Prevent apps from spamming addAccountExplicitly.

See comment here for the discussion on solution https://b.corp.google.com/issues/169762606#comment14 Change-Id: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253 Bug: 169762606 (cherry picked from commit 11053c17b397db67b20e96ce769508766cef7db9) Change-Id: Ic65162df3415275514f6277891a9412865e2315b Merged-In: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253
author: Aseem Kumar <aseemk@google.com> 2021-05-17 09:25:03 +0000
committer: Aseem Kumar <aseemk@google.com> 2021-08-20 17:11:57 +0000
commit: 9050942832acdf93faea1803b82ebededa2e1372 (patch)
tree: da8e839f49b35505989bdb55a7b5055959cba429
parent: 75706ea00875d08d77d7bbd37b8a450b8fb51057 (diff)
2 files changed, 12 insertions, 0 deletions
diff --git a/core/java/android/accounts/Account.java b/core/java/android/accounts/Account.java
index 9a18880a353b..965b6e0a02cd 100644
--- a/core/java/android/accounts/Account.java
+++ b/core/java/android/accounts/Account.java
@@ -30,6 +30,7 @@ import android.util.Log;
 
 import com.android.internal.annotations.GuardedBy;
 
+import java.util.Objects;
 import java.util.Set;
 
 /**
@@ -85,6 +86,12 @@ public class Account implements Parcelable {
         if (TextUtils.isEmpty(type)) {
             throw new IllegalArgumentException("the type must not be empty: " + type);
         }
+        if (name.length() > 200) {
+            throw new IllegalArgumentException("account name is longer than 200 characters");
+        }
+        if (type.length() > 200) {
+            throw new IllegalArgumentException("account type is longer than 200 characters");
+        }
         this.name = name;
         this.type = type;
         this.accessId = accessId;
diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
index db3c25a7e43a..90dc03642a86 100644
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -1820,6 +1820,11 @@ public class AccountManagerService
                                 + ", skipping since the account already exists");
                         return false;
                     }
+                    if (accounts.accountsDb.findAllDeAccounts().size() > 100) {
+                        Log.w(TAG, "insertAccountIntoDatabase: " + account.toSafeString()
+                                + ", skipping since more than 50 accounts on device exist");
+                        return false;
+                    }
                     long accountId = accounts.accountsDb.insertCeAccount(account, password);
                     if (accountId < 0) {
                         Log.w(TAG, "insertAccountIntoDatabase: " + account.toSafeString()
author	Aseem Kumar <aseemk@google.com>	2021-05-17 09:25:03 +0000
committer	Aseem Kumar <aseemk@google.com>	2021-08-20 17:11:57 +0000
commit	9050942832acdf93faea1803b82ebededa2e1372 (patch)
tree	da8e839f49b35505989bdb55a7b5055959cba429
parent	75706ea00875d08d77d7bbd37b8a450b8fb51057 (diff)