mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-07-03 18:11:24 +00:00
964877bbf6
wgetb96ee4a2d1.patch -O telephony-01.patch wgetc16e6e78c1.patch -O media-01.patch wgetd5771450d7.patch -O media-02.patch wgeta1370bd00c.patch -O nn-01.patch wgetce2776f4ca.patch -O bt-01.patch wget585f583ef5.patch -O bt-02.patch wgetc9905e7968.patch -O bt-03.patch wgetc93ec045f5.patch -O bt-04.patch wget89fb17d172.patch -O bt-05.patch wget14aed2455e.patch -O bt-06.patch wgetcd438ebc52.patch -O bt-07.patch wget27e7cdc4e5.patch -O nfc-01.patch wgetdfeb4270b8.patch -O launcher-01.patch wgetb1993f6cec.patch -O native-01.patch wgetdf4a9362cd.patch -O fwb-01.patch wgetb55563bb9d.patch -O fwb-02.patch wgeta80971a281.patch -O fwb-03.patch wget7e173b4383.patch -O fwb-04.patch wget44191b1c6b.patch -O fwb-05.patch wget8dc8dfe572.patch -O fwb-06.patch wget00a4224100.patch -O av-01.patch wget21623d1f43.patch -O settings-01.patch wgetfa5ec443d9.patch -O settings-02.patch wgetba4da9c7b3.patch -O settings-03.patch Signed-off-by: Tad <tad@spotco.us>
49 lines
2.1 KiB
Diff
49 lines
2.1 KiB
Diff
From dfeb4270b8ecad08bc5361f122af9453881a5987 Mon Sep 17 00:00:00 2001
|
|
From: Pinyao Ting <pinyaoting@google.com>
|
|
Date: Thu, 1 Jun 2023 18:12:44 -0700
|
|
Subject: [PATCH] Fix permission issue in legacy shortcut
|
|
|
|
When building legacy shortcut, Launcher calls
|
|
PackageManager#resolveActivity to retrieve necessary permission to
|
|
launch the intent.
|
|
|
|
However, when the source app wraps an arbitrary intent within
|
|
Intent#createChooser, the existing logic will fail because launching
|
|
Chooser doesn't require additional permission.
|
|
|
|
This CL fixes the security vulnerability by performing the permission
|
|
check against the intent that is wrapped within.
|
|
|
|
Bug: 270152142
|
|
Test: manual
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c53818a16b4322a823497726ac7e7a44501b4442)
|
|
Merged-In: If35344c08975e35085c7c2b9b814a3c457a144b0
|
|
Change-Id: If35344c08975e35085c7c2b9b814a3c457a144b0
|
|
---
|
|
.../android/launcher3/util/PackageManagerHelper.java | 12 ++++++++++++
|
|
1 file changed, 12 insertions(+)
|
|
|
|
diff --git a/src/com/android/launcher3/util/PackageManagerHelper.java b/src/com/android/launcher3/util/PackageManagerHelper.java
|
|
index a6a2751dc7..586e0c9e89 100644
|
|
--- a/src/com/android/launcher3/util/PackageManagerHelper.java
|
|
+++ b/src/com/android/launcher3/util/PackageManagerHelper.java
|
|
@@ -145,6 +145,18 @@ public static boolean isAppSuspended(ApplicationInfo info) {
|
|
* any permissions
|
|
*/
|
|
public boolean hasPermissionForActivity(Intent intent, String srcPackage) {
|
|
+ // b/270152142
|
|
+ if (Intent.ACTION_CHOOSER.equals(intent.getAction())) {
|
|
+ final Bundle extras = intent.getExtras();
|
|
+ if (extras == null) {
|
|
+ return true;
|
|
+ }
|
|
+ // If given intent is ACTION_CHOOSER, verify srcPackage has permission over EXTRA_INTENT
|
|
+ intent = (Intent) extras.getParcelable(Intent.EXTRA_INTENT);
|
|
+ if (intent == null) {
|
|
+ return true;
|
|
+ }
|
|
+ }
|
|
ResolveInfo target = mPm.resolveActivity(intent, 0);
|
|
if (target == null) {
|
|
// Not a valid target
|