Google Git
Sign in
android / platform / packages / apps / Settings / f70e351d1a
commitf70e351d1a3bc7765da1fa8f9e0bb52d425b27e4[log] [tgz]
authorOli Lan <olilan@google.com>Fri Aug 26 18:29:16 2022 +0100
committerOli Lan <olilan@google.com>Fri Aug 26 19:46:02 2022 +0100
tree2fda60a7746d53bdf0a8a8882305d6e2388f4d04
parentb9bafa0d3d1b2bf02d9b96eee505dfc492324bec [diff]
Prevent exfiltration of system files via avatar picker.

This adds mitigations to prevent system files being exfiltrated
via the settings content provider when a content URI is provided
as a chosen user image.

The mitigations are:

1) Copy the image to a new URI rather than the existing takePictureUri
prior to cropping.

2) Only allow a system handler to respond to the CROP intent.

This is a fixed version of ag/17003629, to address b/239513606.

Bug: 187702830
Test: build and check functionality
Merged-In: I15e15ad88b768a5b679de32c5429d921d850a3cb
Change-Id: I98eea867f926c508456ec9bc654e24eeeffa0e54
1 file changed
tree: 2fda60a7746d53bdf0a8a8882305d6e2388f4d04
  1. libs/
  2. protos/
  3. res/
  4. src/
  5. tests/
  6. .gitignore
  7. Android.mk
  8. AndroidManifest.xml
  9. CleanSpec.mk
  10. color-check-baseline.xml
  11. MODULE_LICENSE_APACHE2
  12. NOTICE
  13. OWNERS
  14. PREUPLOAD.cfg
  15. proguard.flags
  16. wrap_alpha.py