f70e351d1a
This adds mitigations to prevent system files being exfiltrated via the settings content provider when a content URI is provided as a chosen user image. The mitigations are: 1) Copy the image to a new URI rather than the existing takePictureUri prior to cropping. 2) Only allow a system handler to respond to the CROP intent. This is a fixed version of ag/17003629, to address b/239513606. Bug: 187702830 Test: build and check functionality Merged-In: I15e15ad88b768a5b679de32c5429d921d850a3cb Change-Id: I98eea867f926c508456ec9bc654e24eeeffa0e54