OSDN Git Service
Siarhei Vishniakou [Fri, 28 Jul 2017 01:24:01 +0000 (18:24 -0700)]
DO NOT MERGE Remove window obscurement information.
If ACTION_OUTSIDE_EVENTS contain information about whether the touch is
obscured, then a pattern of invisible, untouchable, unfocusable
SYSTEM_ALERT_WINDOWS can be placed across the screen to determine
approximate locations of touch events without the user knowing.
Bug:
31097064
Test: cts-tradefed run cts --class android.security.cts.MotionEventTest
Change-Id: I081a483c491dd384e252f0b615affee96038fdda
Phil Weaver [Tue, 11 Jul 2017 00:27:20 +0000 (17:27 -0700)]
Back-port fixes for b/
62196835
Bug:
62196835
Test: Created an accessibility service that displays a system
and a toast overlay, confirmed that it disappeared when we
reached the accessibility permission screen that uses this
flag.
Change-Id: Ibb4c2c6a30de6b4ce8d27c34caa02e2d8148f621
Fyodor Kupolov [Fri, 10 Mar 2017 02:39:09 +0000 (02:39 +0000)]
Merge "[DO NOT MERGE] Throw exception if slot has invalid offset" into klp-dev
Fyodor Kupolov [Wed, 22 Feb 2017 22:12:50 +0000 (14:12 -0800)]
[DO NOT MERGE] Throw exception if slot has invalid offset
Previously the process would crash, which is OK, but complicates testing.
Test: cts-tradefed run cts --module CtsContentTestCases
--test android.content.cts.ContentProviderCursorWindowTest
Bug:
34128677
Change-Id: I5b50982d77ec65c442fbb973d14c85a5c29c43c7
(cherry picked from commit
eb6de6f5f10148b9f81f9c0074d1e1f7af21bfb0)
Fyodor Kupolov [Tue, 28 Feb 2017 01:33:18 +0000 (17:33 -0800)]
[DO NOT MERGE] Check bounds in offsetToPtr
Check whether specified offset belongs to mData.
Also added a default argument bufferSize to check the end offset.
Size of the ashmem descriptor can be modified between
ashmem_get_size_region call and mmap. createFromParcel method was updated
to check ashmem size again immediately after memory is mapped.
Test: manual - using the test app from the bug
Bug:
34128677
Change-Id: I3ecd1616a870ce20941ce9b20a1843d2b4295750
(cherry picked from commit
45e2e95c2ffeb2d978e2cce80b729ef6ada3b8d2)
Suprabh Shukla [Tue, 31 Jan 2017 02:02:18 +0000 (18:02 -0800)]
DO NOT MERGE Do not call RecoverySystem with DPMS lock held
Bug
30681079
Change-Id: Ia832bed0f22396998d6307ab46e262dae9463838
Tom O'Neill [Thu, 15 Dec 2016 18:26:28 +0000 (10:26 -0800)]
Fix exploit where can hide the fact that a location was mocked
- Even if call setTestProviderLocation() with inconsistent providers,
should still end up with a location that is flagged as mocked
- Bug:
33091107
Change-Id: I39e038f25b975989c2e8651bfd9ec9e74073e6cd
Sungsoo [Tue, 18 Oct 2016 05:12:00 +0000 (14:12 +0900)]
DO NOT MERGE) ExifInterface: Close the file when an exception happens
Bug:
32068647, Bug:
30936376
Change-Id: I22fa2384348c890ca726d2b1632cd54e59d25a8f
TreeHugger Robot [Sat, 15 Oct 2016 00:24:31 +0000 (00:24 +0000)]
Merge "DO NOT MERGE Isolated processes don't get precached system service binders" into klp-dev
Suprabh Shukla [Thu, 13 Oct 2016 02:01:11 +0000 (19:01 -0700)]
DO NOT MERGE Isolated processes don't get precached system service binders
More specifically, they get a PackageManager binder -- necessary for
Android process startup and configuration -- but none of the other
usual preloaded service binders.
(backported from commit
2c61c57ac53cbb270b4e76b9d04465f8a3f6eadc)
Bug:
30202228
Change-Id: I3810649f504cd631665ece338a83d2e54d41ad05
Sungsoo [Thu, 13 Oct 2016 03:24:16 +0000 (12:24 +0900)]
DO NOT MERGE) ExifInterface: Provide backward compatibility
ExifInterface.saveAttribute() didn't throw UnsupportedOperationException
before. Use IOException instead of UnsupportedOperationException for
backward compatibility.
Bug:
30936376, Bug:
32068647, Bug:
31319086
Change-Id: Iacc7b4d91d49edd7bece8f2e738a633a91025eca
Jaewan Kim [Thu, 22 Sep 2016 05:19:34 +0000 (05:19 +0000)]
Merge "DO NOT MERGE Check caller for sending media key to telephony service" into klp-dev
Jaewan Kim [Wed, 21 Sep 2016 02:20:54 +0000 (11:20 +0900)]
DO NOT MERGE Check caller for sending media key to telephony service
Prevent sending media key events from the non-system app to the
telephony service through the AudioManager.dispatchMediaKeyEvent()
or sending media key broadcast directly.
Bug:
29833954
Tested: Installed malicious apps and confirmed that they don't work.
Tested: Run CtsTelecomTestCases and CtsMediaTestCases
Change-Id: I2a9e78196ba7455324e485f098f095d03b47ee15
Ajay Panicker [Wed, 21 Sep 2016 21:08:01 +0000 (21:08 +0000)]
Merge "[DO NOT MERGE] Prevent FDs from being leaked when accepted sockets are closed" into klp-dev
TreeHugger Robot [Tue, 20 Sep 2016 23:44:57 +0000 (23:44 +0000)]
Merge "[DO NOT MERGE] Fix setPairingConfirmation permissions issue (2/2)" into klp-dev
Sudheer Shanka [Mon, 19 Sep 2016 19:59:18 +0000 (19:59 +0000)]
Merge "DO NOT MERGE: Fix deadlock in AcitivityManagerService." into klp-dev
Paul Jensen [Mon, 19 Sep 2016 11:10:59 +0000 (11:10 +0000)]
Merge "Avoid crashing when downloading MitM'd PAC that is too big" into klp-dev
Tadashi G. Takaoka [Fri, 16 Sep 2016 03:00:57 +0000 (12:00 +0900)]
DO NOT MERGE: Catch all exceptions when parsing IME meta data
Bug:
30568284
Change-Id: I0b613f8ce0f014320c5ac1bf445699ea2702a0a2
(manually cherry picked from
9b2997d22e6ce2a15065d8e7608dd77b316c2065)
Sudheer Shanka [Fri, 16 Sep 2016 02:00:43 +0000 (19:00 -0700)]
DO NOT MERGE: Fix deadlock in AcitivityManagerService.
Don't hold mPidsSelfLocked lock when calling
cleanUpApplicationRecordLocked.
Bug:
31463143
Change-Id: I1fddd06f5e35b67fea041741f5746c57a39208ba
Ajay Panicker [Thu, 8 Sep 2016 20:23:02 +0000 (13:23 -0700)]
[DO NOT MERGE] Prevent FDs from being leaked when accepted sockets are closed
Bug:
28672558
Change-Id: I4bc14bd7f098e34012c2ae1eeba2d439145901f0
Ajay Panicker [Thu, 8 Sep 2016 18:01:29 +0000 (11:01 -0700)]
[DO NOT MERGE] Fix setPairingConfirmation permissions issue (2/2)
setPairingConfirmation was set to only require BLUETOOTH_ADMIN
permission which shouldn't be able to set the confirmation itself.
This is restricted to BLUETOOTH_PRIVILEGED permission.
Bug:
29043989
Change-Id: Iddc935f0b02f5ff56e930914b4b664377e786184
Sungsoo [Thu, 8 Sep 2016 07:04:44 +0000 (16:04 +0900)]
DO NOT MERGE) ExifInterface: Make saveAttributes throw an exception before change
ExifInterface object can be created with a unsupported file format.
If saveAttribute is called with an unsupported file format, ExifInterface
makes the file corrupted. This CL prevents those cases by throwing
an exception before making any change on the file.
Bug:
30936376
Change-Id: I915f56b00ec9422b53591ac5534e070a1d6798e6
Paul Jensen [Mon, 22 Aug 2016 13:15:40 +0000 (09:15 -0400)]
Avoid crashing when downloading MitM'd PAC that is too big
There's two pieces to this fix:
1. Move PAC loading off IoThread which isn't meant for
blocking network fetches. If the fetch takes more than
60s Android reboots when the IoThread is used.
2. Limit PAC fetching to 20MB. Any PAC bigger than that
is likely evil.
MitM of PACs should only be possbile when a non-SSL PAC URL
is used.
Change-Id: Ie1658a1c705615dc85a7fc68053f0dad8d048294
Fixes:
30100884
Sudheer Shanka [Fri, 19 Aug 2016 17:07:04 +0000 (17:07 +0000)]
Merge "DO NOT MERGE: Clean up when recycling a pid with a pending launch" into klp-dev
Narayan Kamath [Thu, 18 Aug 2016 09:46:17 +0000 (09:46 +0000)]
Merge "Process: Fix communication with zygote." into klp-dev
Narayan Kamath [Tue, 9 Aug 2016 16:00:25 +0000 (17:00 +0100)]
Process: Fix communication with zygote.
Don't write partial requests, and don't return (or throw) early after
partially reading a response.
bug:
30143607
(cherry-picked from commit
448be0a62209c977593d81617853a8a428d013df)
Change-Id: I5881fdd5e81023cd21fb4d23a471a5031987a1f1
Sudheer Shanka [Sat, 13 Aug 2016 01:49:56 +0000 (18:49 -0700)]
DO NOT MERGE: Clean up when recycling a pid with a pending launch
Fix for accidental launch of a broadcast receiver in an
incorrect app instance.
Bug:
30202481
Change-Id: I84b74edc29ca3fb88048b44af682ecbeb176b774
David Christie [Thu, 11 Aug 2016 18:15:29 +0000 (18:15 +0000)]
Merge "Fix vulnerability where large GPS XTRA data can be injected. -Can potentially crash system with OOM. Bug:
29555864" into klp-dev
Sungsoo Lim [Mon, 25 Jul 2016 02:53:13 +0000 (11:53 +0900)]
DO NOT MERGE: Fix CTS regression
Bug:
30297223, Bug:
30437363
Change-Id: I7b18af40e4eac2713577204428fbfb96cc346582
David Christie [Tue, 26 Jul 2016 00:13:23 +0000 (17:13 -0700)]
Fix vulnerability where large GPS XTRA data can be injected.
-Can potentially crash system with OOM.
Bug:
29555864
Change-Id: I7157f48dddf148a9bcab029cf12e26a58d8054f4
Paul Stewart [Tue, 19 Jul 2016 23:58:59 +0000 (23:58 +0000)]
Merge changes Id25696e4,I939a12a2 into klp-dev
* changes:
Fix string equality comparison
WifiEnterpriseConfiguration: Do not print credentials in toString
Sungsoo Lim [Thu, 14 Jul 2016 07:20:07 +0000 (16:20 +0900)]
DO NOT MERGE: Remove the use of JHEAD in ExifInterface
Bug:
29270469
Change-Id: Iecc3d22375f6a79a81512419cdde31f720cef07c
Paul Stewart [Mon, 21 Mar 2016 16:51:27 +0000 (09:51 -0700)]
Fix string equality comparison
Don't use "==" to compare strings.
Bug:
25624963
Change-Id: Id25696e4fdcbcf4d48ec74e8ed65c1a33716b30c
Paul Stewart [Wed, 11 Nov 2015 18:23:43 +0000 (10:23 -0800)]
WifiEnterpriseConfiguration: Do not print credentials in toString
BUG:
25624963
Change-Id: I939a12a27d6b915d8a9cc8b142f645fba0ee42ec
fionaxu [Tue, 28 Jun 2016 05:52:56 +0000 (22:52 -0700)]
DO NOT MERGE revert public api loadSafeLabel
Bug:
28557603
Change-Id: Ic9d9ae0b59fe86f70aaea311380cacf222ee3a0c
Christopher Tate [Sat, 11 Jun 2016 00:59:44 +0000 (17:59 -0700)]
DO NOT MERGE: Don't trust callers to supply app info to bindBackupAgent()
Get the canonical identity and metadata about the package from the
Package Manager at time of usage rather than rely on the caller to
have gotten things right, even when the caller has the system uid.
Bug
28795098
Change-Id: I62710b15bb601fdfedd68e32349168c10725eb45
fionaxu [Wed, 8 Jun 2016 00:28:39 +0000 (17:28 -0700)]
DO NOT MERGE fix build breakage on k
Bug:
28557603
Change-Id: I3beae9e8cb6315654d7681d484fbb861fa8b1889
fionaxu [Fri, 3 Jun 2016 01:49:01 +0000 (18:49 -0700)]
Backport loadSafeLabel changes
Bug:
23531798
Bug:
28557603
Change-Id: Iee49f7c37d6a42fe74077bb15ed47919d351d172
Paul Jensen [Thu, 26 May 2016 13:18:04 +0000 (13:18 +0000)]
Merge "Don't pass URL path and username/password to PAC scripts" into klp-dev
John Reck [Mon, 26 Aug 2013 23:53:40 +0000 (16:53 -0700)]
DO NOT MERGE Cherry pick libpng usage fixes
------------------------------------------
This is a combination of 2 commits.
The first commit's message is:
Forward compatibility fixes
Change-Id: Iaf387a10c387e5e157bb16d120a1e033b3d1a6e8
-------------------------------------------
This is the 2nd commit message:
libpng usage tweaks
Bug:
10447005
Call png_set_interlace_handling explicitly instead of relying on
implicit handling that logs warnings
Include filename when printing warnings
Change-Id: Ia343427f5522dc8ab1010f8d7017e86f389caf99
-------------------------------------------
BUG:
23265085
Paul Jensen [Fri, 15 Apr 2016 14:41:13 +0000 (10:41 -0400)]
Don't pass URL path and username/password to PAC scripts
The URL path could contain credentials that apps don't want exposed
to a potentially malicious PAC script.
Bug:
27593919
Change-Id: I4bb0362fc91f70ad47c4c7453d77d6f9a1e8eeed
Todd Kennedy [Mon, 4 Apr 2016 19:29:59 +0000 (12:29 -0700)]
DO NOT MERGE Fix intent filter priorities
Since this is a backport, there is only one rule that guards intent
filter priorities:
1) Updates will NOT be granted a priority greater than the priority
defined on the system image.
NOTE: I had to bring in pieces of ag/526831 so intent filters could
be collected and matched
Bug:
27450489
Change-Id: Ifcec4d7a59e684331399abc41eea1bd6876155a4
Shreyas Basarge [Thu, 18 Feb 2016 11:56:05 +0000 (11:56 +0000)]
NPE fix for SyncStorageEngine read authority
Add a null check after an authority is read
from disk.
Bug:
26513719
Change-Id: I18f01828141110e776cc96f3b3be3d80125e70c1
Matthew Williams [Tue, 19 Jan 2016 23:04:04 +0000 (23:04 +0000)]
DO NOT MERGE Redact Account info from getCurrentSyncs
BUG:
26094635
If the caller to ContentResolver#getCurrentSyncs does not hold the
GET_ACCOUNTS permission, return a SyncInfo object that does not
contain any Account information.
Change-Id: I5628ebe1f56c8e3f784aaf1b3281e6b829d19314
(cherry picked from commit
b63057e698a01dafcefc7ba09b397b0336bba43d)
Shreyas Basarge [Thu, 12 Nov 2015 15:32:44 +0000 (15:32 +0000)]
Sync extras bundle comparison can throw NPE
Bug:
23591205
Change-Id: I960dfcc1584c0a17685790d5d722eaf11b930e25
Zach Jang [Fri, 11 Sep 2015 23:35:04 +0000 (16:35 -0700)]
DO NOT MERGE - Backport of ag/748165 to klp-dev
Security patch level in Settings
b/
23946860
Change-Id: I610d4dedf18fe1825d7df5febf29e6f0c006490d
Sebastien Hertz [Mon, 10 Aug 2015 16:55:34 +0000 (18:55 +0200)]
Allow debugging only for apps forked from zygote DO NOT MERGE
When starting the runtime from app_process, we only pass JDWP options
if starting zygote. It prevents from opening a JDWP connection in
non-zygote programs while Android apps (forked from zygote) remain
debuggable.
Bug:
23050463
(cherry picked from commit
7a09b8322cab26d6e3da1362d3c74964ae66b5d4)
Change-Id: I2400ecc8aea7579c43300efccf288b69f70eef53
Wale Ogunwale [Wed, 1 Jul 2015 16:06:32 +0000 (16:06 +0000)]
Merge "Prevent system uid component from running in an app process" into klp-dev
Amit Mahajan [Thu, 11 Jun 2015 00:02:39 +0000 (17:02 -0700)]
DO NOT MERGE Change to add STK_PERMISSION for stk related commands.
Bug:
21697171
Change-Id: I7649c7341428194963ac74e9ae622dfa76ea738b
Wale Ogunwale [Thu, 25 Jun 2015 16:29:58 +0000 (09:29 -0700)]
Prevent system uid component from running in an app process
Bug:
21669445
Change-Id: I792c6e676d4b6d54a51228d264130b8125075d98
Leon Scroggins III [Fri, 29 May 2015 20:13:11 +0000 (16:13 -0400)]
DO NOT MERGE: Ensure that unparcelling Region only reads the expected number of bytes
bug:
20883006
Change-Id: I4f109667fb210a80fbddddf5f1bfb7ef3a02b6ce
Leon Scroggins III [Tue, 26 May 2015 20:41:09 +0000 (16:41 -0400)]
Check that the parcel contained the expected amount of region data. DO NOT MERGE
bug:
20883006
Change-Id: Ib47a8ec8696dbc37e958b8dbceb43fcbabf6605b
Leon Scroggins III [Wed, 15 Apr 2015 12:16:29 +0000 (08:16 -0400)]
Make Bitmap_createFromParcel check the color count. DO NOT MERGE
When reading from the parcel, if the number of colors is invalid, early
exit.
Add two more checks: setInfo must return true, and Parcel::readInplace
must return non-NULL. The former ensures that the previously read values
(width, height, etc) were valid, and the latter checks that the Parcel
had enough data even if the number of colors was reasonable.
Also use an auto-deleter to handle deletion of the SkBitmap.
Cherry pick from change-Id: Icbd562d6d1f131a723724883fd31822d337cf5a6
BUG=
19666945
Change-Id: I9490d90244e051a4019d6266b2a1cb375a65198f
Jon Larimer [Fri, 30 Jan 2015 21:44:17 +0000 (21:44 +0000)]
am
159aa735: am
d4031809: am
48c95c43: Fix build breakage in older branches by avoiding <> notation
* commit '
159aa73574804967aded45d06b70df5a8dd64a58':
Fix build breakage in older branches by avoiding <> notation
Jon Larimer [Fri, 30 Jan 2015 21:28:59 +0000 (21:28 +0000)]
am
d4031809: am
48c95c43: Fix build breakage in older branches by avoiding <> notation
* commit '
d403180997898c98f0be15b810c4c9dd9002f92c':
Fix build breakage in older branches by avoiding <> notation
Jon Larimer [Fri, 30 Jan 2015 19:30:57 +0000 (19:30 +0000)]
am
48c95c43: Fix build breakage in older branches by avoiding <> notation
* commit '
48c95c4370533bf27e537cbca1e64d060a016c5f':
Fix build breakage in older branches by avoiding <> notation
Jon Larimer [Thu, 29 Jan 2015 20:54:43 +0000 (15:54 -0500)]
Fix build breakage in older branches by avoiding <> notation
Change-Id: I5e3d523dac1f364f52f0d2cab479c1705d667e5a
Jon Larimer [Thu, 29 Jan 2015 18:25:28 +0000 (18:25 +0000)]
am
2982d648: am
de9a76ed: am
fc731e6e: Merge "Fix ParceledListSlice to enforce the same concrete types among its elements." into jb-mr2-dev
* commit '
2982d64802ed0d5b59130680c43485e9d7862e50':
Fix ParceledListSlice to enforce the same concrete types among its elements.
Jon Larimer [Thu, 29 Jan 2015 18:25:24 +0000 (18:25 +0000)]
am
76cdbb04: (-s ours) am
d0318a63: am
7dd12d76: Merge "DO NOT MERGE Restore calling identity before checking permission" into jb-mr2-dev
* commit '
76cdbb0475fe881c8e7320c277e5ea4848be5bff':
DO NOT MERGE Restore calling identity before checking permission
Jon Larimer [Thu, 29 Jan 2015 18:12:01 +0000 (18:12 +0000)]
am
de9a76ed: am
fc731e6e: Merge "Fix ParceledListSlice to enforce the same concrete types among its elements." into jb-mr2-dev
* commit '
de9a76ed997c300a6c5f2f82c517719503af9045':
Fix ParceledListSlice to enforce the same concrete types among its elements.
Jon Larimer [Thu, 29 Jan 2015 18:11:57 +0000 (18:11 +0000)]
am
d0318a63: am
7dd12d76: Merge "DO NOT MERGE Restore calling identity before checking permission" into jb-mr2-dev
* commit '
d0318a63e51107d5589d8970b079c27d8f788c5a':
DO NOT MERGE Restore calling identity before checking permission
Jon Larimer [Thu, 29 Jan 2015 18:00:58 +0000 (18:00 +0000)]
am
fc731e6e: Merge "Fix ParceledListSlice to enforce the same concrete types among its elements." into jb-mr2-dev
* commit '
fc731e6e40f6f449b8e7ac72c2cd36a57c04a32b':
Fix ParceledListSlice to enforce the same concrete types among its elements.
Jon Larimer [Thu, 29 Jan 2015 18:00:55 +0000 (18:00 +0000)]
am
7dd12d76: Merge "DO NOT MERGE Restore calling identity before checking permission" into jb-mr2-dev
* commit '
7dd12d7633663c7f5802bdaaf8e7232a48aba811':
DO NOT MERGE Restore calling identity before checking permission
Jon Larimer [Thu, 29 Jan 2015 17:48:57 +0000 (17:48 +0000)]
Merge "Fix ParceledListSlice to enforce the same concrete types among its elements." into jb-mr2-dev
Jon Larimer [Thu, 29 Jan 2015 17:48:19 +0000 (17:48 +0000)]
Merge "DO NOT MERGE Restore calling identity before checking permission" into klp-dev
Jon Larimer [Thu, 29 Jan 2015 17:48:14 +0000 (17:48 +0000)]
Merge "DO NOT MERGE Restore calling identity before checking permission" into jb-mr2-dev
Adam Lesinski [Fri, 7 Nov 2014 19:26:14 +0000 (11:26 -0800)]
Fix ParceledListSlice to enforce the same concrete types among its elements.
Bug:
17671747
Change-Id: I896f75738e5b464ccb6c03290f139cc2fa72f966
(cherry picked from commit
3df1c38ee098872352086e03d6f1adb16796ee29)
Leon Scroggins III [Tue, 27 Jan 2015 22:31:47 +0000 (22:31 +0000)]
am
93522968: am
01287549: am
9a6143fa: Handle bad ninepatch data.
* commit '
9352296810926eae663477526545a55e1b1f7a27':
Handle bad ninepatch data.
Leon Scroggins III [Tue, 27 Jan 2015 22:17:11 +0000 (22:17 +0000)]
am
01287549: am
9a6143fa: Handle bad ninepatch data.
* commit '
01287549ad415c51377683696eb37c362d43061a':
Handle bad ninepatch data.
Leon Scroggins III [Tue, 27 Jan 2015 22:01:08 +0000 (22:01 +0000)]
am
9a6143fa: Handle bad ninepatch data.
* commit '
9a6143fab7d93797e4b22a12b89e07c160e5c31d':
Handle bad ninepatch data.
Leon Scroggins III [Tue, 27 Jan 2015 16:12:02 +0000 (11:12 -0500)]
Handle bad ninepatch data.
Changes proposed by Ben Hawkes of Google Project Zero.
NinePatchPeeker.cpp:
Instead of asserting, return false for bad data.
ResourceTypes.h:
Store ninepatch values as unsigned.
BUG:
19151999
Change-Id: Ibe35e7569f632c6bb8a34a7701e26bb6ed547ec2
(cherry picked from commit
a730ef3f77fc495bc90199b4d45efab26d609782)
Todd Kennedy [Wed, 14 Jan 2015 23:40:46 +0000 (15:40 -0800)]
DO NOT MERGE Restore calling identity before checking permission
Using the system service identity to check the CHANGE_CONFIGURATION
permission isn't likely to catch a security violation. Changing
back to the original caller and then checking permissions is
preferred.
Cherry picked from lmp. Fixes bug
15989465.
Change-Id: Iff08d04422bcc052a487194154f1fd0d727d38f4
Todd Kennedy [Wed, 14 Jan 2015 23:25:13 +0000 (15:25 -0800)]
DO NOT MERGE Restore calling identity before checking permission
Using the system service identity to check the CHANGE_CONFIGURATION
permission isn't likely to catch a security violation. Changing
back to the original caller and then checking permissions is
preferred.
Cherry picked from lmp. Fixes bug
15989465.
Change-Id: Iff08d04422bcc052a487194154f1fd0d727d38f4
Deepanshu Gupta [Fri, 9 Jan 2015 03:10:07 +0000 (19:10 -0800)]
Special case AppCompat to show action bar.
Bug: http://b.android.com/78944
Change-Id: I02d68d592d812016744716f99376cfefd519b21b
Eric Laurent [Mon, 10 Nov 2014 23:24:02 +0000 (23:24 +0000)]
am
e8c1a97f: am
3b92fc04: am
1c2b0d52: AudioEffect JNI: use new max preprocessing constant
* commit '
e8c1a97fa33797df528265b6f0b0c2c39ac2c589':
AudioEffect JNI: use new max preprocessing constant
Eric Laurent [Mon, 10 Nov 2014 23:20:06 +0000 (23:20 +0000)]
am
3b92fc04: am
1c2b0d52: AudioEffect JNI: use new max preprocessing constant
* commit '
3b92fc04700a68dab3c3c4a873535837c4e51e8b':
AudioEffect JNI: use new max preprocessing constant
Eric Laurent [Mon, 10 Nov 2014 23:11:00 +0000 (23:11 +0000)]
am
1c2b0d52: AudioEffect JNI: use new max preprocessing constant
* commit '
1c2b0d52144dc94a7d1dcefb7e4fbd7fb29f5202':
AudioEffect JNI: use new max preprocessing constant
Eric Laurent [Wed, 5 Nov 2014 20:18:05 +0000 (12:18 -0800)]
AudioEffect JNI: use new max preprocessing constant
Bug:
18226810.
Change-Id: Ica5677da247268306b34dfce38f25394586817fd
(cherry picked from commit
b27a8a5bcc40054f6d775d070bc2de6eb996d1c2)
Tom Taylor [Tue, 4 Nov 2014 19:08:16 +0000 (19:08 +0000)]
am
192a3904: am
23fb2972: am
d7044fe1: am
b2e54c1b: am
75e7fbaa: am
37906e6e: am
44f6d0d5: am
4c5b16d7: am
66aa87ae: am
90743d64: am
bfb7ffeb: Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
* commit '
192a39044290be84a1086a876a9d4ab0571ab97b':
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Tom Taylor [Tue, 4 Nov 2014 19:00:42 +0000 (19:00 +0000)]
am
23fb2972: am
d7044fe1: am
b2e54c1b: am
75e7fbaa: am
37906e6e: am
44f6d0d5: am
4c5b16d7: am
66aa87ae: am
90743d64: am
bfb7ffeb: Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
* commit '
23fb29723c47b2aeb6aecc382a503630a8d8e983':
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Tom Taylor [Tue, 4 Nov 2014 18:50:31 +0000 (18:50 +0000)]
am
d7044fe1: am
b2e54c1b: am
75e7fbaa: am
37906e6e: am
44f6d0d5: am
4c5b16d7: am
66aa87ae: am
90743d64: am
bfb7ffeb: Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
* commit '
d7044fe1f12b48cc7ba6803772ec4a2f2fe14c19':
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Tom Taylor [Tue, 4 Nov 2014 18:39:38 +0000 (18:39 +0000)]
am
b2e54c1b: am
75e7fbaa: am
37906e6e: am
44f6d0d5: am
4c5b16d7: am
66aa87ae: am
90743d64: am
bfb7ffeb: Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
* commit '
b2e54c1b46c275d017fb5bef17add3eb4c465508':
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Tom Taylor [Tue, 4 Nov 2014 18:30:23 +0000 (18:30 +0000)]
am
75e7fbaa: am
37906e6e: am
44f6d0d5: am
4c5b16d7: am
66aa87ae: am
90743d64: am
bfb7ffeb: Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
* commit '
75e7fbaa83448753a1db9647e58693f1a281900c':
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Tom Taylor [Tue, 4 Nov 2014 18:23:51 +0000 (18:23 +0000)]
am
37906e6e: am
44f6d0d5: am
4c5b16d7: am
66aa87ae: am
90743d64: am
bfb7ffeb: Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
* commit '
37906e6ebc1985ad4b7151116b7cf4fef8322b19':
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Tom Taylor [Tue, 4 Nov 2014 18:18:16 +0000 (18:18 +0000)]
am
44f6d0d5: am
4c5b16d7: am
66aa87ae: am
90743d64: am
bfb7ffeb: Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
* commit '
44f6d0d5810ce507394cc514481d977315d2496f':
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Tom Taylor [Tue, 4 Nov 2014 18:11:02 +0000 (18:11 +0000)]
am
4c5b16d7: am
66aa87ae: am
90743d64: am
bfb7ffeb: Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
* commit '
4c5b16d7409bbd947af3e0dadf4b1901b48e4cd7':
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Tom Taylor [Tue, 4 Nov 2014 18:03:07 +0000 (18:03 +0000)]
am
66aa87ae: am
90743d64: am
bfb7ffeb: Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
* commit '
66aa87ae0355a4e6c8ed56704fec4fb225ed18f6':
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Tom Taylor [Tue, 4 Nov 2014 17:53:14 +0000 (17:53 +0000)]
am
90743d64: am
bfb7ffeb: Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
* commit '
90743d6409eaecdc869fdcf891ffff8b0a5757ec':
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Tom Taylor [Tue, 4 Nov 2014 17:43:41 +0000 (17:43 +0000)]
am
bfb7ffeb: Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
* commit '
bfb7ffeb3e240784c1ea2a50187c120e6445b20e':
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Tom Taylor [Wed, 15 Oct 2014 16:45:39 +0000 (09:45 -0700)]
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Bug
17969135
Use query (instead of rawQuery) and pass in arguments instead of building
the query with a giant string. Add a unit test that fails with the old
code but passes with the new code.
Change-Id: Id04a1db6fb95fcd923e1f36f5ab3b94402590918
Tom Taylor [Tue, 14 Oct 2014 20:38:17 +0000 (13:38 -0700)]
Externally Reported Moderate Security Issue: SQL Injection in WAPPushManager
Bug
17969135
Use query (instead of rawQuery) and pass in arguments instead of building
the query with a giant string. Add a unit test that fails with the old
code but passes with the new code.
Change-Id: Id04a1db6fb95fcd923e1f36f5ab3b94402590918
Deepanshu Gupta [Fri, 26 Sep 2014 05:43:38 +0000 (05:43 +0000)]
am
941a8f03: (-s ours) am
0c4893ec: am
2889942f: am
bfeeee8e: (-s ours) am
ecbe6045: am
6950920f: am
1fce990c: am
04861ed4: am
91043364: am
52be792b: am
27d3b926: Fix error when using list as actionBarNavMode. [DO NOT MERGE]
* commit '
941a8f03599b91f752c455dceef993887c4b9b20':
Fix error when using list as actionBarNavMode. [DO NOT MERGE]
Deepanshu Gupta [Fri, 26 Sep 2014 05:32:09 +0000 (05:32 +0000)]
am
0c4893ec: am
2889942f: am
bfeeee8e: (-s ours) am
ecbe6045: am
6950920f: am
1fce990c: am
04861ed4: am
91043364: am
52be792b: am
27d3b926: Fix error when using list as actionBarNavMode. [DO NOT MERGE]
* commit '
0c4893ece99418842538db496bb8d53b767b335b':
Fix error when using list as actionBarNavMode. [DO NOT MERGE]
Deepanshu Gupta [Fri, 26 Sep 2014 05:24:06 +0000 (05:24 +0000)]
am
48d0fd99: (-s ours) am
ee41b79c: am
7d23e405: am
f1033174: (-s ours) am
93b185e3: am
363f4d4e: am
8bf221bd: Fix error when using list as actionBarNavMode. [DO NOT MERGE]
* commit '
48d0fd99f0a25829f191e7f7ed35cf8d0a2b5902':
Fix error when using list as actionBarNavMode. [DO NOT MERGE]
Deepanshu Gupta [Fri, 26 Sep 2014 05:20:48 +0000 (05:20 +0000)]
am
2889942f: am
bfeeee8e: (-s ours) am
ecbe6045: am
6950920f: am
1fce990c: am
04861ed4: am
91043364: am
52be792b: am
27d3b926: Fix error when using list as actionBarNavMode. [DO NOT MERGE]
* commit '
2889942f4ee7762cdbd097cf3ceea16444f8841a':
Fix error when using list as actionBarNavMode. [DO NOT MERGE]
Deepanshu Gupta [Fri, 26 Sep 2014 05:13:09 +0000 (05:13 +0000)]
am
ee41b79c: am
7d23e405: am
f1033174: (-s ours) am
93b185e3: am
363f4d4e: am
8bf221bd: Fix error when using list as actionBarNavMode. [DO NOT MERGE]
* commit '
ee41b79c5735bb3399108bb62de1145fffff3904':
Fix error when using list as actionBarNavMode. [DO NOT MERGE]
Deepanshu Gupta [Fri, 26 Sep 2014 05:09:54 +0000 (05:09 +0000)]
am
bfeeee8e: (-s ours) am
ecbe6045: am
6950920f: am
1fce990c: am
04861ed4: am
91043364: am
52be792b: am
27d3b926: Fix error when using list as actionBarNavMode. [DO NOT MERGE]
* commit '
bfeeee8e4a9cf4bf32067c2ca5807cd612564a99':
Fix error when using list as actionBarNavMode. [DO NOT MERGE]
Deepanshu Gupta [Fri, 26 Sep 2014 05:02:22 +0000 (05:02 +0000)]
am
ecbe6045: am
6950920f: am
1fce990c: am
04861ed4: am
91043364: am
52be792b: am
27d3b926: Fix error when using list as actionBarNavMode. [DO NOT MERGE]
* commit '
ecbe6045911ac7c05a1e999b966577ef7b1bdc18':
Fix error when using list as actionBarNavMode. [DO NOT MERGE]
Deepanshu Gupta [Fri, 26 Sep 2014 04:57:59 +0000 (04:57 +0000)]
am
7d23e405: am
f1033174: (-s ours) am
93b185e3: am
363f4d4e: am
8bf221bd: Fix error when using list as actionBarNavMode. [DO NOT MERGE]
* commit '
7d23e405bd3a18f871bcf9856b5a9bcc0ccb1236':
Fix error when using list as actionBarNavMode. [DO NOT MERGE]
Deepanshu Gupta [Fri, 26 Sep 2014 04:49:31 +0000 (04:49 +0000)]
am
6950920f: am
1fce990c: am
04861ed4: am
91043364: am
52be792b: am
27d3b926: Fix error when using list as actionBarNavMode. [DO NOT MERGE]
* commit '
6950920f19980a2416e156d2337b93e386b3f8be':
Fix error when using list as actionBarNavMode. [DO NOT MERGE]