diff options
| -rw-r--r-- | services/java/com/android/server/accounts/AccountManagerService.java | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/services/java/com/android/server/accounts/AccountManagerService.java b/services/java/com/android/server/accounts/AccountManagerService.java index 241b224807fb..3b6393722e44 100644 --- a/services/java/com/android/server/accounts/AccountManagerService.java +++ b/services/java/com/android/server/accounts/AccountManagerService.java @@ -1265,6 +1265,11 @@ public class AccountManagerService final boolean customTokens = authenticatorInfo != null && authenticatorInfo.type.customTokens; + // Check to see that the app is authorized to access the account, in case it's a + // restricted account. + if (!ArrayUtils.contains(getAccounts((String) null), account)) { + throw new IllegalArgumentException("no such account"); + } // skip the check if customTokens final int callerUid = Binder.getCallingUid(); final boolean permissionGranted = customTokens || |