diff options
| author | 2023-01-06 18:19:36 +0000 | |
|---|---|---|
| committer | 2023-01-11 11:42:38 +0000 | |
| commit | f2b59bfc5c0a027b4319fb50cf0281e77df7e1fe (patch) | |
| tree | f7c89e417d4f345d0f20032276e4a927474e6bd7 /libs/androidfw/ConfigDescription.cpp | |
| parent | 397065c0f1c40b907c3fab6396d654c4a5b71341 (diff) | |
Make mutable PendingIntent explicit
Starting from target SDK U, we will block creation of mutable
PendingIntents with implicit Intents because attackers can mutate the
Intent object within and launch altered behavior on behalf of victim
apps. For more details on the vulnerability, see go/pendingintent-rca.
From a quick analysis, we concluded that the PendingIntent here was only
destined to the test app/to the app, so it was made explicit. Reviewers,
please call out if this is not the case.
Bug: 236704164
Bug: 229362273
Test: atest RemoteInputViewTest
Test: atest InflatedSmartRepliesTest
Test: atest HeadsUpManagerTest
Test: atest SmartReplyViewTest
Test: atest NotificationUiAdjustmentTest
Test: atest NotificationInterruptStateProviderImplTest
Change-Id: Icfc653910fac99acfab74bb513d0df5b73183ca7
Diffstat (limited to 'libs/androidfw/ConfigDescription.cpp')
0 files changed, 0 insertions, 0 deletions