Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Unverified Commit 4199ffb1 authored by Brian Delwiche's avatar Brian Delwiche Committed by Kevin F. Haggerty
Browse files

Fix permission bypasses to multiple methods 

Researcher reports that some BT calls across Binder are validating only
BT's own permissions and not the calling app's permissions.  On
investigation this seems to be due to a missing null check in several BT
permissions checks, which allows a malicious app to pass in a null
AttributionSource and therefore produce a stub AttributionSource chain
which does not properly check for the caller's permissions.

Add null checks.

Bug: 242996380
Test: atest UtilsTest
Test: researcher POC
Tag: #security
Ignore-AOSP-First: Security
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:244e4734d1ed316e8725b0f33e18d8eb709554f1)
Merged-In: I57d80cfa07bd6d3fd410a01764b3db2db9b41b81
Change-Id: I57d80cfa07bd6d3fd410a01764b3db2db9b41b81
parent 9639ba8f
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment