diff options
| author | 2019-01-29 22:44:14 +0000 | |
|---|---|---|
| committer | 2019-01-29 22:44:14 +0000 | |
| commit | 0f878e30bb5d3762a801c34995f067c9e90bc4e8 (patch) | |
| tree | 0644509d6194540b8ecfb72b01d26ed2ac557dc7 | |
| parent | 6296773cd05e1922b8c943ffe40099b53b9ef72b (diff) | |
| parent | e865b9d9bf8c739793aa645e3dca279e0bc22c0f (diff) | |
Merge "Log a warning if non-role holder attempts to read sms"
| -rw-r--r-- | core/java/android/content/ContentProvider.java | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/core/java/android/content/ContentProvider.java b/core/java/android/content/ContentProvider.java index f138d39b7fb0..13d12c984b78 100644 --- a/core/java/android/content/ContentProvider.java +++ b/core/java/android/content/ContentProvider.java @@ -28,6 +28,7 @@ import android.annotation.NonNull; import android.annotation.Nullable; import android.annotation.UnsupportedAppUsage; import android.app.AppOpsManager; +import android.app.role.RoleManager; import android.content.pm.PathPermission; import android.content.pm.ProviderInfo; import android.content.res.AssetFileDescriptor; @@ -225,6 +226,17 @@ public abstract class ContentProvider implements ContentInterface, ComponentCall @Override public Cursor query(String callingPkg, Uri uri, @Nullable String[] projection, @Nullable Bundle queryArgs, @Nullable ICancellationSignal cancellationSignal) { + if (uri.toString().startsWith("content://sms")) { + RoleManager rm = getContext().getSystemService(RoleManager.class); + if (!rm.isRoleHeld(RoleManager.ROLE_SMS) + && !rm.isRoleHeld(RoleManager.ROLE_DIALER) + && !rm.isRoleHeld(RoleManager.ROLE_ASSISTANT)) { + // STOPSHIP: log it to westworld instead + Log.wtf(TAG, "Sms access attempted by " + callingPkg + + " despite not holding an appropriate role"); + } + } + uri = validateIncomingUri(uri); uri = maybeGetUriWithoutUserId(uri); if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) { |