Project-1CE/frameworks_base - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Andrii Kulian <akulian@google.com>	2019-07-16 11:24:45 -0700
committer	Andrii Kulian <akulian@google.com>	2020-01-24 12:48:54 -0800
commit	f9e5c9fe4671813043385406dd9a49b3b9d0d89f (patch)
tree	32904310141d61c65e725f480f007c01949c8506 /tools/aapt2/java/JavaClassGenerator_test.cpp
parent	ce7f6e8925ba1f07f137bc370122d63dd3b475a2 (diff)

Add calling package verification for ATM binder calls

In some methods in ActivityTaskManagerService and AppTaskImpl we were not validating if the callingPackage parameter that's passed in from binder actually belongs to the calling uid. But some of our security checks involve retrieving properties of the callingPackage, e.g. ActivityStackSupervisor.getActionRestrictionForCallingPackage(), and apps were able to circumvent these checks. This CL adds checks that provided package name belongs to the calling UID in ATM binder calls, and throws an exception if it doesn't. Bug: 137395936 Test: Build & flash Change-Id: I28608fd31bdbc56b758696a5e3b042c20d59c071

Diffstat (limited to 'tools/aapt2/java/JavaClassGenerator_test.cpp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: