Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit 7792b798 authored by Kevin F. Haggerty's avatar Kevin F. Haggerty
Browse files

Merge tag 'android-security-11.0.0_r69' of... 

Merge tag 'android-security-11.0.0_r69' of https://android.googlesource.com/platform/frameworks/base into staging/lineage-18.1_merge_android-security-11.0.0_r69

Android security 11.0.0 release 69

* tag 'android-security-11.0.0_r69' of https://android.googlesource.com/platform/frameworks/base:
  Visit URIs in landscape/portrait custom remote views.
  Truncate ShortcutInfo Id
  Verify URI permissions for EXTRA_REMOTE_INPUT_HISTORY_ITEMS.
  DO NOT MERGE Increase notification channel limit.
  DO NOT MERGE Dismiss keyguard when simpin auth'd and...
  Only allow NEW_TASK flag when adjusting pending intents
  DO NOT MERGE: Limit the ServiceFriendlyNames
  DO NOT MERGE: Add size check on PPS#policy
  Import translations. DO NOT MERGE ANYWHERE
  Limit the number of supported v1 and v2 signers
  Sanitize VPN label to prevent HTML injection
  Revert "Ensure that only SysUI can override pending intent launch flags"
  Ensure that only SysUI can override pending intent launch flags
  [RESTRICT AUTOMERGE] Passpoint Add more check to limit the config size

Change-Id: Ie675bf2e5b059467bafc4d7285d65fa221b92895
parents d7c017f0 66d7b55a

core/java/android/app/ActivityOptions.java

+5 −1
Original line number Diff line number Diff line
@@ -20,6 +20,8 @@ import static android.Manifest.permission.CONTROL_REMOTE_APP_TRANSITION_ANIMATIO 
import static android.app.ActivityTaskManager.SPLIT_SCREEN_CREATE_MODE_TOP_OR_LEFT;

import static android.app.WindowConfiguration.ACTIVITY_TYPE_UNDEFINED;

import static android.app.WindowConfiguration.WINDOWING_MODE_UNDEFINED;

import static android.content.Intent.FLAG_ACTIVITY_NEW_TASK;

import static android.content.Intent.FLAG_RECEIVER_FOREGROUND;

import static android.view.Display.INVALID_DISPLAY;



import android.annotation.NonNull;
@@ -1372,7 +1374,9 @@ public class ActivityOptions extends ComponentOptions { 
     * @hide

     */

    public int getPendingIntentLaunchFlags() {

        return mPendingIntentLaunchFlags;

        // b/243794108: Ignore all flags except the new task flag, to be reconsidered in b/254490217

        return mPendingIntentLaunchFlags &

                (FLAG_ACTIVITY_NEW_TASK | FLAG_RECEIVER_FOREGROUND);

    }



    /**

core/java/android/app/Notification.java

+11 −0
Original line number Diff line number Diff line
@@ -2510,6 +2510,17 @@ public class Notification implements Parcelable 
            if (person != null && person.getIconUri() != null) {

                visitor.accept(person.getIconUri());

            }



            final RemoteInputHistoryItem[] history = (RemoteInputHistoryItem[])

                    extras.getParcelableArray(Notification.EXTRA_REMOTE_INPUT_HISTORY_ITEMS);

            if (history != null) {

                for (int i = 0; i < history.length; i++) {

                    RemoteInputHistoryItem item = history[i];

                    if (item.getUri() != null) {

                        visitor.accept(item.getUri());

                    }

                }

            }

        }



        if (MessagingStyle.class.equals(getNotificationStyle()) && extras != null) {

core/java/android/content/pm/ShortcutInfo.java

+17 −3
Original line number Diff line number Diff line
@@ -261,6 +261,12 @@ public final class ShortcutInfo implements Parcelable { 
     */

    public static final int DISABLED_REASON_OTHER_RESTORE_ISSUE = 103;



    /**

     * The maximum length of Shortcut ID. IDs will be truncated at this limit.

     * @hide

     */

    public static final int MAX_ID_LENGTH = 1000;



    /** @hide */

    @IntDef(prefix = { "DISABLED_REASON_" }, value = {

            DISABLED_REASON_NOT_DISABLED,
@@ -436,8 +442,7 @@ public final class ShortcutInfo implements Parcelable { 


    private ShortcutInfo(Builder b) {

        mUserId = b.mContext.getUserId();



        mId = Preconditions.checkStringNotEmpty(b.mId, "Shortcut ID must be provided");

        mId = getSafeId(Preconditions.checkStringNotEmpty(b.mId, "Shortcut ID must be provided"));



        // Note we can't do other null checks here because SM.updateShortcuts() takes partial

        // information.
@@ -539,6 +544,14 @@ public final class ShortcutInfo implements Parcelable { 
        return ret;

    }



    @NonNull

    private static String getSafeId(@NonNull String id) {

        if (id.length() > MAX_ID_LENGTH) {

            return id.substring(0, MAX_ID_LENGTH);

        }

        return id;

    }



    /**

     * Throws if any of the mandatory fields is not set.

     *
@@ -2090,7 +2103,8 @@ public final class ShortcutInfo implements Parcelable { 
        final ClassLoader cl = getClass().getClassLoader();



        mUserId = source.readInt();

        mId = source.readString8();

        mId = getSafeId(Preconditions.checkStringNotEmpty(source.readString8(),

                "Shortcut ID must be provided"));

        mPackageName = source.readString8();

        mActivity = source.readParcelable(cl);

        mFlags = source.readInt();

core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java

+10 −0
Original line number Diff line number Diff line
@@ -75,6 +75,11 @@ public class ApkSignatureSchemeV2Verifier { 


    private static final int APK_SIGNATURE_SCHEME_V2_BLOCK_ID = 0x7109871a;



    /**

     * The maximum number of signers supported by the v2 APK signature scheme.

     */

    private static final int MAX_V2_SIGNERS = 10;



    /**

     * Returns {@code true} if the provided APK contains an APK Signature Scheme V2 signature.

     *
@@ -183,6 +188,11 @@ public class ApkSignatureSchemeV2Verifier { 
        }

        while (signers.hasRemaining()) {

            signerCount++;

            if (signerCount > MAX_V2_SIGNERS) {

                throw new SecurityException(

                        "APK Signature Scheme v2 only supports a maximum of " + MAX_V2_SIGNERS

                                + " signers");

            }

            try {

                ByteBuffer signer = getLengthPrefixedSlice(signers);

                X509Certificate[] certs = verifySigner(signer, contentDigests, certFactory);

core/java/android/util/jar/StrictJarVerifier.java

+11 −0
Original line number Diff line number Diff line
@@ -78,6 +78,11 @@ class StrictJarVerifier { 
        "SHA1",

    };



    /**

     * The maximum number of signers supported by the JAR signature scheme.

     */

    private static final int MAX_JAR_SIGNERS = 10;



    private final String jarName;

    private final StrictJarManifest manifest;

    private final HashMap<String, byte[]> metaEntries;
@@ -293,10 +298,16 @@ class StrictJarVerifier { 
            return false;

        }



        int signerCount = 0;

        Iterator<String> it = metaEntries.keySet().iterator();

        while (it.hasNext()) {

            String key = it.next();

            if (key.endsWith(".DSA") || key.endsWith(".RSA") || key.endsWith(".EC")) {

                if (++signerCount > MAX_JAR_SIGNERS) {

                    throw new SecurityException(

                            "APK Signature Scheme v1 only supports a maximum of " + MAX_JAR_SIGNERS

                                    + " signers");

                }

                verifyCertificate(key);

                it.remove();

            }