diff options
| author | 2022-08-03 11:48:33 -0700 | |
|---|---|---|
| committer | 2022-08-04 01:30:53 +0000 | |
| commit | 0d03e6f1fc66fefb5409ac93ff49fa922f81664c (patch) | |
| tree | dff43323824de769eb8146d5bed89f436d680bcc | |
| parent | d1b32da8453c931099038e9f5c48793c9dcfa722 (diff) | |
Strip transition information from activityoptions when sent to app
The implementation of shared-element transitions takes the
ActivityOptions from the calling activity and sends them to
another activity. This means that any sensitive information
passed into ActivityManager via ActivityOptions can make its
way to an unrelated app. Recently a RemoteTransition object
was added which includes some sensitive information.
This CL strips the sensitive information from the activity
options before sending it to anonther app.
Bug: 237290578
Test: atest ActivityManagerTest#testActivityManager_stripTransitionFromActivityOptions
Change-Id: Ifa08fc195698f02bf70ca386178c67f6ba4a14ea
| -rw-r--r-- | core/java/android/app/ActivityOptions.java | 5 | ||||
| -rw-r--r-- | services/core/java/com/android/server/wm/ActivityRecord.java | 4 |
2 files changed, 9 insertions, 0 deletions
diff --git a/core/java/android/app/ActivityOptions.java b/core/java/android/app/ActivityOptions.java index 0ff9f6655b8a..e76f89ce9461 100644 --- a/core/java/android/app/ActivityOptions.java +++ b/core/java/android/app/ActivityOptions.java @@ -1353,6 +1353,11 @@ public class ActivityOptions { } /** @hide */ + public void setRemoteTransition(@Nullable RemoteTransition remoteTransition) { + mRemoteTransition = remoteTransition; + } + + /** @hide */ public static ActivityOptions fromBundle(Bundle bOptions) { return bOptions != null ? new ActivityOptions(bOptions) : null; } diff --git a/services/core/java/com/android/server/wm/ActivityRecord.java b/services/core/java/com/android/server/wm/ActivityRecord.java index 0e6d1c69005d..637cda1dec3e 100644 --- a/services/core/java/com/android/server/wm/ActivityRecord.java +++ b/services/core/java/com/android/server/wm/ActivityRecord.java @@ -4640,8 +4640,12 @@ final class ActivityRecord extends WindowToken implements WindowManagerService.A ActivityOptions takeOptions() { if (DEBUG_TRANSITION) Slog.i(TAG, "Taking options for " + this + " callers=" + Debug.getCallers(6)); + if (mPendingOptions == null) return null; final ActivityOptions opts = mPendingOptions; mPendingOptions = null; + // Strip sensitive information from options before sending it to app. + opts.setRemoteTransition(null); + opts.setRemoteAnimationAdapter(null); return opts; } |