Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b4c67863 authored by Taran Singh's avatar Taran Singh Committed by Android Build Coastguard Worker
Browse files

Validate IME metadata before parsing 

Malicious IMEs can load an extremely large metaData for inputmethod xml
which can lead to IMMS running out of memory while contructing
InputMethodInfo.
this change limits the size of metadata xml to 200KBs and would throw
XmlPullParserException for xmls larger than that.

Bug: 416259832
Test: Manually using steps in the bug
Flag: EXEMPT bug_fix
(cherry picked from commit 5e31d9c0)
Cherrypick-From: https://googleplex-android-review.googlesource.com/q/commit:c5640ed624f4e5388bd25b7910474d4eebfdfc2a
Merged-In: Ic90e1bd6615f5954577ed29c3daf7b44596fb137
Change-Id: Ic90e1bd6615f5954577ed29c3daf7b44596fb137
parent de2cbccd
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment