Use FLAG_IMMUTABLE for InboundSmsHandler Require that the PendingIntent be immutable so that a malicious app is not able to hijack and mutate any of the details. Test: Android builds Bug: 155094269 Change-Id: Idc684438d2cd622adee9a1c4d1801e308ee5ead7 Merged-In: Idc684438d2cd622adee9a1c4d1801e308ee5ead7 (cherry picked from commit 1673a7be236cdb9f9a94bffe5824a58008e247ca)

commit: bac18cccb6961ce02b416d10325c47956d78213e [log] [tgz]
author: Shuo Qian <shuoq@google.com> Thu May 07 11:32:31 2020 -0700
committer: Anis Assi <anisassi@google.com> Tue Jun 30 16:13:12 2020 -0700
tree: 056524fa4e72644830e1dd37ddb3bb4fb0de6268
parent: f8339a1dd9a4c5b7bc6e57530087fdd9f8c48eb1 [diff]
diff --git a/src/java/com/android/internal/telephony/InboundSmsHandler.java b/src/java/com/android/internal/telephony/InboundSmsHandler.java
index 14a1217..932bbc0 100644
--- a/src/java/com/android/internal/telephony/InboundSmsHandler.java
+++ b/src/java/com/android/internal/telephony/InboundSmsHandler.java

@@ -1039,7 +1039,7 @@
             mContext,
             0,
             new Intent(ACTION_OPEN_SMS_APP),
-            PendingIntent.FLAG_ONE_SHOT);
+                PendingIntent.FLAG_ONE_SHOT | PendingIntent.FLAG_IMMUTABLE);
         Notification.Builder mBuilder = new Notification.Builder(mContext)
                 .setSmallIcon(com.android.internal.R.drawable.sym_action_chat)
                 .setAutoCancel(true)
commit	bac18cccb6961ce02b416d10325c47956d78213e	[log] [tgz]
author	Shuo Qian <shuoq@google.com>	Thu May 07 11:32:31 2020 -0700
committer	Anis Assi <anisassi@google.com>	Tue Jun 30 16:13:12 2020 -0700
tree	056524fa4e72644830e1dd37ddb3bb4fb0de6268
parent	f8339a1dd9a4c5b7bc6e57530087fdd9f8c48eb1 [diff]