Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 94b1884a authored by Taran Singh's avatar Taran Singh Committed by Bruno Martins
Browse files

Validate IME metadata before parsing 

Malicious IMEs can load an extremely large metaData for inputmethod xml
which can lead to IMMS running out of memory while contructing
InputMethodInfo.
this change limits the size of metadata xml to 200KBs and would throw
XmlPullParserException for xmls larger than that.

Bug: 416259832
Test: Manually using steps in the bug
Flag: EXEMPT bug_fix
(cherry picked from commit 5e31d9c0)
Cherrypick-From: https://googleplex-android-review.googlesource.com/q/commit:139a5c60566511095c40c1dc57be324445fff5fd
Merged-In: Ic90e1bd6615f5954577ed29c3daf7b44596fb137
Change-Id: Ic90e1bd6615f5954577ed29c3daf7b44596fb137
parent 45ee8a2a
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment