Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit fc090ed4 authored by Ajay Panicker's avatar Ajay Panicker Committed by MSe
Browse files

Prevent OPP from opening files that aren't sent over Bluetooth 

Before this patch an app could send an open intent to
BluetoothOppTransferService using a fake content provider to gain external
read and write access. We fix this by checking the Uri of the file before
opening it to see if it originated from the Bluetooth Share content provider.
We also stop graning write access to apps that we use to view the file.

Bug: 35385327
Test: PoC found in bug
AOSP-Change-Id: Iad85490a0306b3e70767285393b204be22b11511
(cherry picked from commit f20350af)

CVE-2017-0645

Change-Id: Ifab44ac73191fb8d9d9265390541ed32118f49df
parent 7d99b2d1
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment