Loading core/java/android/content/pm/multiuser.aconfig +0 −10 Original line number Original line Diff line number Diff line Loading @@ -115,16 +115,6 @@ flag { } } } } flag { name: "fix_avatar_cross_user_leak" namespace: "multiuser" description: "Fix cross-user picture uri leak for avatar picker apps." bug: "341688848" metadata { purpose: PURPOSE_BUGFIX } } flag { flag { name: "fix_avatar_content_provider_null_authority" name: "fix_avatar_content_provider_null_authority" namespace: "multiuser" namespace: "multiuser" Loading packages/SettingsLib/src/com/android/settingslib/users/EditUserPhotoController.java +4 −7 Original line number Original line Diff line number Diff line Loading @@ -132,13 +132,10 @@ public class EditUserPhotoController { Intent intent = new Intent(AVATAR_PICKER_ACTION); Intent intent = new Intent(AVATAR_PICKER_ACTION); intent.addCategory(Intent.CATEGORY_DEFAULT); intent.addCategory(Intent.CATEGORY_DEFAULT); intent.putExtra(EXTRA_IS_USER_NEW, isUserNew); intent.putExtra(EXTRA_IS_USER_NEW, isUserNew); // Fix vulnerability b/341688848 by explicitly set the class name of avatar picker. if (Flags.fixAvatarCrossUserLeak()) { final String packageName = final String packageName = mActivity.getString(R.string.config_avatar_picker_package); mActivity.getString(R.string.config_avatar_picker_package); final String className = mActivity.getString(R.string.config_avatar_picker_class); final String className = mActivity.getString(R.string.config_avatar_picker_class); intent.setClassName(packageName, className); intent.setClassName(packageName, className); } intent.putExtra(EXTRA_FILE_AUTHORITY, mFileAuthority); intent.putExtra(EXTRA_FILE_AUTHORITY, mFileAuthority); mActivityStarter.startActivityForResult(intent, REQUEST_CODE_PICK_AVATAR); mActivityStarter.startActivityForResult(intent, REQUEST_CODE_PICK_AVATAR); } } Loading Loading
core/java/android/content/pm/multiuser.aconfig +0 −10 Original line number Original line Diff line number Diff line Loading @@ -115,16 +115,6 @@ flag { } } } } flag { name: "fix_avatar_cross_user_leak" namespace: "multiuser" description: "Fix cross-user picture uri leak for avatar picker apps." bug: "341688848" metadata { purpose: PURPOSE_BUGFIX } } flag { flag { name: "fix_avatar_content_provider_null_authority" name: "fix_avatar_content_provider_null_authority" namespace: "multiuser" namespace: "multiuser" Loading
packages/SettingsLib/src/com/android/settingslib/users/EditUserPhotoController.java +4 −7 Original line number Original line Diff line number Diff line Loading @@ -132,13 +132,10 @@ public class EditUserPhotoController { Intent intent = new Intent(AVATAR_PICKER_ACTION); Intent intent = new Intent(AVATAR_PICKER_ACTION); intent.addCategory(Intent.CATEGORY_DEFAULT); intent.addCategory(Intent.CATEGORY_DEFAULT); intent.putExtra(EXTRA_IS_USER_NEW, isUserNew); intent.putExtra(EXTRA_IS_USER_NEW, isUserNew); // Fix vulnerability b/341688848 by explicitly set the class name of avatar picker. if (Flags.fixAvatarCrossUserLeak()) { final String packageName = final String packageName = mActivity.getString(R.string.config_avatar_picker_package); mActivity.getString(R.string.config_avatar_picker_package); final String className = mActivity.getString(R.string.config_avatar_picker_class); final String className = mActivity.getString(R.string.config_avatar_picker_class); intent.setClassName(packageName, className); intent.setClassName(packageName, className); } intent.putExtra(EXTRA_FILE_AUTHORITY, mFileAuthority); intent.putExtra(EXTRA_FILE_AUTHORITY, mFileAuthority); mActivityStarter.startActivityForResult(intent, REQUEST_CODE_PICK_AVATAR); mActivityStarter.startActivityForResult(intent, REQUEST_CODE_PICK_AVATAR); } } Loading
