From 873d4bffb26cf2673ddfa949928186c7c99dd564 Mon Sep 17 00:00:00 2001
From: SongFerngWang <songferngwang@google.com>
Date: Wed, 5 May 2021 21:33:00 +0800
Subject: [security] SubscriptionGroup is exposed to unprivileged callers

SubscriptionInfo.mGroupUUID is not cleared in
conditionallyRemoveIdentifiers if the caller only has READ_PHONE_STATE
(based on a check to checkReadPhoneState) and not READ_DEVICE_IDENTIFIERS.
Bug: 181053462
Test: atest SubscriptionManagerTest

Change-Id: Ic2b62523330dc6e2169ad851715c4ab3da3b29cf
Merged-In: Ic2b62523330dc6e2169ad851715c4ab3da3b29cf
---
 telephony/java/android/telephony/SubscriptionInfo.java | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/telephony/java/android/telephony/SubscriptionInfo.java b/telephony/java/android/telephony/SubscriptionInfo.java
index fcfc728b2c7b..66b50585db6c 100644
--- a/telephony/java/android/telephony/SubscriptionInfo.java
+++ b/telephony/java/android/telephony/SubscriptionInfo.java
@@ -519,6 +519,13 @@ public class SubscriptionInfo implements Parcelable {
         return mGroupUUID;
     }
 
+    /**
+     * @hide
+     */
+    public void clearGroupUuid() {
+        this.mGroupUUID = null;
+    }
+
     /**
      * @hide
      */
-- 
cgit v1.2.3-59-g8ed1b