This project is mirrored from https://github.com/LineageOS/android_frameworks_base.git. Updated .
  1. 15 Nov, 2018 1 commit
  2. 04 Nov, 2018 1 commit
  3. 31 Oct, 2018 1 commit
  4. 30 Oct, 2018 1 commit
  5. 24 Oct, 2018 1 commit
  6. 13 Oct, 2018 1 commit
  7. 11 Sep, 2018 1 commit
    • Michael Wachenschwanz's avatar
      Verify number of Map entries written to Parcel · 117ca495
      Michael Wachenschwanz authored
      Make sure the number of entries written by Parcel#writeMapInternal
      matches the size written. If a mismatch were allowed, an exploitable
      scenario could occur where the data read from the Parcel would not
      match the data written.
      
      Fixes: 112859604
      Test: cts-tradefed run cts -m CtsOsTestCases -t android.os.cts.ParcelTest
      
      Change-Id: I325d08a8b66b6e80fe76501359c41b6656848607
      Merged-In: I325d08a8b66b6e80fe76501359c41b6656848607
      (cherry picked from commit 057a01d1)
      117ca495
  8. 16 Aug, 2018 5 commits
    • Michael Bestas's avatar
      Automatic translation import · 3eb510cf
      Michael Bestas authored
      Change-Id: I70bf5793e485dfcad44f1c7bbedf8c9f1d19105b
      3eb510cf
    • Seigo Nonaka's avatar
      Fix crash during cursor moving on BiDi text · 6033d76b
      Seigo Nonaka authored
      The crash was introduced by Ib66ef392c19c937718e7101f6d48fac3abe51ad0
      The root cause of the crashing is requesting out-of-line access for the
      horizontal width. This invalid access is silently ignored by
      TextLine#measure() method but new implementation end up with out of
      bounds access.
      
      To makes behavior as old implementation, calling getHorizontal instead
      of accessing measured result array.
      
      Bug: 78464361, 111580019
      Test: Manually done
      Change-Id: I5c5778718f6b397adbb1e4f2cf95e9f635f6e5c8
      (cherry picked from commit 960647d5)
      Merged-In: I5c5778718f6b397adbb1e4f2cf95e9f635f6e5c8
      (cherry picked from commit d30c55e3)
      6033d76b
    • Jeff Sharkey's avatar
      DO NOT MERGE. Extend SQLiteQueryBuilder for update and delete. · 136692bd
      Jeff Sharkey authored
      Developers often accept selection clauses from untrusted code, and
      SQLiteQueryBuilder already supports a "strict" mode to help catch
      SQL injection attacks.  This change extends the builder to support
      update() and delete() calls, so that we can help secure those
      selection clauses too.
      
      Bug: 111085900
      Test: atest packages/providers/DownloadProvider/tests/
      Test: atest cts/tests/app/src/android/app/cts/DownloadManagerTest.java
      Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java
      Change-Id: Ib4fc8400f184755ee7e971ab5f2095186341730c
      Merged-In: Ib4fc8400f184755ee7e971ab5f2095186341730c
      (cherry picked from commit 09d49531)
      136692bd
    • Jeff Sharkey's avatar
      DO NOT MERGE. Execute "strict" queries with extra parentheses. · 1a161653
      Jeff Sharkey authored
      SQLiteQueryBuilder has a setStrict() mode which can be used to
      detect SQL attacks from untrusted sources, which it does by running
      each query twice: once with an extra set of parentheses, and if that
      succeeds, it runs the original query verbatim.
      
      This sadly doesn't catch inputs of the type "1=1) OR (1=1", which
      creates valid statements for both tests above, but the final executed
      query ends up leaking data due to SQLite operator precedence.
      
      Instead, we need to continue compiling both variants, but we need
      to execute the query with the additional parentheses to ensure
      data won't be leaked.
      
      Test: atest cts/tests/tests/database/src/android/database/sqlite/cts/SQLiteQueryBuilderTest.java
      Bug: 111085900
      Change-Id: I6e8746fa48f9de13adae37d2990de11c9c585381
      Merged-In: I6e8746fa48f9de13adae37d2990de11c9c585381
      (cherry picked from commit 5a55a72f)
      1a161653
    • Mihai Popa's avatar
      Optimise the hit test algorithm · 89be24c6
      Mihai Popa authored
      Layout#getOffsetForHorizontal was running in O(n^2) time, where n is the
      length of the current line. The method is used when a touch event
      happens on a text line, to compute the cursor offset (and the character)
      where it happened. Although this is not an issue in common usecases,
      where the number of characters on a line is relatively small, this can
      be very inefficient as a consequence of Unicode containing 0-width
      (invisible) characters. Specifically, there are characters defining the
      text direction (LTR or RTL), which cause our algorithm to touch the
      worst case quadratic runtime. For example, a person is able to send a
      message containing a few visible characters, and also a lot of these
      direction changing invisible ones. When the receiver touches the message
      (causing the Layout#getOffsetForHorizontal method to be called), the
      receiver's application would become not responsive.
      
      This CL optimizes the method to run in O(n) worst case. This is achieved
      by computing the measurements of all line prefixes at first, which can
      be done in a single pass. Then, all the prefix measurement queries will
      be answered in O(1), rather than O(n) as it was happening before.
      
      Bug: 79215201
      Test: manual testing
      Change-Id: Ib66ef392c19c937718e7101f6d48fac3abe51ad0
      Merged-In: Ib66ef392c19c937718e7101f6d48fac3abe51ad0
      (cherry picked from commit 69b589b2)
      89be24c6
  9. 10 Aug, 2018 12 commits
    • Arthur Ishiguro's avatar
      Resolve inconsistent parcel read in NanoAppFilter · eabaff1c
      Arthur Ishiguro authored
      Bug: 77599679
      Test: Compile only
      Change-Id: Ib417a5cb4d51744442d2fb14437cabbe5fd1c266
      (cherry picked from commit abe5a73a)
      eabaff1c
    • Todd Kennedy's avatar
      Make safe label more safe · d0c09ae7
      Todd Kennedy authored
      * limit the absolute maximum size of the label to 50000 characters
      [which is probably far more than necessary, but, can be dialed down]
      
      * use a string buffer while processing the string [instead of creating
      multiple string objects]
      
      Bug: 62537081
      Test: Manual. Install APK in bug and see that it can be uninstalled
      Change-Id: Ibf63c2691ad7438a123e92110d95b1f50050f8b1
      Merged-In: Ibf63c2691ad7438a123e92110d95b1f50050f8b1
      (cherry picked from commit 2263da95)
      d0c09ae7
    • Adrian Roos's avatar
      WM: Prevent secondary display focus while keyguard is up · 03af9f28
      Adrian Roos authored
      Fixes an issue where input intended for the keyguard could end up going
      to a different display.
      
      To prevent this, make sure that only the default display can get focused
      when the keyguard is showing.
      
      Change-Id: I6463c44aedca06930d2c9bda7c45ffd93141308c
      Merged-In: I6463c44aedca06930d2c9bda7c45ffd93141308c
      Fixes: 71786287
      Test: atest DisplayContentTests
      (cherry picked from commit 3cd5e3d9)
      03af9f28
    • Benedict Wong's avatar
      DO NOT MERGE: Fix ConnectivityController meteredness checks · 007288b7
      Benedict Wong authored
      This patch corrects ConnectivityController's meteredness checks to
      perform correct meteredness checks while VPNs are running. This fixes a
      bug in O-MR1 where any apps using the DownloadProvider with unmetered
      network constraints fail to start while the VPN is enabled.
      
      This change adds a bespoke method for ConnectivityController, allowing
      it to correctly identify the meteredness without affecting public API
      surfaces.
      
      Bug: 78644887
      Test: Built, flashed on Walleye, and tested.
      Test: Additional test coverage in subsequent patch(es).
      Change-Id: Ie1d11d93d51d936ce81cd5984af61bde30325983
      (cherry picked from commit d08ab5a6)
      007288b7
    • Eugene Susla's avatar
      Nullcheck to fix Autofill CTS · 275d49fd
      Eugene Susla authored
      Test: presubmit
      Fixes: 70506475
      Bug: 69981755
      Change-Id: I187bed4889a4901a7137a2995178ea651ed09186
      (cherry picked from commit 6c68a692)
      275d49fd
    • Hansong Zhang's avatar
      DO NOT MERGE Truncate newline and tab characters in BluetoothDevice name · 9214edb6
      Hansong Zhang authored
      Test: manual
      Bug: 73173182
      Change-Id: I7f2201cab36adf7f01d1a794d783cb78a536811f
      (cherry picked from commit 24da173b)
      9214edb6
    • akirilov's avatar
      RESTRICT AUTOMERGE: Prevent reporting fake package name - framework (backport to oc-mr1-dev) · 0da68f30
      akirilov authored
      Test: added AccessibilityEndToEndTest#testPackageNameCannotBeFaked
            cts-tradefed run cts -m CtsAccessibilityServiceTestCases
            cts-tradefed run cts -m CtsAccessibilityTestCases
      
      Bug: 69981755
      Change-Id: If3752e106aa7fdee4645dc9852289af471ceff18
      Merged-In: I13304efbee10d1affa087e9c8bc4ec237643283e
      (cherry picked from commit c36db6d4)
      0da68f30
    • Fyodor Kupolov's avatar
      Use concrete CREATOR instance for parceling lists · c1db43a6
      Fyodor Kupolov authored
      Replaced readTypedArrayList/writeTypedArrayList with
      writeTypedList/createTypedArrayList(CREATOR)
      
      Bug: 71508348
      Test: CtsAutoFillServiceTestCases pass
      Merged-In: I2a8321023b40cc74b7026eb0fb32a9cc5f5543a9
      Change-Id: Id17d02e40a4ae567bf2d74d2ea8ba4d8a943bdb7
      (cherry picked from commit 4921986d)
      c1db43a6
    • Marco Nelissen's avatar
      Rework thumbnail cleanup · 4f2587a2
      Marco Nelissen authored
      Bug: 63766886
      Test: ran CTS tests
      Change-Id: I1f92bb014e275eafe3f42aef1f8c817f187c6608
      (cherry picked from commit 6d2096f3)
      4f2587a2
    • Felipe Leme's avatar
      DO NOT MERGE - fix AFM.getComponentNameFromContext() · fbbc3fb9
      Felipe Leme authored
      This method broke on O-MR1 when I3abf999eb6056c1df7982780bae43b58337c0668
      was chery-picked from master.
      
      Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases \
            -t android.autofillservice.cts.AttachedContextActivityTest#testAutofill
      Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases
      
      Also individually ran tests that failed (due to flakiness) when ran in a suite:
      
      Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases \
      -t android.autofillservice.cts.OptionalSaveActivityTest#testDontShowSaveUiWhenUserManuallyFilled_oneDatasetAllRequiredFields
      
      Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases -t android.autofillservice.cts.PreSimpleSaveActivityTest #testTapLink_tapBack_thenStartOverBySayingYesAndManualRequest
      
      Fixes: 71960322
      
      Change-Id: Ia093dcefe6699dc9493c46d671e48c2000214b31
      Merged-In: I3abf999eb6056c1df7982780bae43b58337c0668
      (cherry picked from commit b25b4736)
      fbbc3fb9
    • Felipe Leme's avatar
      Proper autofill fix to let phone process autofill Settings activity. · bdfe9722
      Felipe Leme authored
      Test: adb shell am start com.android.settings/.RadioInfo
      Bug: 69981710
      Fixes: 70506888
      
      Change-Id: Id29bad2d20b621f7379eb6144c95dcc819949b3d
      Merged-In: Id29bad2d20b621f7379eb6144c95dcc819949b3d
      (cherry picked from commit 97f16a76db29269619d9a1b45d4cea49026a5b6a)
      (cherry picked from commit 92b5d278)
      bdfe9722
    • Felipe Leme's avatar
      Make sure apps cannot forge package name on AssistStructure used for Autofill. · 9e403fa0
      Felipe Leme authored
      Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases -t android.autofillservice.cts.VirtualContainerActivityTest#testAppCannotFakePackageName
      Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases
      
      Bug: 69981710
      
      Change-Id: Id6036cddb51dd8dd0c9128b7212d573f630d693f
      Merged-In: Id6036cddb51dd8dd0c9128b7212d573f630d693f
      (cherry picked from commit 23e61a90)
      9e403fa0
  10. 06 Aug, 2018 1 commit
  11. 02 Aug, 2018 1 commit
    • Rashed Abdel-Tawab's avatar
      camera: Check if aux camera whitelist is set before restricting cameras · 40c1fa96
      Rashed Abdel-Tawab authored
      Some devices have a fully featured 3rd camera and adding 20+ camera apps
      to the whitelist is impossible due to the string length limit on
      systemprops. Add a check to see if the prop is even set, and if not,
      check if the blacklist property is set and mark those apps to hide the
      3rd camera from. If a package is not part of the blacklist, just restore
      the original behaviour and expose all the cameras to the app.
      
      Change-Id: I6c3b33c077e8710c73b5d0fa28e1b017d6c43a58
      40c1fa96
  12. 20 Jul, 2018 11 commits
    • Todd Kennedy's avatar
      Make safe label more safe · b3d874c9
      Todd Kennedy authored
      * limit the absolute maximum size of the label to 50000 characters
      [which is probably far more than necessary, but, can be dialed down]
      
      * use a string buffer while processing the string [instead of creating
      multiple string objects]
      
      Bug: 62537081
      Test: Manual. Install APK in bug and see that it can be uninstalled
      Change-Id: Ibf63c2691ad7438a123e92110d95b1f50050f8b1
      Merged-In: Ibf63c2691ad7438a123e92110d95b1f50050f8b1
      (cherry picked from commit 2263da95)
      b3d874c9
    • Adrian Roos's avatar
      WM: Prevent secondary display focus while keyguard is up · 196e5cf2
      Adrian Roos authored
      Fixes an issue where input intended for the keyguard could end up going
      to a different display.
      
      To prevent this, make sure that only the default display can get focused
      when the keyguard is showing.
      
      Change-Id: I6463c44aedca06930d2c9bda7c45ffd93141308c
      Merged-In: I6463c44aedca06930d2c9bda7c45ffd93141308c
      Fixes: 71786287
      Test: atest DisplayContentTests
      (cherry picked from commit 3cd5e3d9)
      196e5cf2
    • Benedict Wong's avatar
      DO NOT MERGE: Fix ConnectivityController meteredness checks · dcdeaf8b
      Benedict Wong authored
      This patch corrects ConnectivityController's meteredness checks to
      perform correct meteredness checks while VPNs are running. This fixes a
      bug in O-MR1 where any apps using the DownloadProvider with unmetered
      network constraints fail to start while the VPN is enabled.
      
      This change adds a bespoke method for ConnectivityController, allowing
      it to correctly identify the meteredness without affecting public API
      surfaces.
      
      Bug: 78644887
      Test: Built, flashed on Walleye, and tested.
      Test: Additional test coverage in subsequent patch(es).
      Change-Id: Ie1d11d93d51d936ce81cd5984af61bde30325983
      (cherry picked from commit d08ab5a6)
      dcdeaf8b
    • Eugene Susla's avatar
      Nullcheck to fix Autofill CTS · 65e567a3
      Eugene Susla authored
      Test: presubmit
      Fixes: 70506475
      Bug: 69981755
      Change-Id: I187bed4889a4901a7137a2995178ea651ed09186
      (cherry picked from commit 6c68a692)
      65e567a3
    • Hansong Zhang's avatar
      DO NOT MERGE Truncate newline and tab characters in BluetoothDevice name · d60d1869
      Hansong Zhang authored
      Test: manual
      Bug: 73173182
      Change-Id: I7f2201cab36adf7f01d1a794d783cb78a536811f
      (cherry picked from commit 24da173b)
      d60d1869
    • akirilov's avatar
      RESTRICT AUTOMERGE: Prevent reporting fake package name - framework (backport to oc-mr1-dev) · 774d6ea7
      akirilov authored
      Test: added AccessibilityEndToEndTest#testPackageNameCannotBeFaked
            cts-tradefed run cts -m CtsAccessibilityServiceTestCases
            cts-tradefed run cts -m CtsAccessibilityTestCases
      
      Bug: 69981755
      Change-Id: If3752e106aa7fdee4645dc9852289af471ceff18
      Merged-In: I13304efbee10d1affa087e9c8bc4ec237643283e
      (cherry picked from commit c36db6d4)
      774d6ea7
    • Fyodor Kupolov's avatar
      Use concrete CREATOR instance for parceling lists · 133ec0e4
      Fyodor Kupolov authored
      Replaced readTypedArrayList/writeTypedArrayList with
      writeTypedList/createTypedArrayList(CREATOR)
      
      Bug: 71508348
      Test: CtsAutoFillServiceTestCases pass
      Merged-In: I2a8321023b40cc74b7026eb0fb32a9cc5f5543a9
      Change-Id: Id17d02e40a4ae567bf2d74d2ea8ba4d8a943bdb7
      (cherry picked from commit 4921986d)
      133ec0e4
    • Marco Nelissen's avatar
      Rework thumbnail cleanup · 49690f8a
      Marco Nelissen authored
      Bug: 63766886
      Test: ran CTS tests
      Change-Id: I1f92bb014e275eafe3f42aef1f8c817f187c6608
      (cherry picked from commit 6d2096f3)
      49690f8a
    • Felipe Leme's avatar
      DO NOT MERGE - fix AFM.getComponentNameFromContext() · 14029e40
      Felipe Leme authored
      This method broke on O-MR1 when I3abf999eb6056c1df7982780bae43b58337c0668
      was chery-picked from master.
      
      Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases \
            -t android.autofillservice.cts.AttachedContextActivityTest#testAutofill
      Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases
      
      Also individually ran tests that failed (due to flakiness) when ran in a suite:
      
      Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases \
      -t android.autofillservice.cts.OptionalSaveActivityTest#testDontShowSaveUiWhenUserManuallyFilled_oneDatasetAllRequiredFields
      
      Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases -t android.autofillservice.cts.PreSimpleSaveActivityTest #testTapLink_tapBack_thenStartOverBySayingYesAndManualRequest
      
      Fixes: 71960322
      
      Change-Id: Ia093dcefe6699dc9493c46d671e48c2000214b31
      Merged-In: I3abf999eb6056c1df7982780bae43b58337c0668
      (cherry picked from commit b25b4736)
      14029e40
    • Felipe Leme's avatar
      Proper autofill fix to let phone process autofill Settings activity. · 21765ed6
      Felipe Leme authored
      Test: adb shell am start com.android.settings/.RadioInfo
      Bug: 69981710
      Fixes: 70506888
      
      Change-Id: Id29bad2d20b621f7379eb6144c95dcc819949b3d
      Merged-In: Id29bad2d20b621f7379eb6144c95dcc819949b3d
      (cherry picked from commit 97f16a76db29269619d9a1b45d4cea49026a5b6a)
      (cherry picked from commit 92b5d278)
      21765ed6
    • Felipe Leme's avatar
      Make sure apps cannot forge package name on AssistStructure used for Autofill. · 3f89a390
      Felipe Leme authored
      Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases -t android.autofillservice.cts.VirtualContainerActivityTest#testAppCannotFakePackageName
      Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases
      
      Bug: 69981710
      
      Change-Id: Id6036cddb51dd8dd0c9128b7212d573f630d693f
      Merged-In: Id6036cddb51dd8dd0c9128b7212d573f630d693f
      (cherry picked from commit 23e61a90)
      3f89a390
  13. 10 Jul, 2018 1 commit
  14. 09 Jul, 2018 1 commit
  15. 03 Jul, 2018 1 commit