Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit aa909191 authored by ykhung's avatar ykhung Committed by YUKAI HUNG
Browse files

[Security] resolve CRLF attack on RequestIgnoreBatteryOptimizations 

1. refer the proposed solution in the b/198783395
2. similar concept is applied in the https://source.corp.google.com/sc-dev/packages/modules/Permission/PermissionController/src/com/android/permissioncontroller/permission/model/legacy/PermissionGroups.java;l=118

Bug: 198783395
Test: make SettingsRoboTests
Change-Id: I838825e31b98e62d2683995e59dbf4388f5684fc
parent 9de5fe15

src/com/android/settings/fuelgauge/RequestIgnoreBatteryOptimizations.java

+5 −1
Original line number Diff line number Diff line
@@ -19,6 +19,7 @@ package com.android.settings.fuelgauge; 
import android.Manifest;

import android.content.DialogInterface;

import android.content.pm.ApplicationInfo;

import android.content.pm.PackageItemInfo;

import android.content.pm.PackageManager;

import android.net.Uri;

import android.os.Bundle;
@@ -85,8 +86,11 @@ public class RequestIgnoreBatteryOptimizations extends AlertActivity implements 
        }



        final AlertController.AlertParams p = mAlertParams;

        final CharSequence appLabel = ai.loadSafeLabel(getPackageManager(),

                PackageItemInfo.DEFAULT_MAX_LABEL_SIZE_PX, PackageItemInfo.SAFE_LABEL_FLAG_TRIM

                        | PackageItemInfo.SAFE_LABEL_FLAG_FIRST_LINE);

        p.mTitle = getText(R.string.high_power_prompt_title);

        p.mMessage = getString(R.string.high_power_prompt_body, ai.loadLabel(getPackageManager()));

        p.mMessage = getString(R.string.high_power_prompt_body, appLabel);

        p.mPositiveButtonText = getText(R.string.allow);

        p.mNegativeButtonText = getText(R.string.deny);

        p.mPositiveButtonListener = this;