summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDave Sparks <davidsparks@android.com>2009-05-20 19:20:31 -0700
committerDave Sparks <davidsparks@android.com>2009-05-20 19:20:31 -0700
commit510d6566bd2494991fac07aee46fcb2ddac99c13 (patch)
tree8c713bbfd2362bec94aba95c4a0dee8576096351
parent4afdfa7fd7e9fe59fb298ef2ac252686e68bc73a (diff)
downloadframeworks_av-510d6566bd2494991fac07aee46fcb2ddac99c13.zip
frameworks_av-510d6566bd2494991fac07aee46fcb2ddac99c13.tar.gz
frameworks_av-510d6566bd2494991fac07aee46fcb2ddac99c13.tar.bz2
Fix permission hole for RECORD_AUDIO created when we moved the MediaRecorder
implementation to the mediaserver process. The permission check was previously enforced only at the AudioRecord binder interface for clients not in the same process. This change adds an additional check when the client tries to set the audio source. Bug 1868334
Diffstat
-rw-r--r--media/libmediaplayerservice/MediaRecorderClient.cpp4
1 files changed, 4 insertions, 0 deletions
diff --git a/media/libmediaplayerservice/MediaRecorderClient.cpp b/media/libmediaplayerservice/MediaRecorderClient.cpp
index e0d2947..8bc410c 100644
--- a/media/libmediaplayerservice/MediaRecorderClient.cpp
+++ b/media/libmediaplayerservice/MediaRecorderClient.cpp
@@ -37,6 +37,7 @@
namespace android {
const char* cameraPermission = "android.permission.CAMERA";
+const char* recordAudioPermission = "android.permission.RECORD_AUDIO";
static bool checkPermission(const char* permissionString) {
#ifndef HAVE_ANDROID_OS
@@ -86,6 +87,9 @@ status_t MediaRecorderClient::setVideoSource(int vs)
status_t MediaRecorderClient::setAudioSource(int as)
{
LOGV("setAudioSource(%d)", as);
+ if (!checkPermission(recordAudioPermission)) {
+ return PERMISSION_DENIED;
+ }
Mutex::Autolock lock(mLock);
if (mRecorder == NULL) {
LOGE("recorder is not initialized");
generated by cgit v1.1 at 2024-09-19 19:02:32 +0000