Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit ed63d97f authored by Brian Delwiche's avatar Brian Delwiche
Browse files

Fix permission bypasses to multiple methods 

Researcher reports that some BT calls across Binder are validating only
BT's own permissions and not the calling app's permissions.  On
investigation this seems to be due to a missing null check in several BT
permissions checks, which allows a malicious app to pass in a null
AttributionSource and therefore produce a stub AttributionSource chain
which does not properly check for the caller's permissions.

Add null checks.

Bug: 242996380
Test: atest UtilsTest
Test: researcher POC
Tag: #security
Ignore-AOSP-First: Security
Merged-In: I76f49fee440726a7c0714385564ddf0e3e8522b5
Merged-In: I9bf6fac218dccc092debe0904e08eb23cc4583c0
Change-Id: I7a11e11257b85dc0752396490abfc79b1c383204
parent b9bcb27e
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment