mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-06-26 14:42:13 +00:00
082bc48c32
https://review.lineageos.org/q/topic:P_asb_2022-05 https://review.lineageos.org/q/topic:P_asb_2022-06 https://review.lineageos.org/q/topic:P_asb_2022-07 https://review.lineageos.org/q/topic:P_asb_2022-08 https://review.lineageos.org/q/topic:P_asb_2022-09 https://review.lineageos.org/q/topic:P_asb_2022-10 https://review.lineageos.org/q/topic:P_asb_2022-11 https://review.lineageos.org/q/topic:P_asb_2022-12 https://review.lineageos.org/q/topic:P_asb_2023-01 https://review.lineageos.org/q/topic:P_asb_2023-02 https://review.lineageos.org/q/topic:P_asb_2023-03 https://review.lineageos.org/q/topic:P_asb_2023-04 https://review.lineageos.org/q/topic:P_asb_2023-05 https://review.lineageos.org/q/topic:P_asb_2023-06 https://review.lineageos.org/q/topic:P_asb_2023-07 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_freetype/+/361250 https://review.lineageos.org/q/topic:P_asb_2023-08 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_freetype/+/364606 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/365328 https://review.lineageos.org/q/topic:P_asb_2023-09 https://review.lineageos.org/q/topic:P_asb_2023-10 https://review.lineageos.org/q/topic:P_asb_2023-11 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/374916 https://review.lineageos.org/q/topic:P_asb_2023-12 https://review.lineageos.org/q/topic:P_asb_2024-01 https://review.lineageos.org/q/topic:P_asb_2024-02 https://review.lineageos.org/q/topic:P_asb_2024-03 https://review.lineageos.org/q/topic:P_asb_2024-04 Signed-off-by: Tavi <tavi@divested.dev>
34 lines
1.9 KiB
Diff
34 lines
1.9 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Kunal Malhotra <malhk@google.com>
|
|
Date: Mon, 7 Nov 2022 23:33:55 +0000
|
|
Subject: [PATCH] Checking if package belongs to UID before registering
|
|
broadcast receiver
|
|
|
|
Test: manual testing done on device by installing test APK and checking if receiver can register
|
|
Bug: 242040055
|
|
Change-Id: Ia525f218a46f8bf7fff660cec0d6432f09fdf24d
|
|
Merged-In: Ia525f218a46f8bf7fff660cec0d6432f09fdf24d
|
|
(cherry picked from commit 790a8d0dd329460bc60456681cb446accf2a27e0)
|
|
(cherry picked from commit 4f0dc37b896e06086391e71ce471e413215e1130)
|
|
Merged-In: Ia525f218a46f8bf7fff660cec0d6432f09fdf24d
|
|
---
|
|
services/core/java/com/android/server/am/ActiveServices.java | 5 +++++
|
|
1 file changed, 5 insertions(+)
|
|
|
|
diff --git a/services/core/java/com/android/server/am/ActiveServices.java b/services/core/java/com/android/server/am/ActiveServices.java
|
|
index 8b4013405b22..05be900e5403 100644
|
|
--- a/services/core/java/com/android/server/am/ActiveServices.java
|
|
+++ b/services/core/java/com/android/server/am/ActiveServices.java
|
|
@@ -1971,6 +1971,11 @@ public final class ActiveServices {
|
|
throw new SecurityException("BIND_EXTERNAL_SERVICE failed, " + name +
|
|
" is not an isolatedProcess");
|
|
}
|
|
+ if (AppGlobals.getPackageManager().getPackageUid(callingPackage,
|
|
+ 0, userId) != callingUid) {
|
|
+ throw new SecurityException("BIND_EXTERNAL_SERVICE failed, "
|
|
+ + "calling package not owned by calling UID ");
|
|
+ }
|
|
// Run the service under the calling package's application.
|
|
ApplicationInfo aInfo = AppGlobals.getPackageManager().getApplicationInfo(
|
|
callingPackage, ActivityManagerService.STOCK_PM_FLAGS, userId);
|