Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 0594d55d authored by Jackal Guo's avatar Jackal Guo
Browse files

Fix side channel information disclosure

This method reacts differently when the given package name isn't
installed, and is installed but not belonging to the caller. This
subtle difference leaves the possibility that malicious code could
do a side channel attack.

Bug: 249058614
Test: atest CtsWindowManagerDeviceTestCases:ToastWindowTest
Test: atest CtsWindowManagerDeviceTestCases:WindowContextPolicyTests
Test: atest CtsWindowManagerDeviceTestCases:WindowUntrustedTouchTest
Test: atest CtsToastLegacyTestCases:ToastTest
Test: atest CtsToastTestCases:LegacyToastTest
Test: atest FrameworksCoreTests:ViewRootImplTest
Test: atest FrameworksUiServicesTests:NotificationManagerServiceTest
Change-Id: I37f28b6a660c4a3d2cd92b25d3f68066902c692f

Change-Id: I52372bec19355ea8855ead28fcb0ab250c527f19
parent 907060a9
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment