Merge "Ignore GrantCredentials call with unexpected calling uid." into qt-dev am: a064b69f18

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/13029782 Change-Id: Ibf0233c8e736166a6357d622a5f5763cca64c07a
2020-11-11 21:41:34 +00:00
parent 558392e1ed a064b69f18
commit f0263a9369
1 changed files with 28 additions and 6 deletions
--- a/core/java/android/accounts/GrantCredentialsPermissionActivity.java
+++ b/core/java/android/accounts/GrantCredentialsPermissionActivity.java
@@ -16,16 +16,23 @@
 package android.accounts;
 import android.app.Activity;
-import android.content.res.Resources;
+import android.app.ActivityTaskManager;
 import android.os.Bundle;
 import android.widget.TextView;
 import android.widget.LinearLayout;
 import android.view.View;
 import android.view.LayoutInflater;
 import android.content.Context;
 import android.content.Intent;
 import android.content.pm.PackageManager;
 import android.content.res.Resources;
 import android.os.Bundle;
 import android.os.IBinder;
 import android.os.Process;
 import android.os.RemoteException;
 import android.os.UserHandle;
 import android.text.TextUtils;
 import android.util.Log;
 import android.view.LayoutInflater;
 import android.view.View;
 import android.widget.LinearLayout;
 import android.widget.TextView;
 import com.android.internal.R;
 import java.io.IOException;
@@ -42,6 +49,7 @@ public class GrantCredentialsPermissionActivity extends Activity implements View
    private Account mAccount;
    private String mAuthTokenType;
    private int mUid;
    private int mCallingUid;
    private Bundle mResultBundle = null;
    protected LayoutInflater mInflater;
@@ -77,6 +85,20 @@ public class GrantCredentialsPermissionActivity extends Activity implements View
            return;
        }
        try {
            IBinder activityToken = getActivityToken();
            mCallingUid = ActivityTaskManager.getService().getLaunchedFromUid(activityToken);
        } catch (RemoteException re) {
            // Couldn't figure out caller details
            Log.w(getClass().getSimpleName(), "Unable to get caller identity \n" + re);
        }
        if (!UserHandle.isSameApp(mCallingUid, Process.SYSTEM_UID) && mCallingUid != mUid) {
            setResult(Activity.RESULT_CANCELED);
            finish();
            return;
        }
        String accountTypeLabel;
        try {
            accountTypeLabel = getAccountLabel(mAccount);