Created as manual cherry-pick for http://ag/866007 to lmp-mr1-release
Change-Id: Ic7519c3f888c548446e5058a628c2d10bad1db6a
diff --git a/src/com/android/server/telecom/TelecomService.java b/src/com/android/server/telecom/TelecomService.java
index 0e0f0a1..0f3f676 100644
--- a/src/com/android/server/telecom/TelecomService.java
+++ b/src/com/android/server/telecom/TelecomService.java
@@ -43,6 +43,8 @@
import android.telephony.TelephonyManager;
import android.text.TextUtils;
+import android.util.EventLog;
+
// TODO: Needed for move to system service: import com.android.internal.R;
import com.android.internal.telecom.ITelecomService;
import com.android.internal.util.IndentingPrintWriter;
@@ -660,6 +662,7 @@
mAppOpsManager.checkPackage(
Binder.getCallingUid(), phoneAccountHandle.getComponentName().getPackageName());
+ enforcePhoneAccountIsRegistered(phoneAccountHandle);
// Make sure it doesn't cross the UserHandle boundary
enforceUserHandleMatchesCaller(phoneAccountHandle);
@@ -685,6 +688,7 @@
mAppOpsManager.checkPackage(
Binder.getCallingUid(), phoneAccountHandle.getComponentName().getPackageName());
+ enforcePhoneAccountIsRegistered(phoneAccountHandle);
// Make sure it doesn't cross the UserHandle boundary
enforceUserHandleMatchesCaller(phoneAccountHandle);
@@ -850,6 +854,16 @@
return false;
}
+ // Enforce that the PhoneAccountHandle being passed in is registered to a valid PhoneAccount.
+ private void enforcePhoneAccountIsRegistered(PhoneAccountHandle phoneAccountHandle) {
+ PhoneAccount phoneAccount = mPhoneAccountRegistrar.getPhoneAccount(phoneAccountHandle);
+ if(phoneAccount == null) {
+ EventLog.writeEvent(0x534e4554, "26864502", Binder.getCallingUid(), "R");
+ throw new SecurityException("This PhoneAccountHandle is not registered to a valid " +
+ "PhoneAccount!");
+ }
+ }
+
private void enforcePhoneAccountModificationForPackage(String packageName) {
// TODO: Use a new telecomm permission for this instead of reusing modify.
