Android 15.0.0 Release 14 (AP4A.250205.002)

-----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZ6KKkwAKCRDorT+BmrEO eNPNAJ9gnkbW1rCJwKCH7wajR7iXhjMKygCgjiUaYDMk8xVbU7cNwFc2rcT1GQE= =zte+ -----END PGP SIGNATURE----- gpgsig -----BEGIN SSH SIGNATURE----- U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgPpdpjxPACTIhnlvYz0GM4BR7FJ +rYv3jMbfxNKD3JvcAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5 AAAAQPtLw2mJs3qa8laKKFRzXqvlUnzU9DE9pFMN+YnPdoYXzovs+hYdkFUAwvneuWtS1O AMHiPfSF7NqiZhhU3ZVgE= -----END SSH SIGNATURE----- Merge tag 'android-15.0.0_r14' into staging/lineage-22.1_merge-android-15.0.0_r14 Android 15.0.0 Release 14 (AP4A.250205.002) # -----BEGIN PGP SIGNATURE----- # # iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZ6KKkwAKCRDorT+BmrEO # eNPNAJ9gnkbW1rCJwKCH7wajR7iXhjMKygCgjiUaYDMk8xVbU7cNwFc2rcT1GQE= # =zte+ # -----END PGP SIGNATURE----- # gpg: Signature made Tue Feb 4 23:45:55 2025 EET # gpg: using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78 # gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [ultimate] # By Adam Bookatz (1) and Jason Chiu (1) # Via Android Build Coastguard Worker * tag 'android-15.0.0_r14': Don't let profiles open the UserSettings overflow Block the content scheme intent in AccountTypePreferenceLoader Change-Id: Ibef81d8e48c3e7bfb9046c784d72052ac230ad7a
2025-02-05 17:50:35 +02:00 · 2025-02-05 17:50:35 +02:00 · a0338d65bd
commit a0338d65bd
parent 31ad24c037 446578ba4f
3 changed files with 27 additions and 8 deletions
--- a/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
+++ b/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
@ -20,6 +20,7 @@ package com.android.settings.accounts;
 import android.accounts.Account;
 import android.accounts.AuthenticatorDescription;
 import android.content.ClipData;
+import android.content.ContentResolver;
 import android.content.Context;
 import android.content.Intent;
 import android.content.pm.ActivityInfo;
@ -186,9 +187,9 @@ public class AccountTypePreferenceLoader {
                                    prefIntent, mUserHandle);
                            } else {
                                Log.e(TAG,
-                                    "Refusing to launch authenticator intent because"
-                                        + "it exploits Settings permissions: "
-                                        + prefIntent);
+                                        "Refusing to launch authenticator intent because "
+                                                + "it exploits Settings permissions: "
+                                                + prefIntent);
                            }
                            return true;
                        }
@ -242,13 +243,19 @@ public class AccountTypePreferenceLoader {
    }

    /**
-     * Determines if the supplied Intent is safe. A safe intent is one that is
-     * will launch a exported=true activity or owned by the same uid as the
+     * Determines if the supplied Intent is safe. A safe intent is one that
+     * will launch an exported=true activity or owned by the same uid as the
     * authenticator supplying the intent.
     */
-    private boolean isSafeIntent(PackageManager pm, Intent intent, String acccountType) {
+    @VisibleForTesting
+    boolean isSafeIntent(PackageManager pm, Intent intent, String accountType) {
+        if (TextUtils.equals(intent.getScheme(), ContentResolver.SCHEME_CONTENT)) {
+            Log.e(TAG, "Intent with a content scheme is unsafe.");
+            return false;
+        }
+
        AuthenticatorDescription authDesc =
-            mAuthenticatorHelper.getAccountTypeDescription(acccountType);
+                mAuthenticatorHelper.getAccountTypeDescription(accountType);
        ResolveInfo resolveInfo = pm.resolveActivityAsUser(intent, 0, mUserHandle.getIdentifier());
        if (resolveInfo == null) {
            return false;
--- a/src/com/android/settings/users/UserSettings.java
+++ b/src/com/android/settings/users/UserSettings.java
@ -465,7 +465,7 @@ public class UserSettings extends SettingsPreferenceFragment
    public void onCreateOptionsMenu(Menu menu, MenuInflater inflater) {
        int pos = 0;
        if (!isCurrentUserAdmin() && (canSwitchUserNow() || Flags.newMultiuserSettingsUx())
-                && !isCurrentUserGuest()) {
+                && !isCurrentUserGuest() && !mUserManager.isProfile()) {
            String nickname = mUserManager.getUserName();
            MenuItem removeThisUser = menu.add(0, MENU_REMOVE_USER, pos++,
                    getResources().getString(R.string.user_remove_user_menu, nickname));
--- a/tests/robotests/src/com/android/settings/accounts/AccountTypePreferenceLoaderTest.java
+++ b/tests/robotests/src/com/android/settings/accounts/AccountTypePreferenceLoaderTest.java
@ -30,8 +30,11 @@ import static org.mockito.Mockito.when;
 import android.accounts.Account;
 import android.accounts.AccountManager;
 import android.accounts.AuthenticatorDescription;
+import android.content.ClipData;
 import android.content.Context;
+import android.content.Intent;
 import android.content.pm.PackageManager;
+import android.net.Uri;
 import android.os.UserHandle;

 import androidx.collection.ArraySet;
@ -250,4 +253,13 @@ public class AccountTypePreferenceLoaderTest {
        mPrefLoader.filterBlockedFragments(parent, Set.of("nomatch", "other"));
        verify(pref).setOnPreferenceClickListener(any());
    }
+
+    @Test
+    public void isSafeIntent_hasContextScheme_returnFalse() {
+        Intent intent = new Intent();
+        intent.setClipData(ClipData.newRawUri(null,
+                Uri.parse("content://com.android.settings.files/my_cache/NOTICE.html")));
+
+        assertThat(mPrefLoader.isSafeIntent(mPackageManager, intent, mAccount.type)).isFalse();
+    }
 }