Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c4f4dfed authored by Jeff Sharkey's avatar Jeff Sharkey Committed by Jeff Sharkey
Browse files

DO NOT MERGE. KEY_INTENT shouldn't grant permissions. 

KEY_INTENT has no business granting any Uri permissions, so remove
any grant flags that malicious apps may have tried sneaking in.

Test: builds, boots
Bug: 32990341, 32879915
Change-Id: I657455a770c81f045ccce6abbd2291407a1cfb42
parent 17735f18

services/core/java/com/android/server/accounts/AccountManagerService.java

+4 −0
Original line number Diff line number Diff line
@@ -3860,6 +3860,10 @@ public class AccountManagerService 
        protected void checkKeyIntent(

                int authUid,

                Intent intent) throws SecurityException {

            intent.setFlags(intent.getFlags() & ~(Intent.FLAG_GRANT_READ_URI_PERMISSION

                    | Intent.FLAG_GRANT_WRITE_URI_PERMISSION

                    | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION

                    | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION));

            long bid = Binder.clearCallingIdentity();

            try {

                PackageManager pm = mContext.getPackageManager();