Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 2c038814 authored by Joshua Duong's avatar Joshua Duong
Browse files

Fix PendingIntent hijacking for adb notifications. 

Use an explicit intent and set PendingIntent.FLAG_IMMUTABLE to prevent
someone from modifying the intent from PendingIntent.send(...).

Bug: 153356209

Test: atest AdbNotificationsTest
Test: In bug, install and launch the PoC apk and give it notification
permissions. Then, with USB/Wifi debugging enabled, disconnect and connect
the device to create the adb notification. the PoC apk should not have
permission to display information from
content://com.android.settings.files/my_cache/NOTICE.html.

Change-Id: Ie49aa3cf9b33168cf1435fc2427e95aac7f4609b
parent 21c7cfa6
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment