DivestOS/Patches/LineageOS-11.0/android_packages_apps_Email/253862.patch

From f291cb8c6b1e0c8554f4407e9b1e9be27e74058e Mon Sep 17 00:00:00 2001
From: Raman Tenneti <rtenneti@google.com>
Date: Mon, 13 May 2019 13:29:40 -0700
Subject: [PATCH] AOSP/Email - bug fix: do not allow composing message with
 hidden private data attachments.

Ported/merged thefollowing from CL
  https://critique.corp.google.com/#review/247540041

original file:
  java/com/google/android/apps/gmail/unifiedgmail/src/com/google/android/gm/ComposeActivityGmailExternal.java

aosp's version:
  src/com/android/email/activity/ComposeActivityEmailExternal.java

Change description from the above CL:
  "Switch intent filtering to be whitelist based rather than blacklist based.

   ComposeActivityGmailExternal should whitelist what extras we allow in.
   This is a very belated follow up to cl/235253805 where I wrote a quick fix
   as a blacklist based solution."

Bug: 127320867

Test: manual - Ran the following tests on Pixel phone. Tested the email UI.

$ make -j 40
  -rw-r--r-- 1 rtenneti primarygroup 6375626 May  5 19:49 out/target/product/marlin/system/product/app/Email/Email.apk

$ make UnifiedEmailTests -j
  -rw-r--r-- 1 rtenneti primarygroup 311703 May  5 20:04 out/target/product/marlin/testcases/UnifiedEmailTests/arm64/UnifiedEmailTests.apk

$ make EmailTests -j
  -rw-r--r-- 1 rtenneti primarygroup 365023 May 13 14:39 out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk

$ adb install -r out/target/product/marlin/system/product/app/Email/Email.apk
$ adb install -r out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb install -r out/target/product/marlin/testcases/UnifiedEmailTests/arm64/UnifiedEmailTests.apk

$ adb shell am instrument -w com.android.mail.emailtests
  Time: 3.519
  OK (157 tests)

Change-Id: I5f6541ceb79a1a1c598d0c8207e3cab98d1a8ac5
Merged-In: I5f6541ceb79a1a1c598d0c8207e3cab98d1a8ac5
(cherry picked from commit e81f6f92bbdd43f34aa25fc2b7605aeb887af2cc)
---
 .../ComposeActivityEmailExternal.java         | 36 +++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/src/com/android/email/activity/ComposeActivityEmailExternal.java b/src/com/android/email/activity/ComposeActivityEmailExternal.java
index 455193bea..a5cbe9d3a 100644
--- a/src/com/android/email/activity/ComposeActivityEmailExternal.java
+++ b/src/com/android/email/activity/ComposeActivityEmailExternal.java
@@ -16,11 +16,21 @@
 
 package com.android.email.activity;
 
+import android.content.Intent;
+import android.os.Bundle;
+import com.android.mail.compose.ComposeActivity;
+
 /**
  * A subclass of {@link ComposeActivityEmail} which is exported for other Android packages to open.
  */
 public class ComposeActivityEmailExternal extends ComposeActivityEmail {
 
+  @Override
+  protected void onCreate(Bundle savedInstanceState) {
+    sanitizeIntent();
+    super.onCreate(savedInstanceState);
+  }
+
   /**
    * Only relevant when WebView Compose is enabled. Change this when WebView
    * Compose is enabled for Email.
@@ -29,4 +39,30 @@
   public boolean isExternal() {
       return false;
   }
+
+  /**
+   * Overrides the value of {@code #getIntent()} so any future callers will get a sanitized version
+   * of the intent.
+   */
+  // See b/114493057 for context.
+  private void sanitizeIntent() {
+    Intent sanitizedIntent = getIntent();
+    if (sanitizedIntent != null) {
+      Bundle originalExtras = sanitizedIntent.getExtras();
+      sanitizedIntent.replaceExtras(new Bundle());
+      copyStringExtraIfExists(ComposeActivity.EXTRA_SUBJECT, originalExtras, sanitizedIntent);
+      copyStringExtraIfExists(ComposeActivity.EXTRA_TO, originalExtras, sanitizedIntent);
+      copyStringExtraIfExists(ComposeActivity.EXTRA_CC, originalExtras, sanitizedIntent);
+      copyStringExtraIfExists(ComposeActivity.EXTRA_BCC, originalExtras, sanitizedIntent);
+      copyStringExtraIfExists(ComposeActivity.EXTRA_BODY, originalExtras, sanitizedIntent);
+      setIntent(sanitizedIntent);
+    }
+  }
+
+  private void copyStringExtraIfExists(
+      String extraKey, Bundle originalExtras, Intent sanitizedIntent) {
+    if (originalExtras.containsKey(extraKey)) {
+      sanitizedIntent.putExtra(extraKey, originalExtras.getString(extraKey));
+    }
+  }
 }
Move many old cherry picks in tree for archival/support purposes 2021-02-05 19:23:12 -05:00			`From f291cb8c6b1e0c8554f4407e9b1e9be27e74058e Mon Sep 17 00:00:00 2001`
			`From: Raman Tenneti <rtenneti@google.com>`
			`Date: Mon, 13 May 2019 13:29:40 -0700`
			`Subject: [PATCH] AOSP/Email - bug fix: do not allow composing message with`
			`hidden private data attachments.`

			`Ported/merged thefollowing from CL`
			`https://critique.corp.google.com/#review/247540041`

			`original file:`
			`java/com/google/android/apps/gmail/unifiedgmail/src/com/google/android/gm/ComposeActivityGmailExternal.java`

			`aosp's version:`
			`src/com/android/email/activity/ComposeActivityEmailExternal.java`

			`Change description from the above CL:`
			`"Switch intent filtering to be whitelist based rather than blacklist based.`

			`ComposeActivityGmailExternal should whitelist what extras we allow in.`
			`This is a very belated follow up to cl/235253805 where I wrote a quick fix`
			`as a blacklist based solution."`

			`Bug: 127320867`

			`Test: manual - Ran the following tests on Pixel phone. Tested the email UI.`

			`$ make -j 40`
			`-rw-r--r-- 1 rtenneti primarygroup 6375626 May 5 19:49 out/target/product/marlin/system/product/app/Email/Email.apk`

			`$ make UnifiedEmailTests -j`
			`-rw-r--r-- 1 rtenneti primarygroup 311703 May 5 20:04 out/target/product/marlin/testcases/UnifiedEmailTests/arm64/UnifiedEmailTests.apk`

			`$ make EmailTests -j`
			`-rw-r--r-- 1 rtenneti primarygroup 365023 May 13 14:39 out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk`

			`$ adb install -r out/target/product/marlin/system/product/app/Email/Email.apk`
			`$ adb install -r out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk`
			`$ adb install -r out/target/product/marlin/testcases/UnifiedEmailTests/arm64/UnifiedEmailTests.apk`

			`$ adb shell am instrument -w com.android.mail.emailtests`
			`Time: 3.519`
			`OK (157 tests)`

			`Change-Id: I5f6541ceb79a1a1c598d0c8207e3cab98d1a8ac5`
			`Merged-In: I5f6541ceb79a1a1c598d0c8207e3cab98d1a8ac5`
			`(cherry picked from commit e81f6f92bbdd43f34aa25fc2b7605aeb887af2cc)`
			`---`
			`.../ComposeActivityEmailExternal.java \| 36 +++++++++++++++++++`
			`1 file changed, 36 insertions(+)`

			`diff --git a/src/com/android/email/activity/ComposeActivityEmailExternal.java b/src/com/android/email/activity/ComposeActivityEmailExternal.java`
			`index 455193bea..a5cbe9d3a 100644`
			`--- a/src/com/android/email/activity/ComposeActivityEmailExternal.java`
			`+++ b/src/com/android/email/activity/ComposeActivityEmailExternal.java`
			`@@ -16,11 +16,21 @@`

			`package com.android.email.activity;`

			`+import android.content.Intent;`
			`+import android.os.Bundle;`
			`+import com.android.mail.compose.ComposeActivity;`
			`+`
			`/**`
			`* A subclass of {@link ComposeActivityEmail} which is exported for other Android packages to open.`
			`*/`
			`public class ComposeActivityEmailExternal extends ComposeActivityEmail {`

			`+ @Override`
			`+ protected void onCreate(Bundle savedInstanceState) {`
			`+ sanitizeIntent();`
			`+ super.onCreate(savedInstanceState);`
			`+ }`
			`+`
			`/**`
			`* Only relevant when WebView Compose is enabled. Change this when WebView`
			`* Compose is enabled for Email.`
			`@@ -29,4 +39,30 @@`
			`public boolean isExternal() {`
			`return false;`
			`}`
			`+`
			`+ /**`
			`+ * Overrides the value of {@code #getIntent()} so any future callers will get a sanitized version`
			`+ * of the intent.`
			`+ */`
			`+ // See b/114493057 for context.`
			`+ private void sanitizeIntent() {`
			`+ Intent sanitizedIntent = getIntent();`
			`+ if (sanitizedIntent != null) {`
			`+ Bundle originalExtras = sanitizedIntent.getExtras();`
			`+ sanitizedIntent.replaceExtras(new Bundle());`
			`+ copyStringExtraIfExists(ComposeActivity.EXTRA_SUBJECT, originalExtras, sanitizedIntent);`
			`+ copyStringExtraIfExists(ComposeActivity.EXTRA_TO, originalExtras, sanitizedIntent);`
			`+ copyStringExtraIfExists(ComposeActivity.EXTRA_CC, originalExtras, sanitizedIntent);`
			`+ copyStringExtraIfExists(ComposeActivity.EXTRA_BCC, originalExtras, sanitizedIntent);`
			`+ copyStringExtraIfExists(ComposeActivity.EXTRA_BODY, originalExtras, sanitizedIntent);`
			`+ setIntent(sanitizedIntent);`
			`+ }`
			`+ }`
			`+`
			`+ private void copyStringExtraIfExists(`
			`+ String extraKey, Bundle originalExtras, Intent sanitizedIntent) {`
			`+ if (originalExtras.containsKey(extraKey)) {`
			`+ sanitizedIntent.putExtra(extraKey, originalExtras.getString(extraKey));`
			`+ }`
			`+ }`
			`}`