Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d1ce82ae authored by Rubin Xu's avatar Rubin Xu
Browse files

Defensively load untrusted icons from account authenticator 

Catch Resources.NotFoundException which should cover all parsing
errors from loadDrawables(); also substitute a default icon if
parsing returns null.

Bug: 17760671
Change-Id: Ia0ec25e34974ed85b6ffe6882d5bce003d64e9d6
parent b777c6e2

src/com/android/settings/MasterClear.java

+7 −4
Original line number Diff line number Diff line
@@ -234,15 +234,18 @@ public class MasterClear extends InstrumentedFragment { 
                                authContext.getDrawable(desc.iconId), userHandle);

                    }

                } catch (PackageManager.NameNotFoundException e) {

                    Log.w(TAG, "No icon for account type " + desc.type);

                    Log.w(TAG, "Bad package name for account type " + desc.type);

                } catch (Resources.NotFoundException e) {

                    Log.w(TAG, "Invalid icon id for account type " + desc.type, e);

                }

                if (icon == null) {

                    icon = context.getPackageManager().getDefaultActivityIcon();

                }



                TextView child = (TextView)inflater.inflate(R.layout.master_clear_account,

                        contents, false);

                child.setText(account.name);

                if (icon != null) {

                child.setCompoundDrawablesWithIntrinsicBounds(icon, null, null, null);

                }

                contents.addView(child);

            }

        }

src/com/android/settings/accounts/AuthenticatorHelper.java

+2 −1
Original line number Diff line number Diff line
@@ -96,7 +96,8 @@ final public class AuthenticatorHelper extends BroadcastReceiver { 
    /**

     * Gets an icon associated with a particular account type. If none found, return null.

     * @param accountType the type of account

     * @return a drawable for the icon or null if one cannot be found.

     * @return a drawable for the icon or a default icon returned by

     * {@link PackageManager#getDefaultActivityIcon} if one cannot be found.

     */

    public Drawable getDrawableForType(Context context, final String accountType) {

        Drawable icon = null;

src/com/android/settings/accounts/ChooseAccountActivity.java

+7 −4
Original line number Diff line number Diff line
@@ -214,7 +214,8 @@ public class ChooseAccountActivity extends InstrumentedPreferenceActivity { 
    /**

     * Gets an icon associated with a particular account type. If none found, return null.

     * @param accountType the type of account

     * @return a drawable for the icon or null if one cannot be found.

     * @return a drawable for the icon or a default icon returned by

     * {@link PackageManager#getDefaultActivityIcon} if one cannot be found.

     */

    protected Drawable getDrawableForType(final String accountType) {

        Drawable icon = null;
@@ -225,14 +226,16 @@ public class ChooseAccountActivity extends InstrumentedPreferenceActivity { 
                icon = getPackageManager().getUserBadgedIcon(

                        authContext.getDrawable(desc.iconId), mUserHandle);

            } catch (PackageManager.NameNotFoundException e) {

                // TODO: place holder icon for missing account icons?

                Log.w(TAG, "No icon name for account type " + accountType);

            } catch (Resources.NotFoundException e) {

                // TODO: place holder icon for missing account icons?

                Log.w(TAG, "No icon resource for account type " + accountType);

            }

        }

        if (icon != null) {

            return icon;

        } else {

            return getPackageManager().getDefaultActivityIcon();

        }

    }



    /**