From 1d86c8b29922525972559e00e26c1fcd6f496353 Mon Sep 17 00:00:00 2001
From: Nate Myren <ntmyren@google.com>
Date: Thu, 22 Sep 2022 15:23:24 -0700
Subject: RESTRICT AUTOMERGE Validate permission tree size on permission update

Bug: 242537498
Test: manual
Change-Id: I15343e84c1802d6b89249106263319a6539fa73b
---
 .../java/com/android/server/pm/permission/PermissionManagerService.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index 2662f620cbd4..d867adb961e6 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -657,8 +657,8 @@ public class PermissionManagerService extends IPermissionManager.Stub {
             Permission bp = mRegistry.getPermission(info.name);
             added = bp == null;
             int fixedLevel = PermissionInfo.fixProtectionLevel(info.protectionLevel);
+            enforcePermissionCapLocked(info, tree);
             if (added) {
-                enforcePermissionCapLocked(info, tree);
                 bp = new Permission(info.name, tree.getPackageName(), Permission.TYPE_DYNAMIC);
             } else if (!bp.isDynamic()) {
                 throw new SecurityException("Not allowed to modify non-dynamic permission "
-- 
cgit v1.2.3-59-g8ed1b