReceiver, mConnectivityIntentFilter); + mContext.registerReceiver(mConnectivityChangeReceiver, mConnectivityIntentFilter, + Context.RECEIVER_EXPORTED/*UNAUDITED*/); mReceiverRegistered = true; } } diff --git a/src/com/android/messaging/BugleApplication.java b/src/com/android/messaging/BugleApplication.java index 0ef8d91..36f062b 100644 --- a/src/com/android/messaging/BugleApplication.java +++ b/src/com/android/messaging/BugleApplication.java @@ -132,7 +132,8 @@ public class BugleApplication extends Application implements UncaughtExceptionHa LogUtil.i(TAG, "Carrier config changed. Reloading MMS config."); MmsConfig.loadAsync(); } - }, new IntentFilter(CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED)); + }, new IntentFilter(CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED), + Context.RECEIVER_EXPORTED/*UNAUDITED*/); } private static void initMmsLib(final Context context, final BugleGservices bugleGservices, diff --git a/src/com/android/messaging/ui/conversation/LaunchConversationActivity.java b/src/com/android/messaging/ui/conversation/LaunchConversationActivity.java index 5500ae8..c869839 100644 --- a/src/com/android/messaging/ui/conversation/LaunchConversationActivity.java +++ b/src/com/android/messaging/ui/conversation/LaunchConversationActivity.java @@ -37,6 +37,8 @@ import com.android.messaging.util.UriUtil; import java.io.UnsupportedEncodingException; import java.net.URLDecoder; +import java.util.ArrayList; +import java.util.List; /** * Launches ConversationActivity for sending a message to, or viewing messages from, a specific @@ -46,6 +48,7 @@ import java.net.URLDecoder; */ public class LaunchConversationActivity extends Activity implements LaunchConversationData.LaunchConversationDataListener { + private static final int MAX_RECIPIENT_LENGTH = 100; static final String SMS_BODY = "sms_body"; static final String ADDRESS = "address"; final Binding<LaunchConversationData> mBinding = BindingBase.createBinding(this); @@ -76,6 +79,9 @@ public class LaunchConversationActivity extends Activity implements recipients = new String[] { intent.getStringExtra(Intent.EXTRA_EMAIL) }; } } + if (recipients != null) { + recipients = trimInvalidRecipients(recipients); + } mSmsBody = intent.getStringExtra(SMS_BODY); if (TextUtils.isEmpty(mSmsBody)) { // Used by intents sent from the web YouTube (and perhaps others). @@ -103,6 +109,20 @@ public class LaunchConversationActivity extends Activity implements finish(); } + private String[] trimInvalidRecipients(String[] recipients) { + List<String> trimmedRecipients = new ArrayList<>(); + for (String recipient : recipients) { + if (recipient.length() < MAX_RECIPIENT_LENGTH) { + trimmedRecipients.add(recipient); + } + } + if (trimmedRecipients.size() > 0) { + return trimmedRecipients.toArray(new String[0]); + } else { + return null; + } + } + private String getBody(final Uri uri) { if (uri == null) { return null; diff --git a/src/com/android/messaging/util/FileUtil.java b/src/com/android/messaging/util/FileUtil.java index 71fbb4b..e7d86f2 100644 --- a/src/com/android/messaging/util/FileUtil.java +++ b/src/com/android/messaging/util/FileUtil.java @@ -20,6 +20,7 @@ import android.content.ContentResolver; import android.content.Context; import android.net.Uri; import android.os.Environment; +import android.os.ParcelFileDescriptor; import android.text.TextUtils; import com.android.messaging.Factory; @@ -28,6 +29,8 @@ import com.google.common.io.Files; import java.io.File; import java.io.IOException; +import java.nio.file.Path; +import java.nio.file.Paths; import java.text.SimpleDateFormat; import java.util.Date; import java.util.Locale; @@ -121,6 +124,10 @@ public class FileUtil { // We're told it's possible to create world readable hardlinks to other apps private data // so we ban all /data file uris. public static boolean isInPrivateDir(Uri uri) { + return isFileUriInPrivateDir(uri) || isContentUriInPrivateDir(uri); + } + + private static boolean isFileUriInPrivateDir(Uri uri) { if (!UriUtil.isFileUri(uri)) { return false; } @@ -128,6 +135,24 @@ public class FileUtil { return FileUtil.isSameOrSubDirectory(Environment.getDataDirectory(), file); } + private static boolean isContentUriInPrivateDir(Uri uri) { + if (!uri.getScheme().equals(ContentResolver.SCHEME_CONTENT)) { + return false; + } + try { + Context context = Factory.get().getApplicationContext(); + ParcelFileDescriptor pfd = context.getContentResolver().openFileDescriptor(uri, "r"); + int fd = pfd.getFd(); + // Use the file descriptor to find out the read file path through symbolic link. + Path fdPath = Paths.get("/proc/self/fd/" + fd); + Path filePath = java.nio.file.Files.readSymbolicLink(fdPath); + pfd.close(); + return FileUtil.isSameOrSubDirectory(Environment.getDataDirectory(), filePath.toFile()); + } catch (Exception e) { + return false; + } + } + /** * Checks, whether the child directory is the same as, or a sub-directory of the base * directory. |