refs/tags/android-8.1.0_r73 - platform/frameworks/base.git

tag	efcea9ae1deb6be3b573acdb864d472efe05b2fa
tagger	The Android Open Source Project <initial-contribution@android.com>	Mon Feb 03 16:10:44 2020 -0800
object	71509777b4c16f9e42fae92a287c4287a2fd9a06

Android 8.1.0 Release 73 (6107733)

commit	71509777b4c16f9e42fae92a287c4287a2fd9a06	[log] [tgz]
author	Sterling Huber <hubers@google.com>	Thu Nov 07 11:04:03 2019 -0800
committer	Manjae Park <manjaepark@google.com>	Mon Dec 16 12:46:39 2019 -0800
tree	36aea9b04ca0b336152c28823fd72a5ea31c0c56
parent	52c2856394ac8010ff3eba09ee385709d510953b [diff]

RESTRICT AUTOMERGE
Make toasts non-clickable

Since enforcement was only on client-side, in Toast class, an app could
use reflection (or other means) to make the Toast clickable. This is a
security vulnerability since it allows tapjacking, that is, intercept touch
events and do stuff like steal PINs and passwords.

This CL brings the enforcement to the system by applying flag
FLAG_NOT_TOUCHABLE.

Test: Construct app that uses reflection to remove flag FLAG_NOT_TOUCHABLE and
      log click events. Then:
      1) Observe click events are logged without this CL.
      2) Observer click events are not logged with this CL.
Bug: 128674520

Change-Id: Ica346c853dcb9a1e494f7143ba1c38d22c0003d0
(cherry picked from commit 54e6a3c4fbf2eb70541932074ed650dcf22113ed)

services/core/java/com/android/server/policy/PhoneWindowManager.java[diff]

1 file changed

tree: 36aea9b04ca0b336152c28823fd72a5ea31c0c56