diff options
| author | 2023-02-24 01:17:40 +0000 | |
|---|---|---|
| committer | 2023-02-24 01:17:40 +0000 | |
| commit | 1a03b253e6e7d3e02f879a0c8e3f71b192ddc6fd (patch) | |
| tree | b2ab575f366916fcb54619187513b5cb99060faa | |
| parent | 79ecdf41ce3f2945af9d2b8ddf5d6a3ac18996eb (diff) | |
| parent | 922e52bc3d2a6576cc3e45268dfc3ecd3550f45f (diff) | |
Merge "Fix vulnerability in AttributionSource due to incorrect Binder call" into udc-dev
| -rw-r--r-- | core/java/android/content/AttributionSource.java | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/core/java/android/content/AttributionSource.java b/core/java/android/content/AttributionSource.java index e981581c269a..2b400c1fba43 100644 --- a/core/java/android/content/AttributionSource.java +++ b/core/java/android/content/AttributionSource.java @@ -155,6 +155,11 @@ public final class AttributionSource implements Parcelable { AttributionSource(@NonNull Parcel in) { this(AttributionSourceState.CREATOR.createFromParcel(in)); + if (!Binder.isDirectlyHandlingTransaction()) { + throw new SecurityException("AttributionSource should be unparceled during a binder " + + "transaction for proper verification."); + } + // Since we just unpacked this object as part of it transiting a Binder // call, this is the perfect time to enforce that its UID and PID can be trusted enforceCallingUidAndPid(); |