Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 23513295 authored by Ajay Panicker's avatar Ajay Panicker
Browse files

Prevent OPP from opening files that aren't sent over Bluetooth 

Before this patch an app could send an open intent to
BluetoothOppTransferService using a fake content provider to gain external
read and write access. We fix this by checking the Uri of the file before
opening it to see if it originated from the Bluetooth Share content provider.
We also stop graning write access to apps that we use to view the file.

Bug: 35385327
Test: PoC found in bug
Change-Id: Iad85490a0306b3e70767285393b204be22b11511
parent 8b498077
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment