[conflict] Prevent sharesheet from previewing unowned URIs am: 3062b80fb2 am: b4f4ac8e45

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/21535256 Fixes: 271677210 Bug: 261036568 Change-Id: I669725befd2c09430e632017379f2b4e3eda4bd0 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Merged-In: I582bacca197d814204b48b917a550f72dbde87d6 Merged-In: Ib3f5839d00c7cf09bca3b01fc0a8a6f0f4960993 Merged-In: Iee1a75ef6ecbf471badeb42d8ebea11e74d884c1 Merged-In: I83e93c373538460e38ec17f1fd8e39d7aea95c10
author: Mark Renouf <mrenouf@google.com> 2023-03-04 14:36:10 +0000
committer: Mark Renouf <mrenouf@google.com> 2023-03-04 17:18:01 +0000
commit: f4b4fbea828861e6b54aa47fedd8b5db25947151 (patch)
tree: 750792460dc990512ffa1695b7fc6c783240c21d
parent: 6255caf9661b7be2a8ecaf695950d821b1048e05 (diff)
parent: b4f4ac8e4540a4a5d254dda2873968bbbfe2b8be (diff)
1 files changed, 34 insertions, 2 deletions
diff --git a/core/java/com/android/internal/app/ChooserActivity.java b/core/java/com/android/internal/app/ChooserActivity.java
index 786af5f0823e..105f80adb2c7 100644
--- a/core/java/com/android/internal/app/ChooserActivity.java
+++ b/core/java/com/android/internal/app/ChooserActivity.java
@@ -16,6 +16,8 @@
 
 package com.android.internal.app;
 
+import static android.content.ContentProvider.getUserIdFromUri;
+
 import static java.lang.annotation.RetentionPolicy.SOURCE;
 
 import android.animation.Animator;
@@ -149,6 +151,7 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
+import java.util.stream.Collectors;
 
 /**
  * The Chooser Activity handles intent resolution specifically for sharing intents -
@@ -1375,7 +1378,7 @@ public class ChooserActivity extends ResolverActivity implements
 
             ImageView previewThumbnailView = contentPreviewLayout.findViewById(
                     R.id.content_preview_thumbnail);
-            if (previewThumbnail == null) {
+            if (!validForContentPreview(previewThumbnail)) {
                 previewThumbnailView.setVisibility(View.GONE);
             } else {
                 mPreviewCoord = new ContentPreviewCoordinator(contentPreviewLayout, false);
@@ -1403,6 +1406,10 @@ public class ChooserActivity extends ResolverActivity implements
         String action = targetIntent.getAction();
         if (Intent.ACTION_SEND.equals(action)) {
             Uri uri = targetIntent.getParcelableExtra(Intent.EXTRA_STREAM);
+            if (!validForContentPreview(uri)) {
+                contentPreviewLayout.setVisibility(View.GONE);
+                return contentPreviewLayout;
+            }
             imagePreview.findViewById(R.id.content_preview_image_1_large)
                     .setTransitionName(ChooserActivity.FIRST_IMAGE_PREVIEW_TRANSITION_NAME);
             mPreviewCoord.loadUriIntoView(R.id.content_preview_image_1_large, uri, 0);
@@ -1412,7 +1419,7 @@ public class ChooserActivity extends ResolverActivity implements
             List<Uri> uris = targetIntent.getParcelableArrayListExtra(Intent.EXTRA_STREAM);
             List<Uri> imageUris = new ArrayList<>();
             for (Uri uri : uris) {
-                if (isImageType(resolver.getType(uri))) {
+                if (validForContentPreview(uri) && isImageType(resolver.getType(uri))) {
                     imageUris.add(uri);
                 }
             }
@@ -1521,9 +1528,16 @@ public class ChooserActivity extends ResolverActivity implements
         String action = targetIntent.getAction();
         if (Intent.ACTION_SEND.equals(action)) {
             Uri uri = targetIntent.getParcelableExtra(Intent.EXTRA_STREAM);
+            if (!validForContentPreview(uri)) {
+                contentPreviewLayout.setVisibility(View.GONE);
+                return contentPreviewLayout;
+            }
             loadFileUriIntoView(uri, contentPreviewLayout);
         } else {
             List<Uri> uris = targetIntent.getParcelableArrayListExtra(Intent.EXTRA_STREAM);
+            uris = uris.stream()
+                    .filter(ChooserActivity::validForContentPreview)
+                    .collect(Collectors.toList());
             int uriCount = uris.size();
 
             if (uriCount == 0) {
@@ -1577,6 +1591,24 @@ public class ChooserActivity extends ResolverActivity implements
         }
     }
 
+    /**
+     * Indicate if the incoming content URI should be allowed.
+     *
+     * @param uri the uri to test
+     * @return true if the URI is allowed for content preview
+     */
+    private static boolean validForContentPreview(Uri uri) throws SecurityException {
+        if (uri == null) {
+            return false;
+        }
+        int userId = getUserIdFromUri(uri, UserHandle.USER_CURRENT);
+        if (userId != UserHandle.USER_CURRENT && userId != UserHandle.myUserId()) {
+            Log.e(TAG, "dropped invalid content URI belonging to user " + userId);
+            return false;
+        }
+        return true;
+    }
+
     @VisibleForTesting
     protected boolean isImageType(String mimeType) {
         return mimeType != null && mimeType.startsWith("image/");
author	Mark Renouf <mrenouf@google.com>	2023-03-04 14:36:10 +0000
committer	Mark Renouf <mrenouf@google.com>	2023-03-04 17:18:01 +0000
commit	f4b4fbea828861e6b54aa47fedd8b5db25947151 (patch)
tree	750792460dc990512ffa1695b7fc6c783240c21d
parent	6255caf9661b7be2a8ecaf695950d821b1048e05 (diff)
parent	b4f4ac8e4540a4a5d254dda2873968bbbfe2b8be (diff)