Fix issue #9074296: Device Admins can activate in a way...

...that makes it impossible to deactive/uninstall them Don't allow device admins to directly launch the add UI if they are malformed. Change-Id: I0d3140222d8015f680e1f199bddae2221ee0e726
2013-05-22 11:29:36 -07:00
parent 0b2781ae53
commit 8274b67702
1 changed files with 34 additions and 2 deletions
--- a/src/com/android/settings/DeviceAdminAdd.java
+++ b/src/com/android/settings/DeviceAdminAdd.java
@@ -50,6 +50,8 @@ import android.widget.TextView;

 import java.io.IOException;
 import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;

 public class DeviceAdminAdd extends Activity {
    static final String TAG = "DeviceAdminAdd";
@@ -104,7 +106,7 @@ public class DeviceAdminAdd extends Activity {
            finish();
            return;
        }
-        
+
        ActivityInfo ai;
        try {
            ai = getPackageManager().getReceiverInfo(cn, PackageManager.GET_META_DATA);
@@ -113,7 +115,37 @@ public class DeviceAdminAdd extends Activity {
            finish();
            return;
        }
-        
+
+        // Make sure the given component name is actually a valid device admin.
+        List<ResolveInfo> avail = getPackageManager().queryBroadcastReceivers(
+                new Intent(DeviceAdminReceiver.ACTION_DEVICE_ADMIN_ENABLED),
+                PackageManager.GET_DISABLED_UNTIL_USED_COMPONENTS);
+        int count = avail == null ? 0 : avail.size();
+        boolean found = false;
+        for (int i=0; i<count; i++) {
+            ResolveInfo ri = avail.get(i);
+            if (ai.packageName.equals(ri.activityInfo.packageName)
+                    && ai.name.equals(ri.activityInfo.name)) {
+                try {
+                    // We didn't retrieve the meta data for all possible matches, so
+                    // need to use the activity info of this specific one that was retrieved.
+                    ri.activityInfo = ai;
+                    DeviceAdminInfo dpi = new DeviceAdminInfo(this, ri);
+                    found = true;
+                } catch (XmlPullParserException e) {
+                    Log.w(TAG, "Bad " + ri.activityInfo, e);
+                } catch (IOException e) {
+                    Log.w(TAG, "Bad " + ri.activityInfo, e);
+                }
+                break;
+            }
+        }
+        if (!found) {
+            Log.w(TAG, "Request to add invalid device admin: " + cn);
+            finish();
+            return;
+        }
+
        ResolveInfo ri = new ResolveInfo();
        ri.activityInfo = ai;
        try {