Google Git
Sign in
android / platform / frameworks / base / cdb913418a5a
commitcdb913418a5a19c253daff3d6d9c6c2fc5ff0d61[log] [tgz]
authorAbhijeet Kaur <abkaur@google.com>Thu Aug 13 12:21:15 2020 +0100
committerandroid-build-team Robot <android-build-team-robot@google.com>Tue Oct 13 01:07:05 2020 +0000
tree556037b9f5863007563b626378dd9e269a6a23ee
parent11725e1206645e567cfdd70100d64d1e0a85180d [diff]
Validate user-supplied URIs in DocumentsProvider calls

Some URIs are used without validating their authorities which can lead
to exploitation by malicious apps.

Bug: 157294893
Test: Manual using test app in b/157294893
Change-Id: I799509ed5ff7e69140e84d796fe7f96d9dbfd32f
Merged-In: I799509ed5ff7e69140e84d796fe7f96d9dbfd32f
(cherry picked from commit 75f984bd32a3ee8115d5cea09ab1bd237537ab54)
(cherry picked from commit e4bb1d7b6cd538acf423c7d8864dd26819fe8757)
1 file changed
tree: 556037b9f5863007563b626378dd9e269a6a23ee
  1. .prebuilt_info/
  2. apct-tests/
  3. apex/
  4. api/
  5. cmds/
  6. config/
  7. core/
  8. data/
  9. docs/
  10. drm/
  11. errorprone/
  12. graphics/
  13. identity/
  14. keystore/
  15. libs/
  16. location/
  17. lowpan/
  18. media/
  19. mime/
  20. mms/
  21. native/
  22. nfc-extras/
  23. non-updatable-api/
  24. obex/
  25. opengl/
  26. packages/
  27. proto/
  28. rs/
  29. samples/
  30. sax/
  31. services/
  32. startop/
  33. telecomm/
  34. telephony/
  35. test-base/
  36. test-legacy/
  37. test-mock/
  38. test-runner/
  39. tests/
  40. tools/
  41. wifi/
  42. .clang-format
  43. .gitignore
  44. .mailmap
  45. Android.bp
  46. Android.mk
  47. ApiDocs.bp
  48. CleanSpec.mk
  49. diff
  50. framework-jarjar-rules.txt
  51. MODULE_LICENSE_APACHE2
  52. NOTICE
  53. pathmap.mk
  54. PREUPLOAD.cfg
  55. StubLibraries.bp
  56. TEST_MAPPING