2024-10-16 20:47:28 -04:00
|
|
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
2024-09-15 15:44:43 -04:00
|
|
|
From: Chris Antol <cantol@google.com>
|
|
|
|
Date: Tue, 4 Jun 2024 17:00:46 +0000
|
|
|
|
Subject: [PATCH] Ignore fragment attr from ext authenticator resource
|
|
|
|
|
|
|
|
Bug: 341886134
|
|
|
|
Test: Unit Test
|
|
|
|
Test: Manual - see ticket for steps
|
|
|
|
Flag: EXEMPT <security>
|
|
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:2cb9b10ed97b1b9b29661115789605a762f3c2ef)
|
|
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:7e0b376b11318e1e79b31bac6aafc0c923868bc4)
|
|
|
|
Merged-In: Id91c2b3b6d16ba3702ee2cd6723365a4db52863b
|
|
|
|
Change-Id: Id91c2b3b6d16ba3702ee2cd6723365a4db52863b
|
|
|
|
---
|
|
|
|
.../accounts/AccountTypePreferenceLoader.java | 56 +++++++++++++++++++
|
|
|
|
1 file changed, 56 insertions(+)
|
|
|
|
|
|
|
|
diff --git a/src/com/android/settings/accounts/AccountTypePreferenceLoader.java b/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
|
|
|
|
index 3914fac39b4..ce3d61d4dfa 100644
|
|
|
|
--- a/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
|
|
|
|
+++ b/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
|
2024-10-16 20:47:28 -04:00
|
|
|
@@ -37,6 +37,11 @@ import android.support.v7.preference.PreferenceScreen;
|
2024-09-15 15:44:43 -04:00
|
|
|
import android.text.TextUtils;
|
|
|
|
import android.util.Log;
|
|
|
|
|
|
|
|
+import android.support.annotation.NonNull;
|
|
|
|
+import android.support.annotation.Nullable;
|
|
|
|
+import android.support.annotation.VisibleForTesting;
|
|
|
|
+import android.util.ArraySet;
|
|
|
|
+
|
|
|
|
import com.android.settings.R;
|
|
|
|
import com.android.settings.core.SubSettingLauncher;
|
|
|
|
import com.android.settings.location.LocationSettings;
|
2024-10-16 20:47:28 -04:00
|
|
|
@@ -44,6 +49,8 @@ import com.android.settings.utils.LocalClassLoaderContextThemeWrapper;
|
2024-09-15 15:44:43 -04:00
|
|
|
import com.android.settingslib.accounts.AuthenticatorHelper;
|
|
|
|
import com.android.settingslib.core.instrumentation.Instrumentable;
|
|
|
|
|
|
|
|
+import java.util.Set;
|
|
|
|
+
|
|
|
|
/**
|
|
|
|
* Class to load the preference screen to be added to the settings page for the specific account
|
|
|
|
* type as specified in the account-authenticator.
|
2024-10-16 20:47:28 -04:00
|
|
|
@@ -82,6 +89,7 @@ public class AccountTypePreferenceLoader {
|
2024-09-15 15:44:43 -04:00
|
|
|
try {
|
|
|
|
desc = mAuthenticatorHelper.getAccountTypeDescription(accountType);
|
|
|
|
if (desc != null && desc.accountPreferencesId != 0) {
|
|
|
|
+ Set<String> fragmentAllowList = generateFragmentAllowlist(parent);
|
|
|
|
// Load the context of the target package, then apply the
|
|
|
|
// base Settings theme (no references to local resources)
|
|
|
|
// and create a context theme wrapper so that we get the
|
2024-10-16 20:47:28 -04:00
|
|
|
@@ -97,6 +105,12 @@ public class AccountTypePreferenceLoader {
|
2024-09-15 15:44:43 -04:00
|
|
|
themedCtx.getTheme().setTo(baseTheme);
|
|
|
|
prefs = mFragment.getPreferenceManager().inflateFromResource(themedCtx,
|
|
|
|
desc.accountPreferencesId, parent);
|
|
|
|
+ // Ignore Fragments provided dynamically, as these are coming from external
|
|
|
|
+ // applications which must not have access to internal Settings' fragments.
|
|
|
|
+ // These preferences are rendered into Settings, so they also won't have access
|
|
|
|
+ // to their own Fragments, meaning there is no acceptable usage of
|
|
|
|
+ // android:fragment here.
|
|
|
|
+ filterBlockedFragments(prefs, fragmentAllowList);
|
|
|
|
}
|
|
|
|
} catch (PackageManager.NameNotFoundException e) {
|
|
|
|
Log.w(TAG, "Couldn't load preferences.xml file from " + desc.packageName);
|
2024-10-16 20:47:28 -04:00
|
|
|
@@ -181,6 +195,48 @@ public class AccountTypePreferenceLoader {
|
2024-09-15 15:44:43 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
+ // Build allowlist from existing Fragments in PreferenceGroup
|
|
|
|
+ @VisibleForTesting
|
|
|
|
+ Set<String> generateFragmentAllowlist(@Nullable PreferenceGroup prefs) {
|
|
|
|
+ Set<String> fragmentAllowList = new ArraySet<>();
|
|
|
|
+ if (prefs == null) {
|
|
|
|
+ return fragmentAllowList;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ for (int i = 0; i < prefs.getPreferenceCount(); i++) {
|
|
|
|
+ Preference pref = prefs.getPreference(i);
|
|
|
|
+ if (pref instanceof PreferenceGroup) {
|
|
|
|
+ fragmentAllowList.addAll(generateFragmentAllowlist((PreferenceGroup) pref));
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ String fragmentName = pref.getFragment();
|
|
|
|
+ if (!TextUtils.isEmpty(fragmentName)) {
|
|
|
|
+ fragmentAllowList.add(fragmentName);
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+ return fragmentAllowList;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ // Block clicks on any Preference with android:fragment that is not contained in the allowlist
|
|
|
|
+ @VisibleForTesting
|
|
|
|
+ void filterBlockedFragments(@Nullable PreferenceGroup prefs,
|
|
|
|
+ @NonNull Set<String> allowedFragments) {
|
|
|
|
+ if (prefs == null) {
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+ for (int i = 0; i < prefs.getPreferenceCount(); i++) {
|
|
|
|
+ Preference pref = prefs.getPreference(i);
|
|
|
|
+ if (pref instanceof PreferenceGroup) {
|
|
|
|
+ filterBlockedFragments((PreferenceGroup) pref, allowedFragments);
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ String fragmentName = pref.getFragment();
|
|
|
|
+ if (fragmentName != null && !allowedFragments.contains(fragmentName)) {
|
|
|
|
+ pref.setOnPreferenceClickListener(preference -> true);
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
/**
|
|
|
|
* Determines if the supplied Intent is safe. A safe intent is one that is
|
|
|
|
* will launch a exported=true activity or owned by the same uid as the
|