Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit 4a701016 authored by Kevin F. Haggerty's avatar Kevin F. Haggerty
Browse files

Merge tag 'android-security-10.0.0_r54' into staging/lineage-17.1_merge_android-security-10.0.0_r54 

Android Security 10.0.0 Release 54 (7250004)

* tag 'android-security-10.0.0_r54':
  Prevent using invalid result uri during multi user image change
  RESTRICT AUTOMERGE Update String
  RESTRICT AUTOMERGE Fix phishing attacks over Bluetooth due to unclear warning message

Change-Id: I6164bfebdfe9f4907acc8f6c4cea48898b5fea98
parents 5ba751f3 6b8a7999

res/values/strings.xml

+12 −0
Original line number Diff line number Diff line
@@ -11426,4 +11426,16 @@ 
    <!-- Subtext for showing the option of RTT setting. [CHAR LIMIT=NONE] -->

    <string name="rtt_settings_always_visible"></string>













    <!-- Bluetooth message permission alert for notification content [CHAR LIMIT=none] -->













    <string name="bluetooth_message_access_notification_content">Untrusted device wants to access your messages. Tap for details.</string>













    <!-- Bluetooth message permission alert for dialog title [CHAR LIMIT=none] -->













    <string name="bluetooth_message_access_dialog_title">Allow access to messages?</string>













    <!-- Bluetooth message permission alert for dialog content [CHAR LIMIT=none] -->













    <string name="bluetooth_message_access_dialog_content">An untrusted Bluetooth device, <xliff:g id="device_name" example="My device">%1$s</xliff:g>, wants to access your messages.\n\nYou haven\u2019t connected to <xliff:g id="device_name" example="My device">%2$s</xliff:g> before.</string>













    <!-- Bluetooth phonebook permission alert for notification content [CHAR LIMIT=none] -->













    <string name="bluetooth_phonebook_access_notification_content">Untrusted device wants to access your contacts and call log. Tap for details.</string>













    <!-- Bluetooth phonebook permission alert for dialog title [CHAR LIMIT=none] -->













    <string name="bluetooth_phonebook_access_dialog_title">Allow access to contacts and call log?</string>













    <!-- Bluetooth phonebook permission alert for dialog content [CHAR LIMIT=none] -->













    <string name="bluetooth_phonebook_access_dialog_content">An untrusted Bluetooth device, <xliff:g id="device_name" example="My device">%1$s</xliff:g>, wants to access your contacts and call log. This includes data about incoming and outgoing calls.\n\nYou haven\u2019t connected to <xliff:g id="device_name" example="My device">%2$s</xliff:g> before.</string>















</resources>

























src/com/android/settings/bluetooth/BluetoothPermissionActivity.java



+6
−6




























Original line number
Diff line number
Diff line








@@ -99,9 +99,9 @@ public class BluetoothPermissionActivity extends AlertActivity implements













        if (mRequestType == BluetoothDevice.REQUEST_TYPE_PROFILE_CONNECTION) {















            showDialog(getString(R.string.bluetooth_connection_permission_request), mRequestType);















        } else if (mRequestType == BluetoothDevice.REQUEST_TYPE_PHONEBOOK_ACCESS) {













            showDialog(getString(R.string.bluetooth_phonebook_request), mRequestType);













            showDialog(getString(R.string.bluetooth_phonebook_access_dialog_title), mRequestType);















        } else if (mRequestType == BluetoothDevice.REQUEST_TYPE_MESSAGE_ACCESS) {













            showDialog(getString(R.string.bluetooth_map_request), mRequestType);













            showDialog(getString(R.string.bluetooth_message_access_dialog_title), mRequestType);















        } else if (mRequestType == BluetoothDevice.REQUEST_TYPE_SIM_ACCESS) {















            showDialog(getString(R.string.bluetooth_sap_request), mRequestType);















        }










@@ -136,9 +136,9 @@ public class BluetoothPermissionActivity extends AlertActivity implements













            p.mView = createSapDialogView();















            break;















        }













        p.mPositiveButtonText = getString(R.string.yes);













        p.mPositiveButtonText = getString(R.string.allow);















        p.mPositiveButtonListener = this;













        p.mNegativeButtonText = getString(R.string.no);













        p.mNegativeButtonText = getString(R.string.deny);















        p.mNegativeButtonListener = this;















        mOkButton = mAlert.getButton(DialogInterface.BUTTON_POSITIVE);















        setupAlert();










@@ -168,7 +168,7 @@ public class BluetoothPermissionActivity extends AlertActivity implements













        String mRemoteName = Utils.createRemoteName(this, mDevice);















        mView = getLayoutInflater().inflate(R.layout.bluetooth_access, null);















        messageView = (TextView)mView.findViewById(R.id.message);













        messageView.setText(getString(R.string.bluetooth_pb_acceptance_dialog_text,













        messageView.setText(getString(R.string.bluetooth_phonebook_access_dialog_content,















                mRemoteName, mRemoteName));















        return mView;















    }









@@ -177,7 +177,7 @@ public class BluetoothPermissionActivity extends AlertActivity implements













        String mRemoteName = Utils.createRemoteName(this, mDevice);















        mView = getLayoutInflater().inflate(R.layout.bluetooth_access, null);















        messageView = (TextView)mView.findViewById(R.id.message);













        messageView.setText(getString(R.string.bluetooth_map_acceptance_dialog_text,













        messageView.setText(getString(R.string.bluetooth_message_access_dialog_content,















                mRemoteName, mRemoteName));















        return mView;















    }

































src/com/android/settings/bluetooth/BluetoothPermissionRequest.java



+5
−4




























Original line number
Diff line number
Diff line








@@ -140,13 +140,13 @@ public final class BluetoothPermissionRequest extends BroadcastReceiver {













                switch (mRequestType) {















                    case BluetoothDevice.REQUEST_TYPE_PHONEBOOK_ACCESS:















                        title = context.getString(R.string.bluetooth_phonebook_request);













                        message = context.getString(R.string.bluetooth_pb_acceptance_dialog_text,













                                deviceAlias, deviceAlias);













                        message = context.getString(













                                R.string.bluetooth_phonebook_access_notification_content);















                        break;















                    case BluetoothDevice.REQUEST_TYPE_MESSAGE_ACCESS:















                        title = context.getString(R.string.bluetooth_map_request);













                        message = context.getString(R.string.bluetooth_map_acceptance_dialog_text,













                                deviceAlias, deviceAlias);













                        message = context.getString(













                                R.string.bluetooth_message_access_notification_content);















                        break;















                    case BluetoothDevice.REQUEST_TYPE_SIM_ACCESS:















                        title = context.getString(R.string.bluetooth_sap_request);









@@ -172,6 +172,7 @@ public final class BluetoothPermissionRequest extends BroadcastReceiver {













                        .setContentTitle(title)















                        .setTicker(message)















                        .setContentText(message)













                        .setStyle(new Notification.BigTextStyle().bigText(message))















                        .setSmallIcon(android.R.drawable.stat_sys_data_bluetooth)















                        .setAutoCancel(true)















                        .setPriority(Notification.PRIORITY_MAX)

































src/com/android/settings/users/EditUserPhotoController.java



+9
−0




























Original line number
Diff line number
Diff line








@@ -37,6 +37,7 @@ import android.os.UserHandle;













import android.os.UserManager;















import android.provider.ContactsContract.DisplayPhoto;















import android.provider.MediaStore;













import android.util.EventLog;















import android.util.Log;















import android.view.Gravity;















import android.view.View;










@@ -116,6 +117,14 @@ public class EditUserPhotoController {













        }















        final Uri pictureUri = data != null && data.getData() != null















                ? data.getData() : mTakePictureUri;



























        // Check if the result is a content uri













        if (!ContentResolver.SCHEME_CONTENT.equals(pictureUri.getScheme())) {













            Log.e(TAG, "Invalid pictureUri scheme: " + pictureUri.getScheme());













            EventLog.writeEvent(0x534e4554, "172939189", -1, pictureUri.getPath());













            return false;













        }





























        switch (requestCode) {















            case REQUEST_CODE_CROP_PHOTO:















                onPhotoCropped(pictureUri, true);