mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-23 14:39:24 -05:00
Picks
Signed-off-by: Tavi <tavi@divested.dev>
This commit is contained in:
parent
b9216efdb3
commit
c6299eef89
148
Patches/LineageOS-14.1/android_frameworks_base/400926.patch
Normal file
148
Patches/LineageOS-14.1/android_frameworks_base/400926.patch
Normal file
@ -0,0 +1,148 @@
|
||||
From 973d345da476bc0b9ce7618625dac9184d6d001e Mon Sep 17 00:00:00 2001
|
||||
From: Kiran Ramachandra <kiranmr@google.com>
|
||||
Date: Thu, 30 May 2024 21:21:12 +0000
|
||||
Subject: [PATCH] DO NOT MERGE Ignore - Sanitized uri scheme by removing scheme
|
||||
delimiter
|
||||
|
||||
Initially considered removing unsupported characters as per IANA guidelines, but this could break applications that use custom schemes with asterisks. Instead, opted to remove only the "://" to minimize disruption
|
||||
|
||||
Bug: 261721900
|
||||
Test: atest FrameworksCoreTests:android.net.UriTest
|
||||
|
||||
No-Typo-Check: The unit test is specifically written to test few cases, string "http://https://" is not a typo
|
||||
|
||||
NOTE FOR REVIEWERS - original patch and result patch are not identical.
|
||||
PLEASE REVIEW CAREFULLY.
|
||||
Diffs between the patches:
|
||||
@AsbSecurityTest(cveBugId = 261721900)
|
||||
> + @SmallTest
|
||||
> + public void testSchemeSanitization() {
|
||||
> + Uri uri = new Uri.Builder()
|
||||
> + .scheme("http://https://evil.com:/te:st/")
|
||||
> + .authority("google.com").path("one/way").build();
|
||||
> + assertEquals("httphttpsevil.com:/te:st/", uri.getScheme());
|
||||
> + assertEquals("httphttpsevil.com:/te:st/://google.com/one/way", uri.toString());
|
||||
> + }
|
||||
> +
|
||||
|
||||
Original patch:
|
||||
diff --git a/core/java/android/net/Uri.java b/core/java/android/net/Uri.java
|
||||
old mode 100644
|
||||
new mode 100644
|
||||
|
||||
Change-Id: I3c78085473351b6f424ced5e6365d5ced05ee689
|
||||
--- a/core/java/android/net/Uri.java
|
||||
+++ b/core/java/android/net/Uri.java
|
||||
@@ -1388,7 +1388,11 @@
|
||||
* @param scheme name or {@code null} if this is a relative Uri
|
||||
*/
|
||||
public Builder scheme(String scheme) {
|
||||
- this.scheme = scheme;
|
||||
+ if (scheme != null) {
|
||||
+ this.scheme = scheme.replace("://", "");
|
||||
+ } else {
|
||||
+ this.scheme = null;
|
||||
+ }
|
||||
return this;
|
||||
}
|
||||
|
||||
diff --git a/core/tests/coretests/src/android/net/UriTest.java b/core/tests/coretests/src/android/net/UriTest.java
|
||||
old mode 100644
|
||||
new mode 100644
|
||||
--- a/core/tests/coretests/src/android/net/UriTest.java
|
||||
+++ b/core/tests/coretests/src/android/net/UriTest.java
|
||||
@@ -87,6 +87,16 @@
|
||||
assertNull(u.getAuthority());
|
||||
assertNull(u.getHost());
|
||||
}
|
||||
+
|
||||
+ @AsbSecurityTest(cveBugId = 261721900)
|
||||
+ @SmallTest
|
||||
+ public void testSc
|
||||
[[[Original patch trimmed due to size. Decoded string size: 1426. Decoded string SHA1: 55d69e9f854938457b2d98b18776898b16c2dd54.]]]
|
||||
|
||||
Result patch:
|
||||
diff --git a/core/java/android/net/Uri.java b/core/java/android/net/Uri.java
|
||||
index 3da696a..f0262e9 100644
|
||||
--- a/core/java/android/net/Uri.java
|
||||
+++ b/core/java/android/net/Uri.java
|
||||
@@ -1388,7 +1388,11 @@
|
||||
* @param scheme name or {@code null} if this is a relative Uri
|
||||
*/
|
||||
public Builder scheme(String scheme) {
|
||||
- this.scheme = scheme;
|
||||
+ if (scheme != null) {
|
||||
+ this.scheme = scheme.replace("://", "");
|
||||
+ } else {
|
||||
+ this.scheme = null;
|
||||
+ }
|
||||
return this;
|
||||
}
|
||||
|
||||
diff --git a/core/tests/coretests/src/android/net/UriTest.java b/core/tests/coretests/src/android/net/UriTest.java
|
||||
index 89632a4..8c130ee 100644
|
||||
--- a/core/tests/coretests/src/android/net/UriTest.java
|
||||
+++ b/core/tests/coretests/src/android/net/UriTest.java
|
||||
@@ -88,6 +88,16 @@
|
||||
assertNull(u.getHost());
|
||||
}
|
||||
|
||||
+ @AsbSecurityTest(cveBugId = 261721900)
|
||||
+ @SmallTest
|
||||
+ public void testSchemeSanitization() {
|
||||
+ Uri uri = new
|
||||
[[[Result patch trimmed due to size. Decoded string size: 1417. Decoded string SHA1: f9ce831a369872ae9bfd9f50f01dd394682e0f3f.]]]
|
||||
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:557941ca0cf59da66db4fad12c2139ce80922f4a)
|
||||
Merged-In: Icab100bd4ae9b1c8245e6f891ad22101bda5eea5
|
||||
Change-Id: Icab100bd4ae9b1c8245e6f891ad22101bda5eea5
|
||||
---
|
||||
core/java/android/net/Uri.java | 6 +++++-
|
||||
core/tests/coretests/src/android/net/UriTest.java | 11 +++++++++++
|
||||
2 files changed, 16 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/core/java/android/net/Uri.java b/core/java/android/net/Uri.java
|
||||
index 6c069be07e3ec..9b7153ba7076e 100644
|
||||
--- a/core/java/android/net/Uri.java
|
||||
+++ b/core/java/android/net/Uri.java
|
||||
@@ -1347,7 +1347,11 @@ public Builder() {}
|
||||
* @param scheme name or {@code null} if this is a relative Uri
|
||||
*/
|
||||
public Builder scheme(String scheme) {
|
||||
- this.scheme = scheme;
|
||||
+ if (scheme != null) {
|
||||
+ this.scheme = scheme.replace("://", "");
|
||||
+ } else {
|
||||
+ this.scheme = null;
|
||||
+ }
|
||||
return this;
|
||||
}
|
||||
|
||||
diff --git a/core/tests/coretests/src/android/net/UriTest.java b/core/tests/coretests/src/android/net/UriTest.java
|
||||
index ea0347d67ad74..6c9fdd5a83a78 100644
|
||||
--- a/core/tests/coretests/src/android/net/UriTest.java
|
||||
+++ b/core/tests/coretests/src/android/net/UriTest.java
|
||||
@@ -18,6 +18,7 @@
|
||||
|
||||
import android.content.ContentUris;
|
||||
import android.os.Parcel;
|
||||
+import android.platform.test.annotations.AsbSecurityTest;
|
||||
import android.test.suitebuilder.annotation.SmallTest;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
@@ -83,6 +84,16 @@ public void testBuildUponOpaqueStringUri() {
|
||||
assertNull(u.getHost());
|
||||
}
|
||||
|
||||
+ @AsbSecurityTest(cveBugId = 261721900)
|
||||
+ @SmallTest
|
||||
+ public void testSchemeSanitization() {
|
||||
+ Uri uri = new Uri.Builder()
|
||||
+ .scheme("http://https://evil.com:/te:st/")
|
||||
+ .authority("google.com").path("one/way").build();
|
||||
+ assertEquals("httphttpsevil.com:/te:st/", uri.getScheme());
|
||||
+ assertEquals("httphttpsevil.com:/te:st/://google.com/one/way", uri.toString());
|
||||
+ }
|
||||
+
|
||||
@SmallTest
|
||||
public void testStringUri() {
|
||||
assertEquals("bob lee",
|
@ -0,0 +1,28 @@
|
||||
From 16cf36cd7d7beb9d108da511da90ab4b404ea7bb Mon Sep 17 00:00:00 2001
|
||||
From: Chaohui Wang <chaohuiw@google.com>
|
||||
Date: Thu, 2 Nov 2023 11:43:00 +0800
|
||||
Subject: [PATCH] Limit wifi item edit content's max length to 500
|
||||
|
||||
Bug: 293199910
|
||||
Test: manual - on "Add network"
|
||||
|
||||
(cherry picked from commit 855053ca4124f2d515b21c469096f8c18bd4829d)
|
||||
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:092668676af741719d50ac0f121a8f8461aa21ad)
|
||||
Merged-In: I303b8c6e0f3c3a1174a047ba98f302042e5db9ae
|
||||
Change-Id: I303b8c6e0f3c3a1174a047ba98f302042e5db9ae
|
||||
---
|
||||
res/values/styles.xml | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/res/values/styles.xml b/res/values/styles.xml
|
||||
index 11e4afb6dc4..723d505618b 100644
|
||||
--- a/res/values/styles.xml
|
||||
+++ b/res/values/styles.xml
|
||||
@@ -244,6 +244,7 @@
|
||||
<item name="android:paddingStart">4dip</item>
|
||||
<item name="android:layout_marginStart">4dip</item>
|
||||
<item name="android:textSize">18sp</item>
|
||||
+ <item name="android:maxLength">500</item>
|
||||
</style>
|
||||
|
||||
<style name="wifi_section">
|
@ -82,7 +82,7 @@ sed -i '50i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aap
|
||||
sed -i '296iLOCAL_AAPT_FLAGS += --auto-add-overlay' core/package_internal.mk;
|
||||
awk -i inplace '!/Email/' target/product/core.mk; #Remove Email
|
||||
awk -i inplace '!/Exchange2/' target/product/core.mk;
|
||||
sed -i 's/2021-06-05/2024-08-05/' core/version_defaults.mk; #Bump Security String #n-asb-2024-08 #XXX
|
||||
sed -i 's/2021-06-05/2024-09-05/' core/version_defaults.mk; #Bump Security String #n-asb-2024-09 #XXX
|
||||
fi;
|
||||
|
||||
if enterAndClear "device/qcom/sepolicy"; then
|
||||
@ -292,6 +292,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/393648.patch"; #n-asb-2024-06 C
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/393649.patch"; #n-asb-2024-06 AccessibilityManagerService: remove uninstalled services from enabled list after service update.
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/396611.patch"; #n-asb-2024-07 Verify UID of incoming Zygote connections.
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/399269.patch"; #n-asb-2024-08 Restrict USB poups while setup is in progress
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/400926.patch"; #n-asb-2024-09 Sanitized uri scheme by removing scheme delimiter
|
||||
git revert --no-edit 0326bb5e41219cf502727c3aa44ebf2daa19a5b3; #Re-enable doze on devices without gms
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/248599.patch"; #Make SET_TIME_ZONE permission match SET_TIME (AOSP)
|
||||
applyPatch "$DOS_PATCHES/android_frameworks_base/0001-Reduced_Resolution.patch"; #Allow reducing resolution to save power TODO: Add 800x480 (DivestOS)
|
||||
@ -468,6 +469,7 @@ applyPatch "$DOS_PATCHES/android_packages_apps_Settings/334875.patch"; #n-asb-20
|
||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/345679.patch"; #n-asb-2022-12 Add FLAG_SECURE for ChooseLockPassword and Pattern
|
||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/358738.patch"; #n-asb-2023-06 Convert argument to intent in AddAccountSettings.
|
||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/367639.patch"; #n-asb-2023-10 Restrict ApnEditor settings
|
||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/400927.patch"; #n-asb-2024-09 Limit wifi item edit content's max length to 500
|
||||
git revert --no-edit 2ebe6058c546194a301c1fd22963d6be4adbf961; #Don't hide OEM unlock
|
||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/201113.patch"; #wifi: Add world regulatory domain country code (syphyr)
|
||||
applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969)
|
||||
|
@ -162,7 +162,8 @@ patchWorkspaceReal() {
|
||||
verifyAllPlatformTags;
|
||||
gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
|
||||
|
||||
#source build/envsetup.sh;
|
||||
source build/envsetup.sh;
|
||||
repopick -it T_asb_2024-09;
|
||||
|
||||
sh "$DOS_SCRIPTS/Patch.sh";
|
||||
sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";
|
||||
|
Loading…
Reference in New Issue
Block a user