Fix security vulnerability when register phone accounts. am: 833dd8480a am: 581e22326e
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/services/Telecomm/+/20028194
Change-Id: I41cf54d81f1c9deddc29f8e3d47327d23cbc036c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/src/com/android/server/telecom/PhoneAccountRegistrar.java b/src/com/android/server/telecom/PhoneAccountRegistrar.java
index 0e06fba..b5b22ef 100644
--- a/src/com/android/server/telecom/PhoneAccountRegistrar.java
+++ b/src/com/android/server/telecom/PhoneAccountRegistrar.java
@@ -49,6 +49,7 @@
import android.text.TextUtils;
import android.util.AtomicFile;
import android.util.Base64;
+import android.util.EventLog;
import android.util.Xml;
// TODO: Needed for move to system service: import com.android.internal.R;
@@ -816,6 +817,7 @@
PhoneAccount oldAccount = getPhoneAccountUnchecked(account.getAccountHandle());
if (oldAccount != null) {
+ enforceSelfManagedAccountUnmodified(account, oldAccount);
mState.accounts.remove(oldAccount);
isEnabled = oldAccount.isEnabled();
Log.i(this, "Modify account: %s", getAccountDiffString(account, oldAccount));
@@ -876,6 +878,19 @@
}
}
+ private void enforceSelfManagedAccountUnmodified(PhoneAccount newAccount,
+ PhoneAccount oldAccount) {
+ if (oldAccount.hasCapabilities(PhoneAccount.CAPABILITY_SELF_MANAGED) &&
+ (!newAccount.hasCapabilities(PhoneAccount.CAPABILITY_SELF_MANAGED))) {
+ EventLog.writeEvent(0x534e4554, "246930197");
+ Log.w(this, "Self-managed phone account %s replaced by a non self-managed one",
+ newAccount.getAccountHandle());
+ throw new IllegalArgumentException("Error, cannot change a self-managed "
+ + "phone account " + newAccount.getAccountHandle()
+ + " to other kinds of phone account");
+ }
+ }
+
/**
* Un-registers all phone accounts associated with a specified package.
*