DO NOT MERGE
Fix security vulnerability issue for multi user call redirections. Currently we won't check if the PhoneAccountHandle provided by a CallRedirectionService has multi-user capability or belong to the same user as the current user. Add the check and disconnect the call if this is an unexpected cross-user call redirection. Bug: 235098883 Test: CallsManagerTest, manual test with test app provided in b/235098883. Change-Id: Ia8b9468aa2bb8e3157c227e2617ff6a52e0af119 Merged-In: Ia8b9468aa2bb8e3157c227e2617ff6a52e0af119 (cherry picked from commit f29ab7e1)
Loading
-
mentioned in commit aee1cb43
-
mentioned in commit 8ca828ce
-
mentioned in commit d63c4098
-
mentioned in commit b9d223bd
-
mentioned in commit 12cd0840
-
mentioned in commit 3eaa03b7
-
mentioned in commit de137aa7
-
mentioned in commit 3594ed0d
-
mentioned in commit 8eeb371c
-
mentioned in commit c9ca440c
-
mentioned in commit 0814a6e8
-
mentioned in commit 79978427
Please register or sign in to comment