Validate input for ContentService#setIsSyncable

am: 96b9c75cec Change-Id: Ib39782e880a528be297d673134d7609e68ed313d
2016-10-19 00:42:53 +00:00
parent 6fe03a8529 96b9c75cec
commit ba7bd1fe06
2 changed files with 19 additions and 3 deletions
--- a/services/core/java/com/android/server/content/ContentService.java
+++ b/services/core/java/com/android/server/content/ContentService.java
@@ -838,7 +838,7 @@ public final class ContentService extends IContentService.Stub {
            SyncManager syncManager = getSyncManager();
            if (syncManager != null) {
                return syncManager.computeSyncable(
-                        account, userId, providerName);
+                        account, userId, providerName, false);
            }
        } finally {
            restoreCallingIdentity(identityToken);
@@ -854,6 +854,8 @@ public final class ContentService extends IContentService.Stub {
        mContext.enforceCallingOrSelfPermission(Manifest.permission.WRITE_SYNC_SETTINGS,
                "no permission to write the sync settings");

+        syncable = normalizeSyncable(syncable);
+
        int userId = UserHandle.getCallingUserId();
        long identityToken = clearCallingIdentity();
        try {
@@ -1156,6 +1158,15 @@ public final class ContentService extends IContentService.Stub {
        }
    }

+    private static int normalizeSyncable(int syncable) {
+        if (syncable > 0) {
+            return SyncStorageEngine.AuthorityInfo.SYNCABLE;
+        } else if (syncable == 0) {
+            return SyncStorageEngine.AuthorityInfo.NOT_SYNCABLE;
+        }
+        return SyncStorageEngine.AuthorityInfo.UNDEFINED;
+    }
+
    /**
     * Hide this class since it is not part of api,
     * but current unittest framework requires it to be public
--- a/services/core/java/com/android/server/content/SyncManager.java
+++ b/services/core/java/com/android/server/content/SyncManager.java
@@ -1001,7 +1001,12 @@ public class SyncManager {
        }
    }

-    public int computeSyncable(Account account, int userId, String authority) {
+    private int computeSyncable(Account account, int userId, String authority) {
+        return computeSyncable(account, userId, authority, true);
+    }
+
+    public int computeSyncable(Account account, int userId, String authority,
+            boolean checkAccountAccess) {
        final int status = getIsSyncable(account, userId, authority);
        if (status == AuthorityInfo.NOT_SYNCABLE) {
            return AuthorityInfo.NOT_SYNCABLE;
@@ -1025,7 +1030,7 @@ public class SyncManager {
        } catch (RemoteException e) {
            /* ignore - local call */
        }
-        if (!canAccessAccount(account, owningPackage, owningUid)) {
+        if (checkAccountAccess && !canAccessAccount(account, owningPackage, owningUid)) {
            Log.w(TAG, "Access to " + account + " denied for package "
                    + owningPackage + " in UID " + syncAdapterInfo.uid);
            return AuthorityInfo.SYNCABLE_NO_ACCOUNT_ACCESS;