Commit 9d97cd58 authored Jun 11, 2024 by Pranav Madapurmath

Unbind CallScreeningService when timeout reached.

In a vulnerability, the exploiter showed that an app which implements a
service with role holding ROLE_CALL_SCREENING can be used to keep a
service alive. The assumption is that the CallScreeningService class
uses MSG_SCREEN_CALL to screen the call and results in the service being
unbound for outgoing calls once screening completes. However, a vanilla
service which holds the ROLE_CALL_SCREENING role can still be used as
the default call screening app which keeps the service alive.

This CL ensures that after the timeout is reached that we try to unbind
the service if possible.

Bug: 300904123
Test: Manual test to verify that onDestroy is called for the service
after the timeout is reached.

Change-Id: I30d276867c571ece113106d3b363fce99d64f441

parent dc161b66

Show whitespace changes

Inline Side-by-side

/e/ robot @erobot
mentioned in commit 32ca481e
· Sep 13, 2024

mentioned in commit 32ca481e

mentioned in commit 32ca481ed405bf8dfeb833a8a3507da8c5bc686d

Toggle commit list
/e/ robot @erobot
mentioned in commit 5b687d9d
· Oct 11, 2024

mentioned in commit 5b687d9d

mentioned in commit 5b687d9dee810ee2c5d5a5bef15ae31293946dc4

Toggle commit list
/e/ robot @erobot
mentioned in commit aaf5ff09
· Feb 15, 2025

mentioned in commit aaf5ff09

mentioned in commit aaf5ff09323caeeda9c3326c4076d0fd861851bd

Toggle commit list
/e/ robot @erobot
mentioned in commit eeef54b3
· Feb 15, 2025

mentioned in commit eeef54b3

mentioned in commit eeef54b37a362f506ea3aa155baddc545b6a909a

Toggle commit list

Please register or to comment