PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "SECURITY: Don't pass a usable Pending Intent to 3rd parties." into lmp-dev

Browse Source
This commit is contained in:
Carlos Valdivia
2014-09-08 18:21:03 +00:00
committed by Android (Google) Code Review
parent 1f389c1996 f5d3e74ecc
commit 690ce1b325
1 changed files with 17 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/com/android/settings/accounts/AddAccountSettings.java
View File

@@ -22,8 +22,8 @@ import android.accounts.AccountManagerFuture;
import android.accounts.AuthenticatorException; import android.accounts.AuthenticatorException;
import android.accounts.OperationCanceledException; import android.accounts.OperationCanceledException;
import android.app.Activity; import android.app.Activity;
import android.app.ActivityManagerNative;
import android.app.PendingIntent; import android.app.PendingIntent;
import android.content.ComponentName;
import android.content.Context; import android.content.Context;
import android.content.Intent; import android.content.Intent;
import android.os.Bundle; import android.os.Bundle;
@@ -69,6 +69,7 @@ public class AddAccountSettings extends Activity {
* application. * application.
*/ */
private static final String KEY_CALLER_IDENTITY = "pendingIntent"; private static final String KEY_CALLER_IDENTITY = "pendingIntent";
private static final String SHOULD_NOT_RESOLVE = "SHOULDN'T RESOLVE!";
private static final String TAG = "AccountSettings"; private static final String TAG = "AccountSettings";
@@ -196,7 +197,21 @@ public class AddAccountSettings extends Activity {
private void addAccount(String accountType) { private void addAccount(String accountType) {
Bundle addAccountOptions = new Bundle(); Bundle addAccountOptions = new Bundle();
mPendingIntent = PendingIntent.getBroadcast(this, 0, new Intent(), 0); /*
* The identityIntent is for the purposes of establishing the identity
* of the caller and isn't intended for launching activities, services
* or broadcasts.
*
* Unfortunately for legacy reasons we still need to support this. But
* we can cripple the intent so that 3rd party authenticators can't
* fill in addressing information and launch arbitrary actions.
*/
Intent identityIntent = new Intent();
identityIntent.setComponent(new ComponentName(SHOULD_NOT_RESOLVE, SHOULD_NOT_RESOLVE));
identityIntent.setAction(SHOULD_NOT_RESOLVE);
identityIntent.addCategory(SHOULD_NOT_RESOLVE);
mPendingIntent = PendingIntent.getBroadcast(this, 0, identityIntent, 0);
addAccountOptions.putParcelable(KEY_CALLER_IDENTITY, mPendingIntent); addAccountOptions.putParcelable(KEY_CALLER_IDENTITY, mPendingIntent);
addAccountOptions.putBoolean(EXTRA_HAS_MULTIPLE_USERS, Utils.hasMultipleUsers(this)); addAccountOptions.putBoolean(EXTRA_HAS_MULTIPLE_USERS, Utils.hasMultipleUsers(this));
AccountManager.get(this).addAccountAsUser( AccountManager.get(this).addAccountAsUser(