32161610 Security Vulnerability - Information disclosure vulnerability
in AOSP Messaging

* Check to make sure the returned uri from the gallery picker does
not point to bugle's data directory (or any subdir).

* Test:
Manual-
* I created the test app in the bug, the one that injects the bad
uri into Bugle. I verified the bad behavior before the fix and the
good behavior after.
* I tested the gallery to make sure picking photos,
from the photos app and drive, still work.
* I verified the behavior in the debugger to be sure the code is
catching the bad uri from the test app.

Change-Id: I3393f3b886c837a49758b91945cf1e17ec9bee41
Fixes: 32161610
(cherry picked from commit 69ed579fb8092395c4ffeb64ff5147622def3d4a)
2 files changed