Android/packages_apps_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add ComponentName explicitly to make sure arbitary intents aren't launched from Settings.

Browse Source 
Bug: 378902342
Flag: EXEMPT security fix
Change-Id: I0e67f1258cb427c5b998e40a8a0c104af3ead042
(cherry picked from commit 6a896b6b26d445800773e1b4649895bea17eac1f)
This commit is contained in:
Aseem Kumar
2025-04-16 11:22:07 -07:00
committed by Justin Dunlap
parent 12ea1a89e5
commit ade7c77634
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/com/android/settings/accounts/AccountTypePreferenceLoader.java
View File

@@ -265,7 +265,14 @@ public class AccountTypePreferenceLoader {
try {
// Allows to launch only authenticator owned activities.
ApplicationInfo authenticatorAppInf = pm.getApplicationInfo(authDesc.packageName, 0);
return resolvedAppInfo.uid == authenticatorAppInf.uid;
if (resolvedAppInfo.uid == authenticatorAppInf.uid) {
// Explicitly set the component to be same as authenticator to
// prevent launching arbitrary activities.
intent.setComponent(resolvedActivityInfo.getComponentName());
return true;
} else {
return false;
}
} catch (NameNotFoundException e) {
Log.e(TAG,
"Intent considered unsafe due to exception.",