Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5505706c authored by Carlos Valdivia's avatar Carlos Valdivia Committed by Android Git Automerger
Browse files

am cdb9ea79: Merge "Package checks for resloving recovery tokens should be... 

am cdb9ea79: Merge "Package checks for resloving recovery tokens should be user sensitive." into klp-dev

* commit 'cdb9ea79':
  Package checks for resloving recovery tokens should be user sensitive.
parents 910deb71 cdb9ea79

services/java/com/android/server/accounts/AccountManagerService.java

+13 −8
Original line number Diff line number Diff line
@@ -2167,16 +2167,21 @@ public class AccountManagerService 
                 * this can be very bad when those apps are in the system like

                 * the System Settings.

                 */

                int authenticatorUid = Binder.getCallingUid();

                long bid = Binder.clearCallingIdentity();

                try {

                    PackageManager pm = mContext.getPackageManager();

                ResolveInfo resolveInfo = pm.resolveActivity(intent, 0);

                    ResolveInfo resolveInfo = pm.resolveActivityAsUser(intent, 0, mAccounts.userId);

                    int targetUid = resolveInfo.activityInfo.applicationInfo.uid;

                int authenticatorUid = Binder.getCallingUid();

                    if (PackageManager.SIGNATURE_MATCH !=

                            pm.checkSignatures(authenticatorUid, targetUid)) {

                        throw new SecurityException(

                                "Activity to be started with KEY_INTENT must " +

                               "share Authenticator's signatures");

                    }

                } finally {

                    Binder.restoreCallingIdentity(bid);

                }

            }

            if (result != null

                    && !TextUtils.isEmpty(result.getString(AccountManager.KEY_AUTHTOKEN))) {