summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTreeHugger Robot <treehugger-gerrit@google.com>2022-05-05 18:22:03 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>2022-05-05 18:22:03 +0000
commit53337a76c8b5854ba61c11080abf36720f4a851f (patch)
treec35786a313ea3f016745ee2cb8ac9548240d722f
parent60a37d1b3976918b08de2d1d94584e2516e188aa (diff)
parent18d426feae6479851c921d5cfe74ee04120307a2 (diff)
downloadTvSettings-53337a76c8b5854ba61c11080abf36720f4a851f.tar.gz
Merge "[PATCH]Fix bypass CALL_PRIVILEGED permission in AppRestrictionsFragment" into tm-dev
Diffstat
-rw-r--r--Settings/src/com/android/tv/settings/users/AppRestrictionsFragment.java23
1 files changed, 16 insertions, 7 deletions
diff --git a/Settings/src/com/android/tv/settings/users/AppRestrictionsFragment.java b/Settings/src/com/android/tv/settings/users/AppRestrictionsFragment.java
index 5aa891de1..fb3556a3d 100644
--- a/Settings/src/com/android/tv/settings/users/AppRestrictionsFragment.java
+++ b/Settings/src/com/android/tv/settings/users/AppRestrictionsFragment.java
@@ -41,6 +41,7 @@ import android.os.Bundle;
import android.os.RemoteException;
import android.os.UserHandle;
import android.os.UserManager;
+import android.util.EventLog;
import android.text.TextUtils;
import android.util.Log;
import android.view.View;
@@ -558,14 +559,14 @@ public class AppRestrictionsFragment extends SettingsPreferenceFragment implemen
if (intent.getPackage() != null && intent.getPackage().equals(packageName)) {
return;
}
- // Activity can be started if intent resolves to multiple activities
- List<ResolveInfo> resolveInfos = AppRestrictionsFragment.this.mPackageManager
- .queryIntentActivities(intent, 0 /* no flags */);
- if (resolveInfos.size() != 1) {
- return;
+ ResolveInfo resolveInfo = mPackageManager.resolveActivity(
+ intent, PackageManager.MATCH_DEFAULT_ONLY);
+
+ if (resolveInfo == null) {
+ throw new ActivityNotFoundException("No result for resolving " + intent);
}
// Prevent potential privilege escalation
- ActivityInfo activityInfo = resolveInfos.get(0).activityInfo;
+ ActivityInfo activityInfo = resolveInfo.activityInfo;
if (!packageName.equals(activityInfo.packageName)) {
throw new SecurityException("Application " + packageName
+ " is not allowed to start activity " + intent);
@@ -595,8 +596,16 @@ public class AppRestrictionsFragment extends SettingsPreferenceFragment implemen
}
return true;
} else if (preference.getIntent() != null) {
- assertSafeToStartCustomActivity(preference.getIntent(),
+
+ try {
+ assertSafeToStartCustomActivity(preference.getIntent(),
getPackageFromKey(preference.getKey()));
+ } catch (ActivityNotFoundException | SecurityException e) {
+ // return without startActivity
+ Log.e(TAG, "Cannot start restrictionsIntent " + e);
+ EventLog.writeEvent(0x534e4554, "200688991", -1 /* UID */, "");
+ return true;
+ }
try {
startActivityForResult(preference.getIntent(),
generateCustomActivityRequestCode(preference));
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 22:01:00 +0000