Security fix: as part of enforcing read privilege permission to check package

privileges in TelephonyManager, clear calling identity to ensure current functionalities work Bug: 180938364 Test: cts Change-Id: I722ca5cdde260bccd73fdfd0bf6447c2cd7beff9
author: Nazanin <nazaninb@google.com> 2021-04-06 11:32:14 -0700
committer: Nazanin Bakhshi <nazaninb@google.com> 2021-04-20 15:46:48 +0000
commit: 3363c4a75c7b489628d4e874f53aa5d647bea9d2 (patch)
tree: 5812263bf051354a2a8777db407a469c9e86a6ef /src
parent: bc27940a7f956599c250a248448484a505601e0e (diff)
download: ContactsProvider-3363c4a75c7b489628d4e874f53aa5d647bea9d2.tar.gz
1 files changed, 7 insertions, 2 deletions
diff --git a/src/com/android/providers/contacts/VoicemailPermissions.java b/src/com/android/providers/contacts/VoicemailPermissions.java
index 58e7a146..b38f7f58 100644
--- a/src/com/android/providers/contacts/VoicemailPermissions.java
+++ b/src/com/android/providers/contacts/VoicemailPermissions.java
@@ -151,7 +151,12 @@ public class VoicemailPermissions {
     }
 
     private static boolean packageHasCarrierPrivileges(TelephonyManager tm, String packageName) {
-        return tm.checkCarrierPrivilegesForPackageAnyPhone(packageName)
-                == TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS;
+        final long token = Binder.clearCallingIdentity();
+        try {
+            return tm.checkCarrierPrivilegesForPackageAnyPhone(packageName)
+                    == TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS;
+        } finally {
+            Binder.restoreCallingIdentity(token);
+        }
     }
 }
author	Nazanin <nazaninb@google.com>	2021-04-06 11:32:14 -0700
committer	Nazanin Bakhshi <nazaninb@google.com>	2021-04-20 15:46:48 +0000
commit	3363c4a75c7b489628d4e874f53aa5d647bea9d2 (patch)
tree	5812263bf051354a2a8777db407a469c9e86a6ef /src
parent	bc27940a7f956599c250a248448484a505601e0e (diff)
download	ContactsProvider-3363c4a75c7b489628d4e874f53aa5d647bea9d2.tar.gz