Prevent apps from accessing protected content providers without query - platform/frameworks/base

diff options

author	Sumedh Sen <sumedhsen@google.com>	2022-07-11 10:53:46 -0700
committer	Sumedh Sen <sumedhsen@google.com>	2022-07-22 14:59:59 -0700
commit	d81a7d0088a1b37edf4249189d18f556bfce0aac (patch)
tree	48fbb7356bcbb3bfda442364db2264fccd5391e4 /libs/androidfw/StringPool.cpp
parent	da14f1f46b665c25d5175cae15b19cf243ebb1e9 (diff)

Prevent apps from accessing protected content providers without query

permission -If a package tried to access a protected content provider (i.e. a content provider with grantUriPermission=false), without having adequate visibility, calling package would force close due to a SecurityException. -InstallStart now checks if the calling package has visibility of the package defining the content provider and also handles the SecurityException if raised. Bug: 195963690 Test: atest CtsContentProviderTestsWithVisibility CtsContentProviderTestsWithoutvisibility Change-Id: I50ee644461402a6aa9885958b763dc3d1bc07562

Diffstat (limited to 'libs/androidfw/StringPool.cpp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: