Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_apps_Settings / ea2fa0d98a9777e37815624bf3e4345b4c6df643^1..ea2fa0d98a9777e37815624bf3e4345b4c6df643 / .
commitea2fa0d98a9777e37815624bf3e4345b4c6df643[log] [tgz]
authorCarlos Valdivia <carlosvaldivia@google.com>Thu Sep 11 17:12:11 2014 +0000
committerAndroid Git Automerger <android-git-automerger@android.com>Thu Sep 11 17:12:11 2014 +0000
treec093b3689ac24c56f5afe95c0a381635bdb0f042
parent2719eebfc5e7fcfdac417be9a4ae07e25abcaaea [diff]
parentdb591467f6ae0e082c0ce627874a851f1926d63a [diff]
am db591467: am 737d2d53: am 61ced6d4: am 01137c20: am 663b4e97: am 37b58a42: SECURITY: Don\'t pass a usable Pending Intent to 3rd parties.

* commit 'db591467f6ae0e082c0ce627874a851f1926d63a':
  SECURITY: Don't pass a usable Pending Intent to 3rd parties.

diff --git a/src/com/android/settings/accounts/AddAccountSettings.java b/src/com/android/settings/accounts/AddAccountSettings.java
index 39906eb..add3f86 100644
--- a/src/com/android/settings/accounts/AddAccountSettings.java
+++ b/src/com/android/settings/accounts/AddAccountSettings.java

@@ -23,6 +23,7 @@
 import android.accounts.OperationCanceledException;
 import android.app.Activity;
 import android.app.PendingIntent;
+import android.content.ComponentName;
 import android.content.Context;
 import android.content.Intent;
 import android.os.Bundle;
@@ -62,6 +63,7 @@
      * application.
      */
     private static final String KEY_CALLER_IDENTITY = "pendingIntent";
+    private static final String SHOULD_NOT_RESOLVE = "SHOULDN'T RESOLVE!";
 
     private static final String TAG = "AccountSettings";
 
@@ -184,7 +186,21 @@
 
     private void addAccount(String accountType) {
         Bundle addAccountOptions = new Bundle();
-        mPendingIntent = PendingIntent.getBroadcast(this, 0, new Intent(), 0);
+        /*
+         * The identityIntent is for the purposes of establishing the identity
+         * of the caller and isn't intended for launching activities, services
+         * or broadcasts.
+         *
+         * Unfortunately for legacy reasons we still need to support this. But
+         * we can cripple the intent so that 3rd party authenticators can't
+         * fill in addressing information and launch arbitrary actions.
+         */
+        Intent identityIntent = new Intent();
+        identityIntent.setComponent(new ComponentName(SHOULD_NOT_RESOLVE, SHOULD_NOT_RESOLVE));
+        identityIntent.setAction(SHOULD_NOT_RESOLVE);
+        identityIntent.addCategory(SHOULD_NOT_RESOLVE);
+
+        mPendingIntent = PendingIntent.getBroadcast(this, 0, identityIntent, 0);
         addAccountOptions.putParcelable(KEY_CALLER_IDENTITY, mPendingIntent);
         addAccountOptions.putBoolean(EXTRA_HAS_MULTIPLE_USERS, Utils.hasMultipleUsers(this));
         AccountManager.get(this).addAccount(