Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2b1a2845 authored by Jay Sullivan's avatar Jay Sullivan Committed by Automerger Merge Worker
Browse files

Merge "Fix isAutoRevokeWhitelisted vulnerability" into sc-dev am: c567ac91 

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/15102869

Change-Id: I43308940cc1bc9b13624b91ed6e40556348735fc
parents 46232293 c567ac91

services/core/java/com/android/server/pm/permission/PermissionManagerService.java

+5 −1
Original line number Diff line number Diff line
@@ -1384,12 +1384,16 @@ public class PermissionManagerService extends IPermissionManager.Stub { 


        final AndroidPackage pkg = mPackageManagerInt.getPackage(packageName);

        final int callingUid = Binder.getCallingUid();

        final int packageUid = UserHandle.getUid(userId, pkg.getUid());

        if (mPackageManagerInt.filterAppAccess(packageName, callingUid, userId)) {

            return false;

        }



        if (!checkAutoRevokeAccess(pkg, callingUid)) {

            return false;

        }



        final int packageUid = UserHandle.getUid(userId, pkg.getUid());



        final long identity = Binder.clearCallingIdentity();

        try {

            return mAppOpsManager.checkOpNoThrow(