Merge TP1A.221105.002 to aosp-master - DO NOT MERGE
Merged-In: I4f6343abbe6d798b2b6633bde1df62d28686a7f2
Merged-In: I3d64037ad882761223302c8fd8c77ac04b6c5f8c
Merged-In: I3d64037ad882761223302c8fd8c77ac04b6c5f8c
Change-Id: I9e5c22511b7fada8b5def1ae8f0a87c971ec7f3a
diff --git a/src/com/android/providers/telephony/MmsProvider.java b/src/com/android/providers/telephony/MmsProvider.java
index 04182ac..bc41208 100644
--- a/src/com/android/providers/telephony/MmsProvider.java
+++ b/src/com/android/providers/telephony/MmsProvider.java
@@ -45,6 +45,7 @@
import android.system.ErrnoException;
import android.system.Os;
import android.text.TextUtils;
+import android.util.EventLog;
import android.util.Log;
import com.android.internal.annotations.VisibleForTesting;
@@ -850,13 +851,21 @@
case MMS_PART_RESET_FILE_PERMISSION:
String path = getContext().getDir(PARTS_DIR_NAME, 0).getPath() + '/' +
uri.getPathSegments().get(1);
- // Reset the file permission back to read for everyone but me.
+
try {
+ String partsDirPath = getContext().getDir(PARTS_DIR_NAME, 0).getCanonicalPath();
+ if (!new File(path).getCanonicalPath().startsWith(partsDirPath)) {
+ EventLog.writeEvent(0x534e4554, "240685104",
+ Binder.getCallingUid(), (TAG + " update: path " + path +
+ " does not start with " + partsDirPath));
+ return 0;
+ }
+ // Reset the file permission back to read for everyone but me.
Os.chmod(path, 0644);
if (LOCAL_LOGV) {
Log.d(TAG, "MmsProvider.update chmod is successful for path: " + path);
}
- } catch (ErrnoException e) {
+ } catch (ErrnoException | IOException e) {
Log.e(TAG, "Exception in chmod: " + e);
}
return 0;