From 6a184878f801f8511f25515eda482e8905495f17 Mon Sep 17 00:00:00 2001
From: Simranjit Singh Kohli <simranjit@google.com>
Date: Tue, 19 May 2015 10:58:01 -0700
Subject: [PATCH] [Fix Potential for error]:

Init for accounts maybe called when non-system app asks for accounts.
That might lead to deletion of accounts and broadcast from the user,
which requires permission. Hence, we should clear calling identity
before requesting it.

Bug: 21140169

Change-Id: I057ac6778ea53d3f96b3e5c42fe3a2fe60c3cf28
---
 .../java/com/android/server/accounts/AccountManagerService.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
index 62f168d2298ff..d214a20176cd3 100644
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -2355,9 +2355,9 @@ public class AccountManagerService
             callingUid = packageUid;
         }
         checkReadAccountsPermission();
-        UserAccounts accounts = getUserAccounts(userId);
         long identityToken = clearCallingIdentity();
         try {
+            UserAccounts accounts = getUserAccounts(userId);
             synchronized (accounts.cacheLock) {
                 return getAccountsFromCacheLocked(accounts, type, callingUid, callingPackage);
             }