Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1c1b6b62 authored by Taran Singh's avatar Taran Singh Committed by Mohammed Althaf T
Browse files

Validate IME metadata before parsing 

Malicious IMEs can load an extremely large metaData for inputmethod xml
which can lead to IMMS running out of memory while contructing
InputMethodInfo.
this change limits the size of metadata xml to 200KBs and would throw
XmlPullParserException for xmls larger than that.

Bug: 416259832
Test: Manually using steps in the bug
Flag: EXEMPT bug_fix
(cherry picked from commit 5e31d9c0)
Cherrypick-From: https://googleplex-android-review.googlesource.com/q/commit:139a5c60566511095c40c1dc57be324445fff5fd
Merged-In: Ic90e1bd6615f5954577ed29c3daf7b44596fb137
Change-Id: Ic90e1bd6615f5954577ed29c3daf7b44596fb137
parent 8cc3c6e5
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment