Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
255,433 Commits 3 Branches 0 Tags
6ef77aedac221c9bd6067b812d98e85ca7fedb4a
Commit Graph

255433 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Android Build Merger (Role)
6ef77aedac [automerger] RESTRICT AUTOMERGE: Recover shady content:// paths. am: 301d17e4dd am: 010585fe3c 
Change-Id: I5f8b88ca54c22bb978fc6c468259fec9e0e9898a
 2018-10-05 00:19:19 +00:00
Android Build Merger (Role)
010585fe3c [automerger] RESTRICT AUTOMERGE: Recover shady content:// paths. am: 301d17e4dd 
Change-Id: I80ac911a166e12eedf77518436808d4f3ede872c
 2018-10-05 00:19:12 +00:00
Jeff Sharkey
301d17e4dd RESTRICT AUTOMERGE: Recover shady content:// paths. 
The path-permission element offers prefix or regex style matching of
paths, but most providers internally use UriMatcher to decide what
to do with an incoming Uri.

This causes trouble because UriMatcher uses Uri.getPathSegments(),
which quietly ignores "empty" paths.  Consider this example:

    <path-permission android:pathPrefix="/private" ... />

    uriMatcher.addURI("com.example", "/private", CODE_PRIVATE);

    content://com.example//private

The Uri above will pass the security check, since it's not
technically a prefix match.  But the UriMatcher will then match it
as CODE_PRIVATE, since it ignores the "//" zero-length path.

Since we can't safely change the behavior of either path-permission
or UriMatcher, we're left with recovering these shady paths by
trimming away zero-length paths.

Bug: 112555574
Test: cts-tradefed run cts -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AppSecurityTests
Change-Id: Ibadbfa4fc904ec54780c8102958735b03293fb9a
 2018-10-05 00:19:08 +00:00
Atanas Kirilov
29a7dc2132 Merge changes from topic "am-81126cf1-3777-4130-82b2-fbb9b5f9bcf8" into nyc-mr1-dev 
* changes:
  [automerger] RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package." am: 95a3e91846 am: 94e1a09bc6
  [automerger] RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package." am: 95a3e91846
  RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package."
 2018-09-28 23:21:47 +00:00
Atanas Kirilov
9f6ffb734f Merge changes from topic "am-81126cf1-3777-4130-82b2-fbb9b5f9bcf8" into nyc-dr1-dev 
* changes:
  [automerger] RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package." am: 95a3e91846
  RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package."
 2018-09-28 23:21:47 +00:00
Atanas Kirilov
50708217f8 Merge "RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package."" into nyc-dev 2018-09-28 23:21:47 +00:00
Atanas Kirilov
fe5ed4e24e Merge "RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions."" into nyc-dev 2018-09-28 23:20:32 +00:00
Android Build Merger (Role)
446837c874 [automerger] RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions." am: 999e3fe986 am: 79c6a599fe 
Change-Id: I094a6ffa8dee70d4f9f45c4f8d9929d92b078cec
 2018-09-28 20:34:28 +00:00
Android Build Merger (Role)
79c6a599fe [automerger] RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions." am: 999e3fe986 
Change-Id: I178b86c62e2b0e8d3399897adaa3bfc191daea2d
 2018-09-28 20:34:21 +00:00
Atanas Kirilov
999e3fe986 RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions." 
This reverts commit 8da6786608.

Reason for revert: Not a security fix and the security fix needs this cl is reverted.
Bug: 114365189

Change-Id: I1826a5b6889f21fbbe16311a3da66c93e26383f3
 2018-09-28 20:34:17 +00:00
Android Build Merger (Role)
84756be0be [automerger] RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package." am: 95a3e91846 am: 94e1a09bc6 
Change-Id: Ie3b9caf9452711a136f50a5ac8aa4946fa0d2767
 2018-09-28 20:33:53 +00:00
Android Build Merger (Role)
94e1a09bc6 [automerger] RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package." am: 95a3e91846 
Change-Id: Ib9aa56a12fff0fb53848b9856fb89c6bb4de3793
 2018-09-28 20:33:45 +00:00
Atanas Kirilov
95a3e91846 RESTRICT AUTOMERGE: Revert "RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package." 
This reverts commit fa69d725eb.

Reason for revert: triggers other issue.
Bug: 114365189

Change-Id: I746c74b00f4524575279cdaa831435d12425de20
 2018-09-28 20:33:41 +00:00
TreeHugger Robot
7baa72ed78 Merge "Verify number of Map entries written to Parcel" into nyc-dev 2018-09-06 01:29:28 +00:00
TreeHugger Robot
28850f8620 Merge changes from topic "am-bdb0270e-8295-4ee6-be36-2709e172d48f" into nyc-mr1-dev 
* changes:
  [automerger] Verify number of Map entries written to Parcel am: 057a01d1f3 am: d6947f1cbf
  [automerger] Verify number of Map entries written to Parcel am: 057a01d1f3
  Verify number of Map entries written to Parcel
 2018-09-06 01:29:28 +00:00
TreeHugger Robot
e58385ab65 Merge changes from topic "am-bdb0270e-8295-4ee6-be36-2709e172d48f" into nyc-dr1-dev 
* changes:
  [automerger] Verify number of Map entries written to Parcel am: 057a01d1f3
  Verify number of Map entries written to Parcel
 2018-09-06 01:29:28 +00:00
TreeHugger Robot
3d1cc48e87 Merge "Hide overlay windows when requesting media projection permission." into nyc-dev 2018-09-05 23:39:21 +00:00
TreeHugger Robot
f074e624e6 Merge changes from topic "am-51363a78-f167-48aa-956c-f9bfd551a3a5" into nyc-mr1-dev 
* changes:
  [automerger skipped] Hide overlay windows when requesting media projection permission. skipped: 5c3f5a02bd skipped: 3eb97a9bd9
  [automerger skipped] Hide overlay windows when requesting media projection permission. skipped: 5c3f5a02bd
  Hide overlay windows when requesting media projection permission.
 2018-09-05 23:39:21 +00:00
TreeHugger Robot
6b80718bff Merge changes from topic "am-51363a78-f167-48aa-956c-f9bfd551a3a5" into nyc-dr1-dev 
* changes:
  [automerger skipped] Hide overlay windows when requesting media projection permission. skipped: 5c3f5a02bd
  Hide overlay windows when requesting media projection permission.
 2018-09-05 23:39:21 +00:00
TreeHugger Robot
e4ba1b36d5 Merge changes from topic "am-bada3a56-09dc-47f9-ba2e-42434cf270e2" into nyc-mr1-dev 
* changes:
  [automerger] RESTRICT AUTOMERGE: Hide overlay windows when requesting media projection permission. am: 295af36009
  RESTRICT AUTOMERGE: Hide overlay windows when requesting media projection permission.
 2018-09-05 22:24:16 +00:00
TreeHugger Robot
19edfe6e23 Merge "RESTRICT AUTOMERGE: Hide overlay windows when requesting media projection permission." into nyc-dr1-dev 2018-09-05 22:24:16 +00:00
Android Build Merger (Role)
7ee280f8b5 [automerger] RESTRICT AUTOMERGE: Hide overlay windows when requesting media projection permission. am: 295af36009 
Change-Id: I277a26c94cde1e77ddef8ddbc81dad3c963def8f
 2018-09-05 20:38:53 +00:00
Wale Ogunwale
295af36009 RESTRICT AUTOMERGE: Hide overlay windows when requesting media projection permission. 
1: Cherry-pick ag/4067454 - Setting PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS
updateNonSystemOverlayWindowsVisibilityIfNeeded on relayoutWindow

2: Cherry-pick ag/3650369 - If PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS changed on
relayoutWindow() then updateNonSystemOverlayWindowsVisibilityIfNeeded

3: Add permissions to SystemUI to allow it to hide non-system overlays

Bug: 34170870
Test: manual (see bug for poc)
Change-Id: I57cb0f390d9a78e721c5ddce49a377d385002753
 2018-09-05 20:38:50 +00:00
Android Build Merger (Role)
50f6c53a1a [automerger skipped] Hide overlay windows when requesting media projection permission. skipped: 5c3f5a02bd skipped: 3eb97a9bd9 
Change-Id: Icec5121efdff64b3352ac985141f612277549b6d
 2018-09-05 20:37:54 +00:00
Android Build Merger (Role)
3eb97a9bd9 [automerger skipped] Hide overlay windows when requesting media projection permission. skipped: 5c3f5a02bd 
Change-Id: I76ade50f15b706e3f4e6acc156884b83967e4b40
 2018-09-05 20:37:48 +00:00
Wale Ogunwale
5c3f5a02bd Hide overlay windows when requesting media projection permission. 
1: Cherry-pick ag/4067454 - Setting PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS
updateNonSystemOverlayWindowsVisibilityIfNeeded on relayoutWindow

2: Cherry-pick ag/3650369 - If PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS changed on
relayoutWindow() then updateNonSystemOverlayWindowsVisibilityIfNeeded

3: Add permissions to SystemUI to allow it to hide non-system overlays

Bug: 34170870
Test: manual (see bug for poc)
Change-Id: I57cb0f390d9a78e721c5ddce49a377d385002753
 2018-09-05 20:37:34 +00:00
Android Build Merger (Role)
628cbe5c53 [automerger] Verify number of Map entries written to Parcel am: 057a01d1f3 am: d6947f1cbf 
Change-Id: Idaab5395d9e0970fe57b017bcba10f8757ffe3c7
 2018-08-30 20:45:59 +00:00
Android Build Merger (Role)
d6947f1cbf [automerger] Verify number of Map entries written to Parcel am: 057a01d1f3 
Change-Id: Idb2572b46c48fe2f3e4b99c5cb4372dcfe6b20ce
 2018-08-30 20:45:51 +00:00
Michael Wachenschwanz
057a01d1f3 Verify number of Map entries written to Parcel 
Make sure the number of entries written by Parcel#writeMapInternal
matches the size written. If a mismatch were allowed, an exploitable
scenario could occur where the data read from the Parcel would not
match the data written.

Fixes: 112859604
Test: cts-tradefed run cts -m CtsOsTestCases -t android.os.cts.ParcelTest

Change-Id: I325d08a8b66b6e80fe76501359c41b6656848607
Merged-In: I325d08a8b66b6e80fe76501359c41b6656848607
 2018-08-30 13:40:44 -07:00
Android Build Merger (Role)
eff2a46342 [automerger] RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions. am: 8da6786608 am: 7d153c56c6 
Change-Id: Idba111169b057b88a7b47dde4b734ede2c651310
 2018-08-24 22:45:22 +00:00
Android Build Merger (Role)
7d153c56c6 [automerger] RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions. am: 8da6786608 
Change-Id: I2c9174d4b065aada8c4ba95e864b3628dd1f0975
 2018-08-24 22:45:15 +00:00
akirilov
8da6786608 RESTRICT AUTOMERGE: Check both self and shared user id package for requested permissions. 
Bug: 111752150
Test: Manual local test
Change-Id: I0b48a20525f87fc6f5ab8d7e70aa7d11cd747f97
 2018-08-24 22:45:13 +00:00
Mihai Popa
0075139902 Merge changes from topic "am-0f30ee3d-94a0-4dc3-bb14-762781265ad9" into nyc-mr1-dev 
* changes:
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f am: 04c7154fd9 am: 65082f8f5b am: 74ffd2bc55
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f am: 04c7154fd9 am: 65082f8f5b
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f am: 04c7154fd9
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea
  Fix crash during cursor moving on BiDi text
 2018-08-15 19:23:35 +00:00
Mihai Popa
1425bb41aa Merge changes from topic "am-0f30ee3d-94a0-4dc3-bb14-762781265ad9" into nyc-dr1-dev 
* changes:
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f am: 04c7154fd9 am: 65082f8f5b
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f am: 04c7154fd9
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea
  Fix crash during cursor moving on BiDi text
 2018-08-15 19:23:35 +00:00
Mihai Popa
bf441335ea Merge changes from topic "am-0f30ee3d-94a0-4dc3-bb14-762781265ad9" into nyc-dev 
* changes:
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f am: 04c7154fd9
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2
  [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea
  Fix crash during cursor moving on BiDi text
 2018-08-15 19:23:35 +00:00
Mihai Popa
25f2fa4cf7 Merge "Fix crash during cursor moving on BiDi text" into nyc-dev 2018-08-15 19:17:04 +00:00
Android Build Merger (Role)
99e3f649b4 [automerger] Fix crash during cursor moving on BiDi text am: 82c84d5fbb am: 12baaa2bc3 
Change-Id: Iaf0aded3004f33fdb52dd0c19779329991b24746
 2018-08-15 19:12:59 +00:00
Android Build Merger (Role)
12baaa2bc3 [automerger] Fix crash during cursor moving on BiDi text am: 82c84d5fbb 
Change-Id: I221d974ba9402c088235d5bdb3c94e91cf4167ba
 2018-08-15 19:12:52 +00:00
Seigo Nonaka
82c84d5fbb Fix crash during cursor moving on BiDi text 
The crash was introduced by Ib66ef392c19c937718e7101f6d48fac3abe51ad0
The root cause of the crashing is requesting out-of-line access for the
horizontal width. This invalid access is silently ignored by
TextLine#measure() method but new implementation end up with out of
bounds access.

To makes behavior as old implementation, calling getHorizontal instead
of accessing measured result array.

Bug: 78464361, 111580019
Test: Manually done
Change-Id: I5c5778718f6b397adbb1e4f2cf95e9f635f6e5c8
(cherry picked from commit 960647d582)
Merged-In: I5c5778718f6b397adbb1e4f2cf95e9f635f6e5c8
 2018-08-15 19:12:50 +00:00
Android Build Merger (Role)
f7f008f573 [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f am: 04c7154fd9 am: 65082f8f5b am: 74ffd2bc55 
Change-Id: I680848db0e845617323ecca36c380fdf890789d9
 2018-08-15 00:29:16 +00:00
Android Build Merger (Role)
74ffd2bc55 [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f am: 04c7154fd9 am: 65082f8f5b 
Change-Id: I27b2220f568a37ff16b0dfc3376d7e46cb3659c9
 2018-08-15 00:29:09 +00:00
Android Build Merger (Role)
65082f8f5b [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f am: 04c7154fd9 
Change-Id: Ic801a54fa6cb048ddf911c7b315849ab40bd7a52
 2018-08-15 00:28:52 +00:00
Android Build Merger (Role)
04c7154fd9 [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 skipped: 723f13d01f 
Change-Id: If1607fb19bd806cb6d0f9b9010032e95df6549a8
 2018-08-15 00:28:41 +00:00
Android Build Merger (Role)
723f13d01f [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea am: b7a2d47ec2 
Change-Id: I6995aab201805b64e81022db295356ef8abda30c
 2018-08-15 00:26:19 +00:00
Android Build Merger (Role)
b7a2d47ec2 [automerger] Fix crash during cursor moving on BiDi text am: 95218ce7ea 
Change-Id: Id97c3f508a0dcd82978b06891b3a979921d4be3a
 2018-08-15 00:26:10 +00:00
Seigo Nonaka
95218ce7ea Fix crash during cursor moving on BiDi text 
The crash was introduced by Ib66ef392c19c937718e7101f6d48fac3abe51ad0
The root cause of the crashing is requesting out-of-line access for the
horizontal width. This invalid access is silently ignored by
TextLine#measure() method but new implementation end up with out of
bounds access.

To makes behavior as old implementation, calling getHorizontal instead
of accessing measured result array.

Bug: 111580019
Test: Manually done
Change-Id: I5c5778718f6b397adbb1e4f2cf95e9f635f6e5c8
Merged-In: Ib66ef392c19c937718e7101f6d48fac3abe51ad0
 2018-08-15 00:26:02 +00:00
Atanas Kirilov
8aecc35a20 Merge "RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package." into nyc-dev 2018-08-14 19:40:27 +00:00
Atanas Kirilov
7ae6e6566f Merge changes from topic "am-81126cf1-3777-4130-82b2-fbb9b5f9bcf8" into nyc-mr1-dev 
* changes:
  [automerger] RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package. am: fa69d725eb am: 7d252f5ed7
  [automerger] RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package. am: fa69d725eb
  RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package.
 2018-08-14 19:40:27 +00:00
Atanas Kirilov
fce27e8502 Merge changes from topic "am-81126cf1-3777-4130-82b2-fbb9b5f9bcf8" into nyc-dr1-dev 
* changes:
  [automerger] RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package. am: fa69d725eb
  RESTRICT AUTOMERGE: Revoke permissions defined in a to-be removed package.
 2018-08-14 19:40:27 +00:00
Android Build Merger (Role)
424304f893 [automerger] DO NOT MERGE. Extend SQLiteQueryBuilder for update and delete. am: 8e95967f09 am: c09bb997e8 
Change-Id: I544bf2c6b5d0177aa70a6fb7bd4225d4d04881fd
 2018-08-09 20:15:51 +00:00