Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d61dd553 authored by Taran Singh's avatar Taran Singh Committed by Nishith Khanna
Browse files

Validate IME metadata before parsing 

Malicious IMEs can load an extremely large metaData for inputmethod xml
which can lead to IMMS running out of memory while contructing
InputMethodInfo.
this change limits the size of metadata xml to 200KBs and would throw
XmlPullParserException for xmls larger than that.

Bug: 416259832
Test: Manually using steps in the bug
Flag: EXEMPT bug_fix
(cherry picked from commit 5e31d9c0)
Cherrypick-From: https://googleplex-android-review.googlesource.com/q/commit:b417c7c9102e5510da35dbfc771eab3fe1dc670d
Merged-In: Ic90e1bd6615f5954577ed29c3daf7b44596fb137
Change-Id: Ic90e1bd6615f5954577ed29c3daf7b44596fb137
parent 442e69f7
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment