Fix vulnerability by explicitly set the class name of avatar picker. Flag: android.multiuser.fix_avatar_cross_user_leak Test: manual Bug: 341688848 (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:4b731d5c8715190b88a44c443d5028b3014cd495) Merged-In: I0203403d7724076c7d6266a7b5930fa26a3e54b7 Change-Id: I0203403d7724076c7d6266a7b5930fa26a3e54b7
diff --git a/packages/SettingsLib/res/values/config.xml b/packages/SettingsLib/res/values/config.xml index 68b81db..3c3de04 100644 --- a/packages/SettingsLib/res/values/config.xml +++ b/packages/SettingsLib/res/values/config.xml
@@ -31,4 +31,14 @@ <!-- Control whether status bar should distinguish HSPA data icon form UMTS data icon on devices --> <bool name="config_hspa_data_distinguishable">false</bool> + + <!-- Edit User avatar explicit package name --> + <string name="config_avatar_picker_package" translatable="false"> + com.android.avatarpicker + </string> + + <!-- Edit User avatar explicit activity class --> + <string name="config_avatar_picker_class" translatable="false"> + com.android.avatarpicker.ui.AvatarPickerActivity + </string> </resources> \ No newline at end of file
diff --git a/packages/SettingsLib/src/com/android/settingslib/users/EditUserPhotoController.java b/packages/SettingsLib/src/com/android/settingslib/users/EditUserPhotoController.java index cdc3f12..f38e91a 100644 --- a/packages/SettingsLib/src/com/android/settingslib/users/EditUserPhotoController.java +++ b/packages/SettingsLib/src/com/android/settingslib/users/EditUserPhotoController.java
@@ -32,6 +32,7 @@ import com.android.internal.util.UserIcons; import com.android.settingslib.drawable.CircleFramedDrawable; +import com.android.settingslib.R; import com.android.settingslib.utils.ThreadUtils; import com.google.common.util.concurrent.FutureCallback; @@ -132,6 +133,13 @@ intent.addCategory(Intent.CATEGORY_DEFAULT); if (Flags.avatarSync()) { intent.putExtra(EXTRA_IS_USER_NEW, isUserNew); + // Fix vulnerability b/341688848 by explicitly set the class name of avatar picker. + if (Flags.fixAvatarCrossUserLeak()) { + final String packageName = + mActivity.getString(R.string.config_avatar_picker_package); + final String className = mActivity.getString(R.string.config_avatar_picker_class); + intent.setClassName(packageName, className); + } } else { // SettingsLib is used by multiple apps therefore we need to know out of all apps // using settingsLib which one is the one we return value to.