72a7e5f8837c3d029479f7aa1c753ab529ecbbac - platform/cts

commit	72a7e5f8837c3d029479f7aa1c753ab529ecbbac	[log] [tgz]
author	Sumedh Sen <sumedhsen@google.com>	Fri Jul 15 19:39:20 2022 -0700
committer	Sumedh Sen <sumedhsen@google.com>	Mon Jul 25 11:16:32 2022 -0700
tree	1cb263d51f9acb7c4197d1cc09321bc72107593c
parent	6162f9aaa0542b2f9ff50e3597698e2b0cb6e007 [diff]

Prevent apps from accessing protected content providers without query
permission

- If a package tried to access a protected content provider (i.e. a
content provider with grantUriPermission=false), without having adequate
visibility, calling package would force close due to a SecurityException.
- InstallStart now checks if the calling package has visibility of the package
defining the content provider and also handles the SecurityException if
raised.

Bug: 195963690
Test: atest CtsContentProviderTestsWithVisibility CtsContentProviderTestsWithoutVisibility

Change-Id: I8dd1b1a18a9ca07a4a8184f9aacddfed9d171f19

tests/tests/packageinstaller/contentprovider/Android.bp[Added - diff]
tests/tests/packageinstaller/contentprovider/AndroidManifestNoVisibility.xml[Added - diff]
tests/tests/packageinstaller/contentprovider/AndroidManifestVisibility.xml[Added - diff]
tests/tests/packageinstaller/contentprovider/AndroidTestNoVisibility.xml[Added - diff]
tests/tests/packageinstaller/contentprovider/AndroidTestVisibility.xml[Added - diff]
tests/tests/packageinstaller/contentprovider/OWNERS[Added - diff]
tests/tests/packageinstaller/contentprovider/src/android/packageinstaller/contentprovider/cts/ContentProviderAppVisibilityTestsBase.kt[Added - diff]
tests/tests/packageinstaller/contentprovider/src/android/packageinstaller/contentprovider/cts/withoutvisibility/WithoutVisibilityContentProviderTest.kt[Added - diff]
tests/tests/packageinstaller/contentprovider/src/android/packageinstaller/contentprovider/cts/withvisibility/WithVisibilityContentProviderTest.kt[Added - diff]

9 files changed

tree: 1cb263d51f9acb7c4197d1cc09321bc72107593c