Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 39d94c1b authored by Yorke Lee's avatar Yorke Lee
Browse files

Enforce CALL_PRIVILEGED check at start of CallActivity 

This prevents third party apps from using the CALL_PRIVILEGED action with
an explicit intent to place emergency phone calls for secondary users.

The original component check did not work for secondary users because the
component name was being clobbered and replaced with the CallReceiver's
component name.

Also make sure to start the system dialer as the UserHandle.CURRENT instead of
UserHandle.OWNER so that it shows up if the user is not the primary user.

Bug: 17920957
Change-Id: Ie2aba734205361bf780f1c81ae2709da4162d4f5
parent fae0efd9

src/com/android/server/telecom/CallActivity.java

+12 −0
Original line number Diff line number Diff line
@@ -78,6 +78,7 @@ public class CallActivity extends Activity { 
            return;

        }



        verifyCallAction(intent);

        String action = intent.getAction();



        if (Intent.ACTION_CALL.equals(action) ||
@@ -89,6 +90,17 @@ public class CallActivity extends Activity { 
        }

    }



    private void verifyCallAction(Intent intent) {

        if (CallActivity.class.getName().equals(intent.getComponent().getClassName())) {

            // If we were launched directly from the CallActivity, not one of its more privileged

            // aliases, then make sure that only the non-privileged actions are allowed.

            if (!Intent.ACTION_CALL.equals(intent.getAction())) {

                Log.w(this, "Attempt to deliver non-CALL action; forcing to CALL");

                intent.setAction(Intent.ACTION_CALL);

            }

        }

    }



    private void processOutgoingCallIntent(Intent intent) {

        Uri handle = intent.getData();

        String scheme = handle.getScheme();

src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java

+1 −10
Original line number Diff line number Diff line
@@ -361,7 +361,7 @@ class NewOutgoingCallIntentBroadcaster { 
        systemDialerIntent.setData(handle);

        systemDialerIntent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK);

        Log.v(this, "calling startActivity for default dialer: %s", systemDialerIntent);

        mContext.startActivity(systemDialerIntent);

        mContext.startActivityAsUser(systemDialerIntent, UserHandle.CURRENT);

    }



    /**
@@ -393,15 +393,6 @@ class NewOutgoingCallIntentBroadcaster { 
     * number.

     */

    private void rewriteCallIntentAction(Intent intent, boolean isPotentialEmergencyNumber) {

        if (CallActivity.class.getName().equals(intent.getComponent().getClassName())) {

            // If we were launched directly from the CallActivity, not one of its more privileged

            // aliases, then make sure that only the non-privileged actions are allowed.

            if (!Intent.ACTION_CALL.equals(intent.getAction())) {

                Log.w(this, "Attempt to deliver non-CALL action; forcing to CALL");

                intent.setAction(Intent.ACTION_CALL);

            }

        }



        String action = intent.getAction();



        /* Change CALL_PRIVILEGED into CALL or CALL_EMERGENCY as needed. */