[security] SubscriptionGroup is exposed to unprivileged callers
SubscriptionInfo.mGroupUUID is not cleared in conditionallyRemoveIdentifiers if the caller only has READ_PHONE_STATE (based on a check to checkReadPhoneState) and not READ_DEVICE_IDENTIFIERS. Bug: 181053462 Test: atest SubscriptionManagerTest Change-Id: Ic2b62523330dc6e2169ad851715c4ab3da3b29cf Merged-In: Ic2b62523330dc6e2169ad851715c4ab3da3b29cf
This commit is contained in:
SongFerngWang
committed by
SongFerng Wang
SongFerng Wang
parent
f357945196
commit
219d284a68
@@ -566,6 +566,13 @@ public class SubscriptionInfo implements Parcelable {
|
|||||||
return mGroupUUID;
|
return mGroupUUID;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @hide
|
||||||
|
*/
|
||||||
|
public void clearGroupUuid() {
|
||||||
|
this.mGroupUUID = null;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @hide
|
* @hide
|
||||||
*/
|
*/
|
||||||
|
|||||||
Reference in New Issue
Block a user