This app-generated input needs to not be too long to avoid errors in the process of writing to disk.
Bug: 242846316
Test: cts ConditionTest; atest ConditionTest; manually verified exploit apk is OK
Change-Id: Ic2fa8f06cc7a4c1f262115764fbd1be2a226b4b9
Merged-In: Ic2fa8f06cc7a4c1f262115764fbd1be2a226b4b9
(cherry picked from commit 81352c3775)
This change both prevents any rules from being unable to be written to disk and also avoids risk of running out of memory while handling all the zen rules.
Bug: 242703460
Bug: 242703505
Bug: 242703780
Bug: 242704043
Bug: 243794204
Test: cts AutomaticZenRuleTest; atest android.app.AutomaticZenRuleTest; manually confirmed each exploit example either saves the rule successfully with a truncated string (in the case of name & conditionId) or may fail to save the rule at all (if the owner/configactivity is invalid). Additionally ran the memory-exhausting PoC without device crashes.
Change-Id: I110172a43f28528dd274b3b346eb29c3796ff2c6
Merged-In: I110172a43f28528dd274b3b346eb29c3796ff2c6
(cherry picked from commit de172ba0d4)
Malicious callers can leak side-channel information by using
subqueries in any untrusted inputs where SQLite allows "expr" values.
This change offers setStrictGrammar() to prevent this by outright
blocking subqueries in WHERE and HAVING clauses, and by requiring
that GROUP BY and ORDER BY clauses be composed only of valid columns.
This change also offers setStrictColumns() to require that all
untrusted column names are valid, such as those in ContentValues.
Relaxes to always allow aggregation operators on returned columns,
since untrusted callers can always calculate these manually.
Bug: 135270103, 135269143
Test: atest android.database.sqlite.cts.SQLiteQueryBuilderTest
Test: atest FrameworksCoreTests:android.database.sqlite.SQLiteTokenizerTest
Change-Id: I0dacb53170ce573a2fe103cbff455782bfdb5d41
Instead of storing each Locale within a Configuration object's locale
list by its language, country, variant, and script to proto, store the
entire locale list by its language tags representation which accurately
describes each locale.
Bug: 140197723
Test: atest ConfigurationTest
Test: atest UsageStatsDatabaseTest
Test: manually with bad data
Merged-In: I53946ed4e31de0ffe9c84875c391a7dec6f5375a
Change-Id: Idaae690f79a5c680ad0059a52be62160d9dfb5e7
Instead of storing each Locale within a Configuration object's locale
list by its language, country, variant, and script to proto, store the
entire locale list by its language tags representation which accurately
describes each locale.
Bug: 140197723
Test: atest ConfigurationTest
Test: atest UsageStatsDatabaseTest
Test: manually with bad data
Change-Id: Id0e63ae4a7be578d1e93838b371320f86a787e0e
Make sure the client post execution lifecycle state to RESUMED
only if the activity was RESUMED while delivering new intent.
Bug: 135715788
Test: making skype calls
Test: atest ActivityThreadTest
Change-Id: I1e3054e1d1611aecf6ddf6d482abf2cb3ebdf9a4
The CL fixes a crash in Layout.primaryIsTrailingPreviousAllLineOffsets.
The crash was happening when the method was called for a line beginning
with an empty bidi run. This could happen, for example, for empty text -
I was unable to find any other case. The CL improves the existing test
for the method with this case, which was previously crashing.
The CL also fixes a potential crash in getLineHorizontals. However, this
bug could never happen as in the current code path clamped is always
false (and kept as parameter for parity with getHorizontal).
Bug: 135444178
Test: atest FrameworksCoreTests:android.text.LayoutTest\#testPrimaryIsTrailingPrevious
Change-Id: I47157abe1d74675884734e3810628a566e40c1b4
Added Tron logging to StatusBarNotification.getLogMaker() so it will
be present in most logs about the notification.
Change-Id: I720706d37c663f2018bdfe2153ad180970166c90
Test: atest android.service.notification.StatusBarNotificationTest
Bug: 135180518
This reverts commit 917327b193.
Reason for revert: This change has been implicated in 4-way deadlocks as seen in b/134244752.
Bug: 134244752
Change-Id: Ibdaad3a4cbf0d8ef1ed53cfab1e454b9b878bae9
failed to launch app resolver when there are more than one app handlers.
What happened:
1. TextClassifier constructs an implicit intent to fulfill a task
like opening a link, making a phone call, etc.
2. TextClassifier calls resolveActivity against the implicit intent to
resolve the intent. The resolve component name will be used to create
an explicit intent. In this case, the intent is resolved to the
app resolver activity.
3. wouldLaunchResolverActivity in SysUI returns false for an explicit
intent with component name android/ResolverActivity.
4. SysUI does not trigger the "start the activity after the keyguard
is gone" logic because wouldLaunchResolverActivity returns false.
5. When user clicks on the action on keyguard, ResolveActivity.onStop
is triggered because it is shown (and thus moved to the background)
under the keyguard. So, finish() is called in onStop, and thus the bug.
IMHO, wouldLaunchResolverActivity should not return false
for an explicit intent with component name android/ResolverActivity.
But since we are late at this point, the safest option is to not setting
component name when the intent is resolved to package "android". Note that
this is what we are doing for P, so it should be pretty safe.
Test: 1. Install two browsers. Send myself a link. Tap on the Open Link
chip on keyguard. App resolver is shown.
2. atest frameworks/base/core/tests/coretests/src/android/view/textclassifier/
BUG: 129220155
Change-Id: I6d4d67c2233a2fec950887ea274825bf1cbc1ae2
Also do a WTF when the same process registers 1000 observers with the
same observer instance.
Fix: 133388082
Test: manual test: Launch leaky app and make sure WTF is raised
Test: manual test: Open contacts app, close, and make sure the
"Total number of unique observers" goes back
Test: manual test: Open contacts app, kill it, and make sure the
"Total number of unique observers" goes back
Test: manual test: Open contacts app while contacts are syncing,
and make sure the activity refreshes itself.
Test: atest cts/tests/tests/content/src/android/content/cts/ContentResolverTest.java
Test: atest FrameworksCoreTests:BinderDeathDispatcherTest
Test: atest FrameworksServicesTests:com.android.server.content.ObserverNodeTest
Change-Id: Id738ca66023c029b92db3d108d99a9fc240fe77c
This removes the parts of the feature that were only needed in beta
releases:
- Toast when a start is or would be blocked.
- Configurable whitelist of exempt apps.
- Global setting to disable.
Not to be submitted until after beta 5 is cut.
Bug: 131747138
Test: atest BackgroundActivityLaunchTest
Test: atest RootWindowContainerTests
Test: atest WmTests:ActivityStarterTests
Test: atest CtsWindowManagerDeviceTestCases:ActivityStarterTests
Test: atest CtsAppTestCases:.ServiceTest
Change-Id: I3d8b9c72c8fac86b93ac57a8a1988f4133043af8
Previously when batterystats history buffer exceeds MAX_HISTORY_BUFFER
size, we create a new history file which is empty until batterystats
history buffer is written to the file. But the buffer is written to the
file every 30 minutes by default. When the file is empty, if the
system server process crashed or abrupt powered off, the file will remain
empty.
During the device bootup, batterystats reads history buffer from
the empty file and failed. The important mHistoryBaseTime variable is zero,
which causes all timestamps in subsequent history events are wrong, this
causes volta go/powerbug displays wrong, also Battery Usage in Settings
are wrong.
The fix is to not create new empty history file on disk until we actually
write history buffer to the file.
This problem can be manually reproduced by creating new empty file under
battery-history directory, then power off the device by long press power
button.
Bug: 133525277
Test: frameworks/base/core/tests/coretests/src/com/android/internal/os/BatteryStatsHistoryTest.java
Change-Id: I0c22881df6897e8832b472cc5e82fbf2727eb252
* changes:
Add one more test for VPN usage stats.
Addressing comments for http://ag/7700679.
NetworkStatsService: Fix getDetailedUidStats to take VPNs into account.
Take all VPN underlying networks into account when migrating traffic for VPN uid.
VPN uid.
(cherry picked from commit 95aa6d446f)
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: Manually verified on device that stats from VPN UID are moved
appropriately based on its declared underlying network set.
Test: vogar --mode app_process --benchmark NetworkStatsBenchmark.java
Change-Id: I7f368c5970b2dcb969fe0daf5ef44edb1f51d09d
Add functionality to ApexManager to filter the list of all APEX
packages in order to obtain lists of inactive or factory APEXs.
Expose this information to dumpsys.
Test: adb shell dumpsys package
Test: adb shell pm list packages -a --apex-only
Test: atest PackageParserTest
Bug: 123680735
Bug: 119767311
Change-Id: Id8ffe6320b55f647cdf550abfd6703cd868565ff
for logging in the default TC.
TCEvents for selection and links are not currently being written to
default TC logs. This changelist writes these events as SelEvents.
Bug: 131228248
Test: atest android.view.textclassifier.TextClassifierEventTest
Change-Id: I191f2f9281eab1b8a427ef21717fff283a304a22
Not all bugreports need screenshots, and hence it should not be
mandatory to pass screenshotfd in parameters to startBugreport (call to
bugreport API).
Ensuring the above by passing null screenshotFd.
Bug: 123578274
Test: atest BugreportManagerTest
Change-Id: I79f4a71cc79e655a64c4cf9ac04fef0814db8ff1
The windows belong to a activity will be set to stopped state
when the activity is stopped. But the associated thread of
view root could be different from activity, that results the
inconsistent calling thread of surface callback, and maybe
some potential races.
Since the surface could be destroyed during traversal, also
add a check for callback notifySurfaceDestroyed to prevent
duplicated calls if the surface is released.
Bug: 130553315
Test: atest ViewRootSurfaceCallbackTest
Change-Id: Iea2cf8ff51118c0fa8c00a35c1d3e53c959ea754
The reverted change causes a regression where we can get an IllegalStateException
during finalization as we are adopting the native fd in a ParcelFileDescriptor
which takes ownership of the fd. However, the order of finalization is undefined
and if the ParcelFileDescriptor is finalized before the MemoryIntArray we would
get an exception when running the finalization of the latter.
bug:124056170
This reverts commit c81f53f7f1.
Change-Id: I8debb9c5f4c87b1a657084139b27f40b7956fe59
Remove actions suggestions en model from system image.
Fixes: 129129336
Test: atest android.view.textclassifier
Change-Id: I43966c48e9167d3968981cd3ad514eba61f1d709
