Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 46ee9cb2 authored by Xiaowen Lei's avatar Xiaowen Lei
Browse files

Fix security vulnerability that allowed attackers to start arbitary activities. 

Bug: 189574230
Test: flash device and check dream picker.
Test: installed POC and confirmed that "Customize" no longer shows.
Change-Id: Ia8ac9b2fe6da4396922ed9e43d6eb16b0f7f9f66
parent 19f083cd

packages/SettingsLib/src/com/android/settingslib/dream/DreamBackend.java

+12 −1
Original line number Diff line number Diff line
@@ -489,7 +489,18 @@ public class DreamBackend { 
        if (flattenedString.indexOf('/') < 0) {

            flattenedString = serviceInfo.packageName + "/" + flattenedString;

        }

        return ComponentName.unflattenFromString(flattenedString);



        ComponentName cn = ComponentName.unflattenFromString(flattenedString);



        if (cn == null) return null;

        if (!cn.getPackageName().equals(serviceInfo.packageName)) {

            Log.w(TAG,

                    "Inconsistent package name in component: " + cn.getPackageName()

                            + ", should be: " + serviceInfo.packageName);

            return null;

        }



        return cn;

    }



    private static DreamMetadata getDreamMetadata(PackageManager pm, ResolveInfo resolveInfo) {