Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_base / 649ff85e3af1d5b49d54374b6b09a7defabcb386^2..649ff85e3af1d5b49d54374b6b09a7defabcb386 / .
commit649ff85e3af1d5b49d54374b6b09a7defabcb386[log] [tgz]
authorDmitry Dementyev <dementyev@google.com>Mon Apr 01 20:26:11 2024 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>Mon Apr 01 20:26:11 2024 +0000
tree37379aca3f0607215110931b6817da8495e26bb3
parentc2a58a3bb7a9117d9df5e4613e6bd69e7792e411 [diff]
parent36db8a1d61a881f89fdd3911886adcda6e1f0d7f [diff]
Merge "Add more checkKeyIntent checks to AccountManagerService." into sc-dev
diff --git a/core/java/android/content/AttributionSource.java b/core/java/android/content/AttributionSource.java
index 2f61fee..ec56f9a 100644
--- a/core/java/android/content/AttributionSource.java
+++ b/core/java/android/content/AttributionSource.java

@@ -30,6 +30,7 @@
 import android.os.Process;
 import android.permission.PermissionManager;
 import android.util.ArraySet;
+import android.util.Log;
 
 import com.android.internal.annotations.Immutable;
 
@@ -86,6 +87,8 @@
  */
 @Immutable
 public final class AttributionSource implements Parcelable {
+    private static final String TAG = "AttributionSource";
+
     private static final String DESCRIPTOR = "android.content.AttributionSource";
 
     private static final Binder sDefaultToken = new Binder(DESCRIPTOR);
@@ -153,9 +156,20 @@
     AttributionSource(@NonNull Parcel in) {
         this(AttributionSourceState.CREATOR.createFromParcel(in));
 
-        // Since we just unpacked this object as part of it transiting a Binder
-        // call, this is the perfect time to enforce that its UID and PID can be trusted
-        enforceCallingUidAndPid();
+        if (!Binder.isHandlingTransaction()) {
+            Log.e(TAG, "Unable to verify calling UID #" + mAttributionSourceState.uid + " PID #"
+                    + mAttributionSourceState.pid + " when not handling Binder transaction; "
+                    + "clearing.");
+            mAttributionSourceState.pid = -1;
+            mAttributionSourceState.uid = -1;
+            mAttributionSourceState.packageName = null;
+            mAttributionSourceState.attributionTag = null;
+            mAttributionSourceState.next = null;
+        } else {
+            // Since we just unpacked this object as part of it transiting a Binder
+            // call, this is the perfect time to enforce that its UID and PID can be trusted
+            enforceCallingUidAndPid();
+        }
     }
 
     /** @hide */

diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index dd8b96e..31babe0 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java

@@ -691,6 +691,7 @@
                 // TODO: switch this back to SecurityException
                 Slog.wtf(TAG, "Not allowed to modify non-dynamic permission "
                         + permName);
+                return;
             }
             mRegistry.removePermission(permName);
         }