mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2025-01-21 21:01:13 -05:00
59bf3b75c7
https://review.lineageos.org/c/LineageOS/android_frameworks_base/+/353117 https://review.lineageos.org/q/topic:Q_asb_2023-03 https://review.lineageos.org/q/topic:Q_asb_2023-04 https://review.lineageos.org/q/topic:Q_asb_2023-05 https://review.lineageos.org/q/topic:Q_asb_2023-06 https://review.lineageos.org/q/topic:Q_asb_2023-07 https://review.lineageos.org/q/topic:Q_asb_2023-08 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376560 https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376561 https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376562 https://review.lineageos.org/q/topic:Q_asb_2023-09 https://review.lineageos.org/q/topic:Q_asb_2023-10 https://review.lineageos.org/q/topic:Q_asb_2023-11 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376563 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_webp/+/376568 https://review.lineageos.org/q/topic:Q_asb_2023-12 https://review.lineageos.org/q/topic:Q_asb_2024-01 https://review.lineageos.org/q/topic:Q_asb_2024-02 https://review.lineageos.org/q/topic:Q_asb_2024-03 Signed-off-by: Tavi <tavi@divested.dev>
71 lines
3.2 KiB
Diff
71 lines
3.2 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Ioana Alexandru <aioana@google.com>
|
|
Date: Fri, 12 May 2023 15:41:09 +0000
|
|
Subject: [PATCH] Implement visitUris for RemoteViews ViewGroupActionAdd.
|
|
|
|
This is to prevent a vulnerability where notifications can show
|
|
resources belonging to other users, since the URI in the nested views
|
|
was not being checked.
|
|
|
|
Bug: 277740082
|
|
Test: atest RemoteViewsTest NotificationVisitUrisTest
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:850fd984e5f346645b5a941ed7307387c7e4c4de)
|
|
Merged-In: I5c71f0bad0a6f6361eb5ceffe8d1e47e936d78f8
|
|
Change-Id: I5c71f0bad0a6f6361eb5ceffe8d1e47e936d78f8
|
|
---
|
|
core/java/android/widget/RemoteViews.java | 5 ++++
|
|
.../src/android/widget/RemoteViewsTest.java | 24 +++++++++++++++++++
|
|
2 files changed, 29 insertions(+)
|
|
|
|
diff --git a/core/java/android/widget/RemoteViews.java b/core/java/android/widget/RemoteViews.java
|
|
index 21d38b559736..c2e591950e25 100644
|
|
--- a/core/java/android/widget/RemoteViews.java
|
|
+++ b/core/java/android/widget/RemoteViews.java
|
|
@@ -1663,6 +1663,11 @@ public class RemoteViews implements Parcelable, Filter {
|
|
public int getActionTag() {
|
|
return VIEW_GROUP_ACTION_ADD_TAG;
|
|
}
|
|
+
|
|
+ @Override
|
|
+ public final void visitUris(@NonNull Consumer<Uri> visitor) {
|
|
+ mNestedViews.visitUris(visitor);
|
|
+ }
|
|
}
|
|
|
|
/**
|
|
diff --git a/core/tests/coretests/src/android/widget/RemoteViewsTest.java b/core/tests/coretests/src/android/widget/RemoteViewsTest.java
|
|
index 46f2c0928fc3..83ff725b5b75 100644
|
|
--- a/core/tests/coretests/src/android/widget/RemoteViewsTest.java
|
|
+++ b/core/tests/coretests/src/android/widget/RemoteViewsTest.java
|
|
@@ -528,6 +528,30 @@ public class RemoteViewsTest {
|
|
verify(visitor, times(1)).accept(eq(icon4.getUri()));
|
|
}
|
|
|
|
+ @Test
|
|
+ public void visitUris_nestedViews() {
|
|
+ final RemoteViews outer = new RemoteViews(mPackage, R.layout.remote_views_test);
|
|
+
|
|
+ final RemoteViews inner = new RemoteViews(mPackage, 33);
|
|
+ final Uri imageUriI = Uri.parse("content://inner/image");
|
|
+ final Icon icon1 = Icon.createWithContentUri("content://inner/icon1");
|
|
+ final Icon icon2 = Icon.createWithContentUri("content://inner/icon2");
|
|
+ final Icon icon3 = Icon.createWithContentUri("content://inner/icon3");
|
|
+ final Icon icon4 = Icon.createWithContentUri("content://inner/icon4");
|
|
+ inner.setImageViewUri(R.id.image, imageUriI);
|
|
+ inner.setTextViewCompoundDrawables(R.id.text, icon1, icon2, icon3, icon4);
|
|
+
|
|
+ outer.addView(R.id.layout, inner);
|
|
+
|
|
+ Consumer<Uri> visitor = (Consumer<Uri>) spy(Consumer.class);
|
|
+ outer.visitUris(visitor);
|
|
+ verify(visitor, times(1)).accept(eq(imageUriI));
|
|
+ verify(visitor, times(1)).accept(eq(icon1.getUri()));
|
|
+ verify(visitor, times(1)).accept(eq(icon2.getUri()));
|
|
+ verify(visitor, times(1)).accept(eq(icon3.getUri()));
|
|
+ verify(visitor, times(1)).accept(eq(icon4.getUri()));
|
|
+ }
|
|
+
|
|
@Test
|
|
public void visitUris_separateOrientation() {
|
|
final RemoteViews landscape = new RemoteViews(mPackage, R.layout.remote_views_test);
|