diff options
| author | 2025-02-03 12:11:54 -0800 | |
|---|---|---|
| committer | 2025-02-03 12:11:54 -0800 | |
| commit | 0e7b7f8d88290417abf1edab2b9f11ffae5bf130 (patch) | |
| tree | 792675124011c8828466c994ba90b0de1d63fe99 | |
| parent | 0bd305f41df15d0c5554699bb5c642de7ab709b4 (diff) | |
| parent | 4a1e3f85e00b0b7eba35f70096efe3dbd5287e7f (diff) | |
Merge "Prevent media button receivers targeting activities" into sc-dev
| -rw-r--r-- | media/java/android/media/session/MediaSession.java | 23 | ||||
| -rw-r--r-- | services/core/java/com/android/server/media/MediaSessionRecord.java | 8 |
2 files changed, 22 insertions, 9 deletions
diff --git a/media/java/android/media/session/MediaSession.java b/media/java/android/media/session/MediaSession.java index a14999df666c..7c1b26d904e4 100644 --- a/media/java/android/media/session/MediaSession.java +++ b/media/java/android/media/session/MediaSession.java @@ -270,17 +270,22 @@ public final class MediaSession { } /** - * Set a pending intent for your media button receiver to allow restarting - * playback after the session has been stopped. If your app is started in - * this way an {@link Intent#ACTION_MEDIA_BUTTON} intent will be sent via - * the pending intent. - * <p> - * The pending intent is recommended to be explicit to follow the security recommendation of - * {@link PendingIntent#getActivity}. + * Set a pending intent for your media button receiver to allow restarting playback after the + * session has been stopped. + * + * <p>If your app is started in this way an {@link Intent#ACTION_MEDIA_BUTTON} intent will be + * sent via the pending intent. + * + * <p>The provided {@link PendingIntent} must not target an activity. Passing an activity + * pending intent will cause the call to be ignored. Refer to this <a + * href="https://developer.android.com/guide/components/activities/background-starts">guide</a> + * for more information. + * + * <p>The pending intent is recommended to be explicit to follow the security recommendation of + * {@link PendingIntent#getService}. * * @param mbr The {@link PendingIntent} to send the media button event to. * @see PendingIntent#getActivity - * * @deprecated Use {@link #setMediaButtonBroadcastReceiver(ComponentName)} instead. */ @Deprecated @@ -288,7 +293,7 @@ public final class MediaSession { try { mBinder.setMediaButtonReceiver(mbr); } catch (RemoteException e) { - Log.wtf(TAG, "Failure in setMediaButtonReceiver.", e); + e.rethrowFromSystemServer(); } } diff --git a/services/core/java/com/android/server/media/MediaSessionRecord.java b/services/core/java/com/android/server/media/MediaSessionRecord.java index becb944101f2..7db5bf261fe2 100644 --- a/services/core/java/com/android/server/media/MediaSessionRecord.java +++ b/services/core/java/com/android/server/media/MediaSessionRecord.java @@ -973,6 +973,14 @@ public class MediaSessionRecord implements IBinder.DeathRecipient, MediaSessionR != 0) { return; } + + if (pi != null && pi.isActivity()) { + Log.w( + TAG, + "Ignoring invalid media button receiver targeting an activity: " + pi); + return; + } + mMediaButtonReceiverHolder = MediaButtonReceiverHolder.create(mUserId, pi, mPackageName); mService.onMediaButtonReceiverChanged(MediaSessionRecord.this); |