Add the check for authority access on related APIs. - platform/frameworks/base

diff options

author	Jackal Guo <jackalguo@google.com>	2022-06-27 14:38:20 +0800
committer	Jackal Guo <jackalguo@google.com>	2022-07-11 09:38:32 +0800
commit	c2f85365b67e2c7e18709e398b916f938c8d2c62 (patch)
tree	91c91fcc1ba0147279e22a8e0ee0b4c967c38b03 /libs/androidfw/misc.cpp
parent	a274071090babd3ae0b296669fd860d54c769c7f (diff)

Add the check for authority access on related APIs.

Several sync-related APIs in ContentService leave the possibility that malicious code could do a side channel attack. Apply the app visibility check to mitigate this. Bug: 207133734 Bug: 207670653 Bug: 207671082 Bug: 208257015 Bug: 208257145 Bug: 208258815 Bug: 208258924 Test: atest CtsContentTestCases Test: atest CtsProviderTestCases Test: atest CtsSyncManagerTestsCases Test: atest FrameworksCoreTests:ContentResolverTest Test: atest FrameworksCoreTests:ManagedUserContentResolverTest Test: atest FrameworksCoreTests:SecondaryUserContentResolverTest Test: manually using the PoC in the buganizer to ensure the symptom no longer exists. Change-Id: I56f40560b7d7546e50107b76a4800f0716dfe40f

Diffstat (limited to 'libs/androidfw/misc.cpp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: