Loading packages/SettingsLib/res/values/config.xml +10 −0 Original line number Diff line number Diff line Loading @@ -31,4 +31,14 @@ <!-- Control whether status bar should distinguish HSPA data icon form UMTS data icon on devices --> <bool name="config_hspa_data_distinguishable">false</bool> <!-- Edit User avatar explicit package name --> <string name="config_avatar_picker_package" translatable="false"> com.android.avatarpicker </string> <!-- Edit User avatar explicit activity class --> <string name="config_avatar_picker_class" translatable="false"> com.android.avatarpicker.ui.AvatarPickerActivity </string> </resources> No newline at end of file packages/SettingsLib/src/com/android/settingslib/users/EditUserPhotoController.java +8 −0 Original line number Diff line number Diff line Loading @@ -32,6 +32,7 @@ import androidx.annotation.Nullable; import com.android.internal.util.UserIcons; import com.android.settingslib.drawable.CircleFramedDrawable; import com.android.settingslib.R; import com.android.settingslib.utils.ThreadUtils; import com.google.common.util.concurrent.FutureCallback; Loading Loading @@ -132,6 +133,13 @@ public class EditUserPhotoController { intent.addCategory(Intent.CATEGORY_DEFAULT); if (Flags.avatarSync()) { intent.putExtra(EXTRA_IS_USER_NEW, isUserNew); // Fix vulnerability b/341688848 by explicitly set the class name of avatar picker. if (Flags.fixAvatarCrossUserLeak()) { final String packageName = mActivity.getString(R.string.config_avatar_picker_package); final String className = mActivity.getString(R.string.config_avatar_picker_class); intent.setClassName(packageName, className); } } else { // SettingsLib is used by multiple apps therefore we need to know out of all apps // using settingsLib which one is the one we return value to. Loading Loading
packages/SettingsLib/res/values/config.xml +10 −0 Original line number Diff line number Diff line Loading @@ -31,4 +31,14 @@ <!-- Control whether status bar should distinguish HSPA data icon form UMTS data icon on devices --> <bool name="config_hspa_data_distinguishable">false</bool> <!-- Edit User avatar explicit package name --> <string name="config_avatar_picker_package" translatable="false"> com.android.avatarpicker </string> <!-- Edit User avatar explicit activity class --> <string name="config_avatar_picker_class" translatable="false"> com.android.avatarpicker.ui.AvatarPickerActivity </string> </resources> No newline at end of file
packages/SettingsLib/src/com/android/settingslib/users/EditUserPhotoController.java +8 −0 Original line number Diff line number Diff line Loading @@ -32,6 +32,7 @@ import androidx.annotation.Nullable; import com.android.internal.util.UserIcons; import com.android.settingslib.drawable.CircleFramedDrawable; import com.android.settingslib.R; import com.android.settingslib.utils.ThreadUtils; import com.google.common.util.concurrent.FutureCallback; Loading Loading @@ -132,6 +133,13 @@ public class EditUserPhotoController { intent.addCategory(Intent.CATEGORY_DEFAULT); if (Flags.avatarSync()) { intent.putExtra(EXTRA_IS_USER_NEW, isUserNew); // Fix vulnerability b/341688848 by explicitly set the class name of avatar picker. if (Flags.fixAvatarCrossUserLeak()) { final String packageName = mActivity.getString(R.string.config_avatar_picker_package); final String className = mActivity.getString(R.string.config_avatar_picker_class); intent.setClassName(packageName, className); } } else { // SettingsLib is used by multiple apps therefore we need to know out of all apps // using settingsLib which one is the one we return value to. Loading
