PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Check Uri permission for FLAG_GRANT_READ/WRITE_URI_PERMISSION"

Browse Source
This commit is contained in:
Arc Wang
2022-12-14 05:52:29 +00:00
committed by Android (Google) Code Review
parent aef9355579 0c18e8990c
commit 86afd10ada
1 changed files with 24 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/com/android/settings/homepage/SettingsHomepageActivity.java
View File

@@ -478,7 +478,16 @@ public class SettingsHomepageActivity extends FragmentActivity implements
return;
}
if (!hasPrivilegedAccess(targetActivityInfo)) {
int callingUid = -1;
try {
callingUid = ActivityManager.getService().getLaunchedFromUid(getActivityToken());
} catch (RemoteException re) {
Log.e(TAG, "Not able to get callingUid: " + re);
finish();
return;
}
if (!hasPrivilegedAccess(callingUid, targetActivityInfo)) {
if (!targetActivityInfo.exported) {
Log.e(TAG, "Target Activity is not exported");
finish();
@@ -492,6 +501,19 @@ public class SettingsHomepageActivity extends FragmentActivity implements
}
}
// Only allow FLAG_GRANT_READ/WRITE_URI_PERMISSION if calling app has the permission to
// access specified Uri.
int uriPermissionFlags = targetIntent.getFlags()
& (Intent.FLAG_GRANT_READ_URI_PERMISSION | Intent.FLAG_GRANT_WRITE_URI_PERMISSION);
if (targetIntent.getData() != null
&& uriPermissionFlags != 0
&& checkUriPermission(targetIntent.getData(), /* pid= */ -1, callingUid,
uriPermissionFlags) == PackageManager.PERMISSION_DENIED) {
Log.e(TAG, "Calling app must have the permission to access Uri and grant permission");
finish();
return;
}
targetIntent.setComponent(targetComponentName);
// To prevent launchDeepLinkIntentToRight again for configuration change.
@@ -531,20 +553,12 @@ public class SettingsHomepageActivity extends FragmentActivity implements
}
// Check if calling app has privileged access to launch Activity of activityInfo.
private boolean hasPrivilegedAccess(ActivityInfo activityInfo) {
private boolean hasPrivilegedAccess(int callingUid, ActivityInfo activityInfo) {
if (TextUtils.equals(PasswordUtils.getCallingAppPackageName(getActivityToken()),
getPackageName())) {
return true;
}
int callingUid = -1;
try {
callingUid = ActivityManager.getService().getLaunchedFromUid(getActivityToken());
} catch (RemoteException re) {
Log.e(TAG, "Not able to get callingUid: " + re);
return false;
}
int targetUid = -1;
try {
targetUid = getPackageManager().getApplicationInfo(activityInfo.packageName,