Merge tag 'android-security-12.1.0_r6' into staging/lineage-19.1_android-security-12.1.0_r6 (d302ec78) · Commits · e / os / android_frameworks_base

core/java/android/view/inputmethod/InputMethodSubtypeArray.java

+4 −0

Original line number	Diff line number	Diff line
		@@ -17,6 +17,7 @@
		package android.view.inputmethod;

		import android.compat.annotation.UnsupportedAppUsage;
		import android.os.BadParcelableException;
		import android.os.Parcel;
		import android.util.Slog;

		@@ -69,6 +70,9 @@ public class InputMethodSubtypeArray {
		*/
		public InputMethodSubtypeArray(final Parcel source) {
		mCount = source.readInt();
		if (mCount < 0) {
		throw new BadParcelableException("mCount must be non-negative.");
		}
		if (mCount > 0) {
		mDecompressedSize = source.readInt();
		mCompressedData = source.createByteArray();

core/tests/coretests/src/android/view/inputmethod/InputMethodSubtypeArrayTest.java

+36 −0

Original line number	Diff line number	Diff line
		@@ -16,9 +16,14 @@

		package android.view.inputmethod;

		import static com.google.common.truth.Truth.assertThat;
		import static com.google.common.truth.Truth.assertWithMessage;

		import static org.junit.Assert.assertEquals;

		import android.os.BadParcelableException;
		import android.os.Parcel;
		import android.platform.test.annotations.Presubmit;
		import android.view.inputmethod.InputMethodSubtype.InputMethodSubtypeBuilder;

		import androidx.test.filters.SmallTest;
		@@ -31,6 +36,7 @@ import java.util.ArrayList;

		@SmallTest
		@RunWith(AndroidJUnit4.class)
		@Presubmit
		public class InputMethodSubtypeArrayTest {

		@Test
		@@ -59,6 +65,36 @@ public class InputMethodSubtypeArrayTest {
		assertEquals(clonedArray.get(2), clonedClonedArray.get(2));
		}

		@Test
		public void testNegativeCount() throws Exception {
		InputMethodSubtypeArray negativeCountArray;
		try {
		// Construct a InputMethodSubtypeArray with: mCount = -1
		Parcel p = Parcel.obtain();
		p.writeInt(-1);
		p.setDataPosition(0);
		negativeCountArray = new InputMethodSubtypeArray(p);
		} catch (BadParcelableException e) {
		// Expected with fix: Prevent negative mCount
		assertThat(e).hasMessageThat().contains("mCount");
		return;
		}
		assertWithMessage("Test set-up failed")
		.that(negativeCountArray.getCount()).isEqualTo(-1);

		Parcel p = Parcel.obtain();
		// Writes: int (mCount), int (mDecompressedSize), byte[] (mCompressedData)
		negativeCountArray.writeToParcel(p);
		p.setDataPosition(0);
		// Reads: int (mCount)
		// Leaves: int (mDecompressedSize), byte[] (mCompressedData)
		new InputMethodSubtypeArray(p);

		assertWithMessage("Didn't read all data that was previously written")
		.that(p.dataPosition())
		.isEqualTo(p.dataSize());
		}

		InputMethodSubtypeArray cloneViaParcel(final InputMethodSubtypeArray original) {
		Parcel parcel = null;
		try {

packages/SystemUI/src/com/android/systemui/media/MediaProjectionPermissionActivity.java

+2 −2

Original line number	Diff line number	Diff line
		@@ -62,11 +62,11 @@ public class MediaProjectionPermissionActivity extends Activity
		public void onCreate(Bundle icicle) {
		super.onCreate(icicle);

		mPackageName = getCallingPackage();
		mPackageName = getLaunchedFromPackage();
		IBinder b = ServiceManager.getService(MEDIA_PROJECTION_SERVICE);
		mService = IMediaProjectionManager.Stub.asInterface(b);

		if (mPackageName == null) {
		if (getCallingPackage() == null) {
		finish();
		return;
		}