diff options
| author | 2025-02-03 14:16:42 -0800 | |
|---|---|---|
| committer | 2025-02-03 14:16:42 -0800 | |
| commit | e7115fc6ff43c406c26f3fb2fba50fc895c90cdc (patch) | |
| tree | 22b7e6e76819c1b7b760e129e719c883d2ea0440 | |
| parent | f1764b7fe4a9948e4e0b372685660d3e65bf9ae5 (diff) | |
| parent | 058ffb9a04f26dfb4c12bcbabb72e2fb06e6f39b (diff) | |
Merge "Prevent media button receivers targeting activities" into sc-dev am: 0e7b7f8d88 am: 39b397e80d am: 242c23506c am: 99619bea4e am: 058ffb9a04
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/31350809
Change-Id: I1ca25f636db17e3fe6ce0f40e8daa5a0ab1892e5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
| -rw-r--r-- | media/java/android/media/session/MediaSession.java | 23 | ||||
| -rw-r--r-- | services/core/java/com/android/server/media/MediaSessionRecord.java | 8 |
2 files changed, 22 insertions, 9 deletions
diff --git a/media/java/android/media/session/MediaSession.java b/media/java/android/media/session/MediaSession.java index 09eff9e4e13a..b4fc09f72bbc 100644 --- a/media/java/android/media/session/MediaSession.java +++ b/media/java/android/media/session/MediaSession.java @@ -270,17 +270,22 @@ public final class MediaSession { } /** - * Set a pending intent for your media button receiver to allow restarting - * playback after the session has been stopped. If your app is started in - * this way an {@link Intent#ACTION_MEDIA_BUTTON} intent will be sent via - * the pending intent. - * <p> - * The pending intent is recommended to be explicit to follow the security recommendation of - * {@link PendingIntent#getActivity}. + * Set a pending intent for your media button receiver to allow restarting playback after the + * session has been stopped. + * + * <p>If your app is started in this way an {@link Intent#ACTION_MEDIA_BUTTON} intent will be + * sent via the pending intent. + * + * <p>The provided {@link PendingIntent} must not target an activity. Passing an activity + * pending intent will cause the call to be ignored. Refer to this <a + * href="https://developer.android.com/guide/components/activities/background-starts">guide</a> + * for more information. + * + * <p>The pending intent is recommended to be explicit to follow the security recommendation of + * {@link PendingIntent#getService}. * * @param mbr The {@link PendingIntent} to send the media button event to. * @see PendingIntent#getActivity - * * @deprecated Use {@link #setMediaButtonBroadcastReceiver(ComponentName)} instead. */ @Deprecated @@ -288,7 +293,7 @@ public final class MediaSession { try { mBinder.setMediaButtonReceiver(mbr); } catch (RemoteException e) { - Log.wtf(TAG, "Failure in setMediaButtonReceiver.", e); + e.rethrowFromSystemServer(); } } diff --git a/services/core/java/com/android/server/media/MediaSessionRecord.java b/services/core/java/com/android/server/media/MediaSessionRecord.java index 8f07b3924da0..1b2f2beb2104 100644 --- a/services/core/java/com/android/server/media/MediaSessionRecord.java +++ b/services/core/java/com/android/server/media/MediaSessionRecord.java @@ -978,6 +978,14 @@ public class MediaSessionRecord implements IBinder.DeathRecipient, MediaSessionR != 0) { return; } + + if (pi != null && pi.isActivity()) { + Log.w( + TAG, + "Ignoring invalid media button receiver targeting an activity: " + pi); + return; + } + mMediaButtonReceiverHolder = MediaButtonReceiverHolder.create(mUserId, pi, mPackageName); mService.onMediaButtonReceiverChanged(MediaSessionRecord.this); |