Fix Security issue for Html.fromHtml without escape

Add Html.escapeHtml() for the string and also remove profileName for the confirmation_title to make sure the confirmation_title always show the device's name. Bug: 172251622 Bug: 197035186 Test: Manual Change-Id: I7e2f95fd85e18127dc481f188ace8ad6effc4831 (cherry picked from commit 8f005ffe4aa380552fb9f739d1b08c6f63f24fef)
author: Evan Chen <evanxinchen@google.com> 2021-08-13 19:40:04 +0000
committer: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> 2021-09-15 00:10:32 +0000
commit: cb890336d6a8056cc46ed01a908ad8f70e3880b6 (patch)
tree: ec6ab165ed06a4c9e621f4e569e16013d567fa65
parent: 3f7e5e4464945a80819a737ae1c31d9f26074be4 (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/packages/CompanionDeviceManager/src/com/android/companiondevicemanager/CompanionDeviceActivity.java b/packages/CompanionDeviceManager/src/com/android/companiondevicemanager/CompanionDeviceActivity.java
index c1a0a9a92cc2..b4cafd8548f4 100644
--- a/packages/CompanionDeviceManager/src/com/android/companiondevicemanager/CompanionDeviceActivity.java
+++ b/packages/CompanionDeviceManager/src/com/android/companiondevicemanager/CompanionDeviceActivity.java
@@ -93,9 +93,9 @@ public class CompanionDeviceActivity extends Activity {
             final DeviceFilterPair selectedDevice = getService().mDevicesFound.get(0);
             setTitle(Html.fromHtml(getString(
                     R.string.confirmation_title,
-                    getCallingAppName(),
-                    profileName,
-                    selectedDevice.getDisplayName()), 0));
+                    Html.escapeHtml(getCallingAppName()),
+                    Html.escapeHtml(selectedDevice.getDisplayName())), 0));
+
             mPairButton = findViewById(R.id.button_pair);
             mPairButton.setOnClickListener(v -> onDeviceConfirmed(getService().mSelectedDevice));
             getService().mSelectedDevice = selectedDevice;
@@ -108,8 +108,8 @@ public class CompanionDeviceActivity extends Activity {
             mPairButton = findViewById(R.id.button_pair);
             mPairButton.setVisibility(View.GONE);
             setTitle(Html.fromHtml(getString(R.string.chooser_title,
-                    profileName,
-                    getCallingAppName()), 0));
+                    Html.escapeHtml(profileName),
+                    Html.escapeHtml(getCallingAppName())), 0));
             mDeviceListView = findViewById(R.id.device_list);
             mDevicesAdapter = new DevicesAdapter();
             mDeviceListView.setAdapter(mDevicesAdapter);
author	Evan Chen <evanxinchen@google.com>	2021-08-13 19:40:04 +0000
committer	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	2021-09-15 00:10:32 +0000
commit	cb890336d6a8056cc46ed01a908ad8f70e3880b6 (patch)
tree	ec6ab165ed06a4c9e621f4e569e16013d567fa65
parent	3f7e5e4464945a80819a737ae1c31d9f26074be4 (diff)