Merge "Change SharedConnectivityService's permission check to use checkCallingOrSelfPermission" into udc-dev am: 68e79acf4a am: e12511f85e
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/21564426
Change-Id: I7e261a662559b1a6926399c15c8e90c6aacd95ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/wifi/java/src/android/net/wifi/sharedconnectivity/service/SharedConnectivityService.java b/wifi/java/src/android/net/wifi/sharedconnectivity/service/SharedConnectivityService.java
index ff7246f..b751f1e 100644
--- a/wifi/java/src/android/net/wifi/sharedconnectivity/service/SharedConnectivityService.java
+++ b/wifi/java/src/android/net/wifi/sharedconnectivity/service/SharedConnectivityService.java
@@ -130,10 +130,17 @@
@RequiresPermission(anyOf = {android.Manifest.permission.NETWORK_SETTINGS,
android.Manifest.permission.NETWORK_SETUP_WIZARD})
+ /**
+ * checkPermissions is using checkCallingOrSelfPermission to support CTS testing of this
+ * service. This does allow a process to bind to itself if it holds the proper
+ * permission. We do not consider this to be an issue given that the process can already
+ * access the service data since they are in the same process.
+ */
private void checkPermissions() {
- if (checkCallingPermission(NETWORK_SETTINGS) != PackageManager.PERMISSION_GRANTED
- && checkCallingPermission(NETWORK_SETUP_WIZARD)
- != PackageManager.PERMISSION_GRANTED) {
+ if (checkCallingOrSelfPermission(NETWORK_SETTINGS)
+ != PackageManager.PERMISSION_GRANTED
+ && checkCallingOrSelfPermission(NETWORK_SETUP_WIZARD)
+ != PackageManager.PERMISSION_GRANTED) {
throw new SecurityException("Calling process must have NETWORK_SETTINGS or"
+ " NETWORK_SETUP_WIZARD permission");
}