Add safety checks on KEY_INTENT mismatch.
For many years, Parcel mismatch typed exploits has been using the
AccoungManagerService's passing of KEY_INTENT workflow, as a foothold of
launching arbitrary intents. We are adding an extra check on the service
side to simulate the final deserialization of the KEY_INTENT value, to
make sure the client side won't get a mismatched KEY_INTENT value.
Test: atest CtsAccountManagerTestCases
Test: local test, also see b/250588548
(cherry picked from commit ba27731d04d95bf4b17c41a5d85aac09c39b9329)
1 file changed