Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 822c0f33 authored by Sumedh Sen's avatar Sumedh Sen
Browse files

Modify logic to compute trustedSource 

A caller can be trusted if it is privileged and passed
EXTRA_NOT_UNKNOWN_SOURCE or holds the INSTALL_PACKAGES permission.

Bug: 343233266
Test: CtsPackageInstallTestCases
Change-Id: I49329e62ed36a5d9c134d7c1430468dfe79fcbc3
parent 1dceeaa0

packages/PackageInstaller/src/com/android/packageinstaller/InstallStart.java

+8 −7
Original line number Original line Diff line number Diff line
@@ -125,13 +125,14 @@ public class InstallStart extends Activity { 
                -1, callingUid) == PackageManager.PERMISSION_GRANTED;

                -1, callingUid) == PackageManager.PERMISSION_GRANTED;

        boolean isSystemDownloadsProvider = PackageUtil.getSystemDownloadsProviderInfo(

        boolean isSystemDownloadsProvider = PackageUtil.getSystemDownloadsProviderInfo(

                                                mPackageManager, callingUid) != null;

                                                mPackageManager, callingUid) != null;

        boolean isTrustedSource = false;



        if (sourceInfo != null && sourceInfo.isPrivilegedApp()) {

        boolean isPrivilegedAndKnown = (sourceInfo != null && sourceInfo.isPrivilegedApp()) &&

            isTrustedSource = intent.getBooleanExtra(Intent.EXTRA_NOT_UNKNOWN_SOURCE, false) || (

            intent.getBooleanExtra(Intent.EXTRA_NOT_UNKNOWN_SOURCE, false);

                callingUid != Process.INVALID_UID && checkPermission(

        boolean isInstallPkgPermissionGranted =

                    Manifest.permission.INSTALL_PACKAGES, -1 /* pid */, callingUid)

            checkPermission(Manifest.permission.INSTALL_PACKAGES, /* pid= */ -1, callingUid)

                    == PackageManager.PERMISSION_GRANTED);

                    == PackageManager.PERMISSION_GRANTED;

        }



        boolean isTrustedSource = isPrivilegedAndKnown || isInstallPkgPermissionGranted;





        if (!isTrustedSource && !isSystemDownloadsProvider && !isDocumentsManager

        if (!isTrustedSource && !isSystemDownloadsProvider && !isDocumentsManager

                && callingUid != Process.INVALID_UID) {

                && callingUid != Process.INVALID_UID) {