Merge "[SettingsProvider] verify ringtone URI before setting" into rvc-dev am: 941891258d am: 037f529f7d am: 456da723a4 am: ff4b06296f am: 9fd44ec14f am: 8c85c68c47 am: 8d77298ccd

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/24424817 Change-Id: I5b8ad32ff41dc9ba6b9b885d3369c126c779eb4f Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
author: Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com> 2023-08-24 20:50:40 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2023-08-24 20:50:40 +0000
commit: 2b59bed3dd531ff16fac0a42441256881b2f4c77 (patch)
tree: 7e4004db50fbb63e5a6179f0370a9cd07afb97c2
parent: a71c9ea8f3f5494c8641dd51b80c49dbcd8d9d96 (diff)
parent: 8d77298ccda7b76fe7286fa6226fd1a26105b038 (diff)
1 files changed, 31 insertions, 0 deletions
diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
index f60f8db5e773..765edd72cfbd 100644
--- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
+++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
@@ -1948,6 +1948,9 @@ public class SettingsProvider extends ContentProvider {
             cacheName = Settings.System.ALARM_ALERT_CACHE;
         }
         if (cacheName != null) {
+            if (!isValidAudioUri(name, value)) {
+                return false;
+            }
             final File cacheFile = new File(
                     getRingtoneCacheDir(owningUserId), cacheName);
             cacheFile.delete();
@@ -1980,6 +1983,34 @@ public class SettingsProvider extends ContentProvider {
         }
     }
 
+    private boolean isValidAudioUri(String name, String uri) {
+        if (uri != null) {
+            Uri audioUri = Uri.parse(uri);
+            if (Settings.AUTHORITY.equals(
+                    ContentProvider.getAuthorityWithoutUserId(audioUri.getAuthority()))) {
+                // Don't accept setting the default uri to self-referential URIs like
+                // Settings.System.DEFAULT_RINGTONE_URI, which is an alias to the value of this
+                // setting.
+                return false;
+            }
+            final String mimeType = getContext().getContentResolver().getType(audioUri);
+            if (mimeType == null) {
+                Slog.e(LOG_TAG,
+                        "mutateSystemSetting for setting: " + name + " URI: " + audioUri
+                        + " ignored: failure to find mimeType (no access from this context?)");
+                return false;
+            }
+            if (!(mimeType.startsWith("audio/") || mimeType.equals("application/ogg")
+                    || mimeType.equals("application/x-flac"))) {
+                Slog.e(LOG_TAG,
+                        "mutateSystemSetting for setting: " + name + " URI: " + audioUri
+                        + " ignored: associated mimeType: " + mimeType + " is not an audio type");
+                return false;
+            }
+        }
+        return true;
+    }
+
     private boolean hasWriteSecureSettingsPermission() {
         // Write secure settings is a more protected permission. If caller has it we are good.
         return getContext().checkCallingOrSelfPermission(Manifest.permission.WRITE_SECURE_SETTINGS)
author	Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com>	2023-08-24 20:50:40 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-08-24 20:50:40 +0000
commit	2b59bed3dd531ff16fac0a42441256881b2f4c77 (patch)
tree	7e4004db50fbb63e5a6179f0370a9cd07afb97c2
parent	a71c9ea8f3f5494c8641dd51b80c49dbcd8d9d96 (diff)
parent	8d77298ccda7b76fe7286fa6226fd1a26105b038 (diff)