From 5b50cebd18661f9ec3e0ca05516918afbabdb02b Mon Sep 17 00:00:00 2001
From: Songchun Fan <schfan@google.com>
Date: Tue, 26 Apr 2022 23:54:17 +0000
Subject: [SettingsProvider] enforce permission on openFile

Prevent third-party apps to write to ring tone files without permission.

BUG: 222687217
Test: manual debug app
Test: will add a CTS
Change-Id: I759b9674172e2bdb518c1dccfff0f20047343bf0
---
 .../src/com/android/providers/settings/SettingsProvider.java           | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
index 077337cdc8c3..ecfe4850cdd1 100644
--- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
+++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
@@ -818,6 +818,9 @@ public class SettingsProvider extends ContentProvider {
             getContext().enforceCallingPermission(Manifest.permission.INTERACT_ACROSS_USERS,
                     "Access files from the settings of another user");
         }
+        if (mode.contains("w")) {
+            enforceWritePermission(Manifest.permission.WRITE_SETTINGS);
+        }
         uri = ContentProvider.getUriWithoutUserId(uri);
 
         final String cacheRingtoneSetting;
-- 
cgit v1.2.3-59-g8ed1b