Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 18240c60 authored by Jeff Chang's avatar Jeff Chang
Browse files

Prevent app check via content provider. 

Perform a check if a caller has an access to uri when startActivities.
If uri provider exists but is non exported or permission protected and
throw a SecurityException. App use it to determine if the content
provider is installed or not.

The CL handle the exception without throw the exception out to prevent
that.

Bug: 190396251
Test: atest CtsWindowManagerDeviceTestCases:ActivityStarterTests
Change-Id: Ieca3e555dcd0c046d92f7d40ef4125d3a535d8a1
parent 44d2d1f8

services/core/java/com/android/server/wm/ActivityStartController.java

+11 −7
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ 


package com.android.server.wm;



import static android.app.ActivityManager.START_CANCELED;

import static android.app.ActivityManager.START_SUCCESS;

import static android.app.WindowConfiguration.ACTIVITY_TYPE_HOME;

import static android.app.WindowConfiguration.WINDOWING_MODE_FULLSCREEN;
@@ -390,15 +391,18 @@ public class ActivityStartController { 
                        0 /* startFlags */, null /* profilerInfo */, userId, filterCallingUid);

                aInfo = mService.mAmInternal.getActivityInfoForUser(aInfo, userId);



                // Carefully collect grants without holding lock

                if (aInfo != null) {

                    try {

                        // Carefully collect grants without holding lock

                        intentGrants = mSupervisor.mService.mUgmInternal

                                .checkGrantUriPermissionFromIntent(intent, filterCallingUid,

                                        aInfo.applicationInfo.packageName,

                                        UserHandle.getUserId(aInfo.applicationInfo.uid));

                    } catch (SecurityException e) {

                        Slog.d(TAG, "Not allowed to start activity since no uri permission.");

                        return START_CANCELED;

                    }



                if (aInfo != null) {

                    if ((aInfo.applicationInfo.privateFlags

                            & ApplicationInfo.PRIVATE_FLAG_CANT_SAVE_STATE) != 0) {

                        throw new IllegalArgumentException(