DO NOT MERGE: Verify INSTALL_PACKAGES permissions when adding installer package (5e87848e) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/pm/PackageManagerService.java

+19 −13

Original line number	Diff line number	Diff line
		@@ -12593,20 +12593,26 @@ public class PackageManagerService extends IPackageManager.Stub {

		// Verify: if target already has an installer package, it must
		// be signed with the same cert as the caller.
		if (targetPackageSetting.installerPackageName != null) {
		PackageSetting setting = mSettings.mPackages.get(
		targetPackageSetting.installerPackageName);
		// If the currently set package isn't valid, then it's always
		// okay to change it.
		if (setting != null) {
		String targetInstallerPackageName =
		targetPackageSetting.installerPackageName;
		PackageSetting targetInstallerPkgSetting = targetInstallerPackageName == null ? null :
		mSettings.mPackages.get(targetInstallerPackageName);

		if (targetInstallerPkgSetting != null) {
		if (compareSignatures(callerSignature,
		setting.signatures.mSignatures)
		targetInstallerPkgSetting.signatures.mSignatures)
		!= PackageManager.SIGNATURE_MATCH) {
		throw new SecurityException(
		"Caller does not have same cert as old installer package "
		+ targetPackageSetting.installerPackageName);
		}
		+ targetInstallerPackageName);
		}
		} else if (mContext.checkCallingOrSelfPermission(Manifest.permission.INSTALL_PACKAGES)
		!= PackageManager.PERMISSION_GRANTED) {
		// This is probably an attempt to exploit vulnerability b/150857253 of taking
		// privileged installer permissions when the installer has been uninstalled or
		// was never set.
		EventLog.writeEvent(0x534e4554, "150857253", Binder.getCallingUid(), "");
		return;
		}

		// Okay!