Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c0093669 authored by Iustin Ventaniuc's avatar Iustin Ventaniuc Committed by Nishith Khanna
Browse files

Handle loadDescription OutOfMemoryError in DeviceAdminInfo 

loadDescription was potentially vulnerable to an attack which causes a
DoS exploit by injecting a maliciously large string into the Receiver's
label.

Bug: 443062265
Test: manual
Flag: EXEMPT BUGFIX
Cherrypick-From: https://googleplex-android-review.googlesource.com/q/commit:06a5b2327caa3aa8843496458e98b9bb070df6e5
Cherrypick-From: https://googleplex-android-review.googlesource.com/q/commit:2e378635be2c25ffe8c065ae771fc6d1ba74b5c8
Merged-In: Icab26c4b77e73f0fcb9a560e3211482ebe2f37bf
Change-Id: Icab26c4b77e73f0fcb9a560e3211482ebe2f37bf
parent 5982b3cb

core/java/android/app/admin/DeviceAdminInfo.java

+5 −1
Original line number Diff line number Diff line
@@ -473,8 +473,12 @@ public final class DeviceAdminInfo implements Parcelable { 
     */

    public CharSequence loadDescription(PackageManager pm) throws NotFoundException {

        if (mActivityInfo.descriptionRes != 0) {

            try {

                return pm.getText(mActivityInfo.packageName,

                    mActivityInfo.descriptionRes, mActivityInfo.applicationInfo);

            } catch (OutOfMemoryError e) {

                throw new NotFoundException();

            }

        }

        throw new NotFoundException();

    }