Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 11f6a101 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "Prevend user spoofing in isRequestPinItemSupported" into sc-dev

parents 4c2c1530 19a655d7

services/core/java/com/android/server/pm/ShortcutService.java

+15 −0
Original line number Diff line number Diff line
@@ -1664,6 +1664,19 @@ public class ShortcutService extends IShortcutService.Stub { 
        mContext.enforceCallingPermission(permission, message);

    }



    private void verifyCallerUserId(@UserIdInt int userId) {

        if (isCallerSystem()) {

            return; // no check

        }



        final int callingUid = injectBinderCallingUid();



        // Otherwise, make sure the arguments are valid.

        if (UserHandle.getUserId(callingUid) != userId) {

            throw new SecurityException("Invalid user-ID");

        }

    }



    private void verifyCaller(@NonNull String packageName, @UserIdInt int userId) {

        Preconditions.checkStringNotEmpty(packageName, "packageName");
@@ -2847,6 +2860,8 @@ public class ShortcutService extends IShortcutService.Stub { 


    @Override

    public boolean isRequestPinItemSupported(int callingUserId, int requestType) {

        verifyCallerUserId(callingUserId);



        final long token = injectClearCallingIdentity();

        try {

            return mShortcutRequestPinProcessor