Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Ignore GrantCredentials call with unexpected calling uid.

Browse Source 
Activity can be used only in two cases.
1) Calling uid matches uid grantee.
2) Calling uid is is system. This flow is used by getToken methods with
notifyAuthFailure=true.

Test: Existing CTS tests
Bug: 158480899
Merged-In: I983fa
Change-Id: I8da362df269decd7c3930a2387f42e09796e732f
This commit is contained in:
Dmitry Dementyev
2020-10-28 12:23:14 -07:00
parent e8551a88f6
commit 88787b77a0
1 changed files with 28 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
core/java/android/accounts/GrantCredentialsPermissionActivity.java
View File

@@ -16,16 +16,23 @@
package android.accounts;
import android.app.Activity;
import android.content.res.Resources;
import android.os.Bundle;
import android.widget.TextView;
import android.widget.LinearLayout;
import android.view.View;
import android.view.LayoutInflater;
import android.app.ActivityManager;
import android.content.Context;
import android.content.Intent;
import android.content.pm.PackageManager;
import android.content.res.Resources;
import android.os.Bundle;
import android.os.IBinder;
import android.os.Process;
import android.os.RemoteException;
import android.os.UserHandle;
import android.text.TextUtils;
import android.util.Log;
import android.view.LayoutInflater;
import android.view.View;
import android.widget.LinearLayout;
import android.widget.TextView;
import com.android.internal.R;
import java.io.IOException;
@@ -42,6 +49,7 @@ public class GrantCredentialsPermissionActivity extends Activity implements View
private Account mAccount;
private String mAuthTokenType;
private int mUid;
private int mCallingUid;
private Bundle mResultBundle = null;
protected LayoutInflater mInflater;
@@ -74,6 +82,20 @@ public class GrantCredentialsPermissionActivity extends Activity implements View
return;
}
try {
IBinder activityToken = getActivityToken();
mCallingUid = ActivityManager.getService().getLaunchedFromUid(activityToken);
} catch (RemoteException re) {
// Couldn't figure out caller details
Log.w(getClass().getSimpleName(), "Unable to get caller identity \n" + re);
}
if (!UserHandle.isSameApp(mCallingUid, Process.SYSTEM_UID) && mCallingUid != mUid) {
setResult(Activity.RESULT_CANCELED);
finish();
return;
}
String accountTypeLabel;
try {
accountTypeLabel = getAccountLabel(mAccount);