Fix permission check for get/setSmscAddress.

Based on api-council feedback. Incorporated other suggestions too. Test: basic SMS sanity Bug: 149236716 Merged-in: I60b300d1b2d4e8b67cfc121e10a7957a8f0aaac8 Change-Id: I60b300d1b2d4e8b67cfc121e10a7957a8f0aaac8 (cherry picked from commit 15a3b86e897fa696fce75362d0cab64fea710f31)
author: Amit Mahajan <amitmahajan@google.com> 2020-02-20 13:46:51 -0800
committer: Amit Mahajan <amitmahajan@google.com> 2020-03-02 19:29:55 +0000
commit: 05e97205523d6ca0f941b0707539f9be6e54ba54 (patch)
tree: 66f48fee983bb06e3a112c0d9e937d98fb2c81e7 /telephony/common
parent: 4894b560a53326a50054bcb41097c84c26a17a10 (diff)
1 files changed, 16 insertions, 1 deletions
diff --git a/telephony/common/com/android/internal/telephony/SmsApplication.java b/telephony/common/com/android/internal/telephony/SmsApplication.java
index bb6f154335a9..d54c054e2f82 100644
--- a/telephony/common/com/android/internal/telephony/SmsApplication.java
+++ b/telephony/common/com/android/internal/telephony/SmsApplication.java
@@ -1057,7 +1057,8 @@ public final class SmsApplication {
     }
 
     /**
-     * Check if a package is default sms app (or equivalent, like bluetooth)
+     * Check if a package is default sms app (or equivalent, like bluetooth), and verify that
+     * packageName belongs to the caller.
      *
      * @param context context from the calling app
      * @param packageName the name of the package to be checked
@@ -1066,8 +1067,22 @@ public final class SmsApplication {
     @UnsupportedAppUsage
     public static boolean isDefaultSmsApplication(Context context, String packageName) {
         if (packageName == null) {
+            Log.e(LOG_TAG, "isDefaultSmsApplication: packageName is null");
             return false;
         }
+        try {
+            if (Binder.getCallingUid()
+                    == context.getPackageManager().getPackageUid(packageName, 0)) {
+                Log.e(LOG_TAG, "isDefaultSmsApplication: " + packageName + " calling uid "
+                        + context.getPackageManager().getPackageUid(packageName, 0)
+                        + " does not match calling uid " + Binder.getCallingUid());
+                return false;
+            }
+        } catch (NameNotFoundException ex) {
+            Log.e(LOG_TAG, "isDefaultSmsApplication: packageName " + packageName + " not found");
+            return false;
+        }
+
         final String defaultSmsPackage = getDefaultSmsApplicationPackageName(context);
         if ((defaultSmsPackage != null && defaultSmsPackage.equals(packageName))
                 || BLUETOOTH_PACKAGE_NAME.equals(packageName)) {
author	Amit Mahajan <amitmahajan@google.com>	2020-02-20 13:46:51 -0800
committer	Amit Mahajan <amitmahajan@google.com>	2020-03-02 19:29:55 +0000
commit	05e97205523d6ca0f941b0707539f9be6e54ba54 (patch)
tree	66f48fee983bb06e3a112c0d9e937d98fb2c81e7 /telephony/common
parent	4894b560a53326a50054bcb41097c84c26a17a10 (diff)