From b3cd7b51d330caa1f54710741b73a63043515b82 Mon Sep 17 00:00:00 2001 From: "youhei.x.miyoshi" Date: Mon, 12 Dec 2016 21:10:54 +0900 Subject: [PATCH] Disable a phone number log for user build A phone number is privacy data. Therefore, it should be prevented from logging in user build. Test: manual - checked log Bug: 34582911 Change-Id: Id040653dbfd236250e7eb07c9c2e9587ded3d63f --- telecomm/java/android/telecom/Log.java | 10 +++++++++- telephony/java/android/telephony/Rlog.java | 10 +++++++++- .../com/android/internal/telephony/CallerInfo.java | 5 +++-- 3 files changed, 21 insertions(+), 4 deletions(-) diff --git a/telecomm/java/android/telecom/Log.java b/telecomm/java/android/telecom/Log.java index ced6627e8d340..6107895868300 100644 --- a/telecomm/java/android/telecom/Log.java +++ b/telecomm/java/android/telecom/Log.java @@ -19,6 +19,7 @@ package android.telecom; import android.content.Context; import android.net.Uri; import android.os.AsyncTask; +import android.os.Build; import android.telecom.Logging.EventManager; import android.telecom.Logging.Session; import android.telecom.Logging.SessionManager; @@ -55,6 +56,7 @@ public class Log { public static boolean ERROR = isLoggable(android.util.Log.ERROR); private static final boolean FORCE_LOGGING = false; /* STOP SHIP if true */ + private static final boolean USER_BUILD = Build.TYPE.equals("user"); // Used to synchronize singleton logging lazy initialization private static final Object sSingletonSync = new Object(); @@ -404,7 +406,8 @@ public class Log { /** * Redact personally identifiable information for production users. - * If we are running in verbose mode, return the original string, otherwise + * If we are running in verbose mode, return the original string, + * and return "****" if we are running on the user build, otherwise * return a SHA-1 hash of the input string. */ public static String pii(Object pii) { @@ -415,6 +418,11 @@ public class Log { } private static String secureHash(byte[] input) { + // Refrain from logging user personal information in user build. + if (USER_BUILD) { + return "****"; + } + if (sMessageDigest != null) { sMessageDigest.reset(); sMessageDigest.update(input); diff --git a/telephony/java/android/telephony/Rlog.java b/telephony/java/android/telephony/Rlog.java index cd0a012d14fd0..2a31e3a7bda28 100644 --- a/telephony/java/android/telephony/Rlog.java +++ b/telephony/java/android/telephony/Rlog.java @@ -16,6 +16,7 @@ package android.telephony; +import android.os.Build; import android.text.TextUtils; import android.util.Log; @@ -32,6 +33,8 @@ import java.security.NoSuchAlgorithmException; */ public final class Rlog { + private static final boolean USER_BUILD = Build.TYPE.equals("user"); + private Rlog() { } @@ -125,10 +128,15 @@ public final class Rlog { /** * Returns a secure hash (using the SHA1 algorithm) of the provided input. * - * @return the hash + * @return "****" if the build type is user, otherwise the hash * @param input the bytes for which the secure hash should be computed. */ private static String secureHash(byte[] input) { + // Refrain from logging user personal information in user build. + if (USER_BUILD) { + return "****"; + } + MessageDigest messageDigest; try { diff --git a/telephony/java/com/android/internal/telephony/CallerInfo.java b/telephony/java/com/android/internal/telephony/CallerInfo.java index 5f3f773b062cc..c9c48dc315c81 100644 --- a/telephony/java/com/android/internal/telephony/CallerInfo.java +++ b/telephony/java/com/android/internal/telephony/CallerInfo.java @@ -30,9 +30,9 @@ import android.provider.ContactsContract.Data; import android.provider.ContactsContract.PhoneLookup; import android.provider.ContactsContract.RawContacts; import android.telephony.PhoneNumberUtils; +import android.telephony.Rlog; import android.telephony.TelephonyManager; import android.text.TextUtils; -import android.telephony.Rlog; import android.util.Log; import com.android.i18n.phonenumbers.geocoding.PhoneNumberOfflineGeocoder; @@ -595,7 +595,8 @@ public class CallerInfo { pn = util.parse(number, countryIso); if (VDBG) Rlog.v(TAG, "- parsed number: " + pn); } catch (NumberParseException e) { - Rlog.w(TAG, "getGeoDescription: NumberParseException for incoming number '" + number + "'"); + Rlog.w(TAG, "getGeoDescription: NumberParseException for incoming number '" + + Rlog.pii(TAG, number) + "'"); } if (pn != null) {