diff options
| author | 2020-10-06 09:17:39 -0400 | |
|---|---|---|
| committer | 2020-11-09 16:09:20 +0000 | |
| commit | ed450d77edc632bbdf74f86fa76dae1f9475a5c9 (patch) | |
| tree | 91db242247e2803ecb90dfadf3ec1e8f10fc9287 | |
| parent | d6d6f2621d2a2fbd352b692c91dbbf76eb9dd010 (diff) | |
[DO NOT MERGE] Make GlobalScreenshot PendingIntents immutable
Mutable pending intents are a security risk. This change adds the
IMMUTABLE flag to all PendingIntents created in GlobalScreenshot.
Bug: 162738636
Test: manual
Change-Id: I1044b6aaf2b1650ff91d9a72181684d2aaea9a62
| -rw-r--r-- | packages/SystemUI/src/com/android/systemui/screenshot/GlobalScreenshot.java | 85 |
1 files changed, 48 insertions, 37 deletions
diff --git a/packages/SystemUI/src/com/android/systemui/screenshot/GlobalScreenshot.java b/packages/SystemUI/src/com/android/systemui/screenshot/GlobalScreenshot.java index 8a0d7e38f875..0488201a7f56 100644 --- a/packages/SystemUI/src/com/android/systemui/screenshot/GlobalScreenshot.java +++ b/packages/SystemUI/src/com/android/systemui/screenshot/GlobalScreenshot.java @@ -103,6 +103,7 @@ class SaveImageInBackgroundData { imageUri = null; iconSize = 0; } + void clearContext() { context = null; } @@ -190,13 +191,13 @@ class SaveImageInBackgroundTask extends AsyncTask<Void, Void, Void> { mNotificationBuilder = new Notification.Builder(context, NotificationChannels.SCREENSHOTS_HEADSUP) - .setContentTitle(r.getString(R.string.screenshot_saving_title)) - .setSmallIcon(R.drawable.stat_notify_image) - .setWhen(now) - .setShowWhen(true) - .setColor(r.getColor(com.android.internal.R.color.system_notification_accent_color)) - .setStyle(mNotificationStyle) - .setPublicVersion(mPublicNotificationBuilder.build()); + .setContentTitle(r.getString(R.string.screenshot_saving_title)) + .setSmallIcon(R.drawable.stat_notify_image) + .setWhen(now) + .setShowWhen(true) + .setColor(r.getColor(com.android.internal.R.color.system_notification_accent_color)) + .setStyle(mNotificationStyle) + .setPublicVersion(mPublicNotificationBuilder.build()); mNotificationBuilder.setFlag(Notification.FLAG_NO_CLEAR, true); SystemUI.overrideNotificationAppName(context, mNotificationBuilder, true); @@ -365,21 +366,23 @@ class SaveImageInBackgroundTask extends AsyncTask<Void, Void, Void> { mPublicNotificationBuilder .setContentTitle(r.getString(R.string.screenshot_saved_title)) .setContentText(r.getString(R.string.screenshot_saved_text)) - .setContentIntent(PendingIntent.getActivity(mParams.context, 0, launchIntent, 0)) + .setContentIntent(PendingIntent.getActivity(mParams.context, 0, launchIntent, + PendingIntent.FLAG_IMMUTABLE)) .setWhen(now) .setAutoCancel(true) .setColor(context.getColor( com.android.internal.R.color.system_notification_accent_color)); mNotificationBuilder - .setContentTitle(r.getString(R.string.screenshot_saved_title)) - .setContentText(r.getString(R.string.screenshot_saved_text)) - .setContentIntent(PendingIntent.getActivity(mParams.context, 0, launchIntent, 0)) - .setWhen(now) - .setAutoCancel(true) - .setColor(context.getColor( - com.android.internal.R.color.system_notification_accent_color)) - .setPublicVersion(mPublicNotificationBuilder.build()) - .setFlag(Notification.FLAG_NO_CLEAR, false); + .setContentTitle(r.getString(R.string.screenshot_saved_title)) + .setContentText(r.getString(R.string.screenshot_saved_text)) + .setContentIntent(PendingIntent.getActivity(mParams.context, 0, launchIntent, + PendingIntent.FLAG_IMMUTABLE)) + .setWhen(now) + .setAutoCancel(true) + .setColor(context.getColor( + com.android.internal.R.color.system_notification_accent_color)) + .setPublicVersion(mPublicNotificationBuilder.build()) + .setFlag(Notification.FLAG_NO_CLEAR, false); mNotificationManager.notify(SystemMessage.NOTE_GLOBAL_SCREENSHOT, mNotificationBuilder.build()); @@ -480,7 +483,8 @@ class GlobalScreenshot { // Inflate the screenshot layout mDisplayMatrix = new Matrix(); mScreenshotLayout = layoutInflater.inflate(R.layout.global_screenshot, null); - mBackgroundView = (ImageView) mScreenshotLayout.findViewById(R.id.global_screenshot_background); + mBackgroundView = (ImageView) mScreenshotLayout.findViewById( + R.id.global_screenshot_background); mScreenshotView = (ImageView) mScreenshotLayout.findViewById(R.id.global_screenshot); mScreenshotFlash = (ImageView) mScreenshotLayout.findViewById(R.id.global_screenshot_flash); mScreenshotSelectorView = (ScreenshotSelectorView) mScreenshotLayout.findViewById( @@ -501,25 +505,26 @@ class GlobalScreenshot { ViewGroup.LayoutParams.MATCH_PARENT, ViewGroup.LayoutParams.MATCH_PARENT, 0, 0, WindowManager.LayoutParams.TYPE_SCREENSHOT, WindowManager.LayoutParams.FLAG_FULLSCREEN - | WindowManager.LayoutParams.FLAG_LAYOUT_IN_SCREEN - | WindowManager.LayoutParams.FLAG_SHOW_WHEN_LOCKED, + | WindowManager.LayoutParams.FLAG_LAYOUT_IN_SCREEN + | WindowManager.LayoutParams.FLAG_SHOW_WHEN_LOCKED, PixelFormat.TRANSLUCENT); mWindowLayoutParams.setTitle("ScreenshotAnimation"); mWindowLayoutParams.layoutInDisplayCutoutMode = LAYOUT_IN_DISPLAY_CUTOUT_MODE_ALWAYS; mWindowManager = (WindowManager) context.getSystemService(Context.WINDOW_SERVICE); mNotificationManager = (NotificationManager) context.getSystemService(Context.NOTIFICATION_SERVICE); + mDisplay = mWindowManager.getDefaultDisplay(); mDisplayMetrics = new DisplayMetrics(); mDisplay.getRealMetrics(mDisplayMetrics); // Get the various target sizes mNotificationIconSize = - r.getDimensionPixelSize(android.R.dimen.notification_large_icon_height); + r.getDimensionPixelSize(android.R.dimen.notification_large_icon_height); // Scale has to account for both sides of the bg mBgPadding = (float) r.getDimensionPixelSize(R.dimen.global_screenshot_bg_padding); - mBgPaddingScale = mBgPadding / mDisplayMetrics.widthPixels; + mBgPaddingScale = mBgPadding / mDisplayMetrics.widthPixels; // determine the optimal preview size int panelWidth = 0; @@ -719,6 +724,7 @@ class GlobalScreenshot { } }); } + private ValueAnimator createScreenshotDropInAnimation() { final float flashPeakDurationPct = ((float) (SCREENSHOT_FLASH_TO_PEAK_DURATION) / SCREENSHOT_DROP_IN_DURATION); @@ -759,6 +765,7 @@ class GlobalScreenshot { mScreenshotFlash.setAlpha(0f); mScreenshotFlash.setVisibility(View.VISIBLE); } + @Override public void onAnimationEnd(android.animation.Animator animation) { mScreenshotFlash.setVisibility(View.GONE); @@ -769,7 +776,7 @@ class GlobalScreenshot { public void onAnimationUpdate(ValueAnimator animation) { float t = (Float) animation.getAnimatedValue(); float scaleT = (SCREENSHOT_SCALE + mBgPaddingScale) - - scaleInterpolator.getInterpolation(t) + - scaleInterpolator.getInterpolation(t) * (SCREENSHOT_SCALE - SCREENSHOT_DROP_IN_MIN_SCALE); mBackgroundView.setAlpha(scaleInterpolator.getInterpolation(t) * BACKGROUND_ALPHA); mScreenshotView.setAlpha(t); @@ -780,6 +787,7 @@ class GlobalScreenshot { }); return anim; } + private ValueAnimator createScreenshotDropOutAnimation(int w, int h, boolean statusBarVisible, boolean navBarVisible) { ValueAnimator anim = ValueAnimator.ofFloat(0f, 1f); @@ -801,7 +809,8 @@ class GlobalScreenshot { public void onAnimationUpdate(ValueAnimator animation) { float t = (Float) animation.getAnimatedValue(); float scaleT = (SCREENSHOT_DROP_IN_MIN_SCALE + mBgPaddingScale) - - t * (SCREENSHOT_DROP_IN_MIN_SCALE - SCREENSHOT_FAST_DROP_OUT_MIN_SCALE); + - t * (SCREENSHOT_DROP_IN_MIN_SCALE + - SCREENSHOT_FAST_DROP_OUT_MIN_SCALE); mBackgroundView.setAlpha((1f - t) * BACKGROUND_ALPHA); mScreenshotView.setAlpha(1f - t); mScreenshotView.setScaleX(scaleT); @@ -828,8 +837,10 @@ class GlobalScreenshot { float halfScreenHeight = (h - 2f * mBgPadding) / 2f; final float offsetPct = SCREENSHOT_DROP_OUT_MIN_SCALE_OFFSET; final PointF finalPos = new PointF( - -halfScreenWidth + (SCREENSHOT_DROP_OUT_MIN_SCALE + offsetPct) * halfScreenWidth, - -halfScreenHeight + (SCREENSHOT_DROP_OUT_MIN_SCALE + offsetPct) * halfScreenHeight); + -halfScreenWidth + + (SCREENSHOT_DROP_OUT_MIN_SCALE + offsetPct) * halfScreenWidth, + -halfScreenHeight + + (SCREENSHOT_DROP_OUT_MIN_SCALE + offsetPct) * halfScreenHeight); // Animate the screenshot to the status bar anim.setDuration(SCREENSHOT_DROP_OUT_DURATION); @@ -838,7 +849,7 @@ class GlobalScreenshot { public void onAnimationUpdate(ValueAnimator animation) { float t = (Float) animation.getAnimatedValue(); float scaleT = (SCREENSHOT_DROP_IN_MIN_SCALE + mBgPaddingScale) - - scaleInterpolator.getInterpolation(t) + - scaleInterpolator.getInterpolation(t) * (SCREENSHOT_DROP_IN_MIN_SCALE - SCREENSHOT_DROP_OUT_MIN_SCALE); mBackgroundView.setAlpha((1f - t) * BACKGROUND_ALPHA); mScreenshotView.setAlpha(1f - scaleInterpolator.getInterpolation(t)); @@ -858,15 +869,15 @@ class GlobalScreenshot { // Repurpose the existing notification to notify the user of the error Notification.Builder b = new Notification.Builder(context, NotificationChannels.ALERTS) - .setTicker(r.getString(R.string.screenshot_failed_title)) - .setContentTitle(r.getString(R.string.screenshot_failed_title)) - .setContentText(errorMsg) - .setSmallIcon(R.drawable.stat_notify_image_error) - .setWhen(System.currentTimeMillis()) - .setVisibility(Notification.VISIBILITY_PUBLIC) // ok to show outside lockscreen - .setCategory(Notification.CATEGORY_ERROR) - .setAutoCancel(true) - .setColor(context.getColor( + .setTicker(r.getString(R.string.screenshot_failed_title)) + .setContentTitle(r.getString(R.string.screenshot_failed_title)) + .setContentText(errorMsg) + .setSmallIcon(R.drawable.stat_notify_image_error) + .setWhen(System.currentTimeMillis()) + .setVisibility(Notification.VISIBILITY_PUBLIC) // ok to show outside lockscreen + .setCategory(Notification.CATEGORY_ERROR) + .setAutoCancel(true) + .setColor(context.getColor( com.android.internal.R.color.system_notification_accent_color)); final DevicePolicyManager dpm = (DevicePolicyManager) context.getSystemService( Context.DEVICE_POLICY_SERVICE); @@ -874,7 +885,7 @@ class GlobalScreenshot { DevicePolicyManager.POLICY_DISABLE_SCREEN_CAPTURE); if (intent != null) { final PendingIntent pendingIntent = PendingIntent.getActivityAsUser( - context, 0, intent, 0, null, UserHandle.CURRENT); + context, 0, intent, PendingIntent.FLAG_IMMUTABLE, null, UserHandle.CURRENT); b.setContentIntent(pendingIntent); } |