Add a mechanism to make pending intents immutable.

bug:19618745 Change-Id: Ice742e0162cb9b7c0afbc32e0eea03d501666e2b
author: Svetoslav <svetoslavganov@google.com> 2015-04-10 17:25:35 -0700
committer: Svetoslav <svetoslavganov@google.com> 2015-04-10 18:19:03 -0700
commit: b0a78390ed834724e9c6adf0feff9931d7f9ec10 (patch)
tree: 95f0a64171ed82c9e7833f8d79d9492112a6db17 /services/appwidget
parent: 682a433d0b8ff3e4e0ffc8d2cfedc8907ab1e83b (diff)
download: frameworks_base-b0a78390ed834724e9c6adf0feff9931d7f9ec10.zip
frameworks_base-b0a78390ed834724e9c6adf0feff9931d7f9ec10.tar.gz
frameworks_base-b0a78390ed834724e9c6adf0feff9931d7f9ec10.tar.bz2
1 files changed, 7 insertions, 4 deletions
diff --git a/services/appwidget/java/com/android/server/appwidget/AppWidgetServiceImpl.java b/services/appwidget/java/com/android/server/appwidget/AppWidgetServiceImpl.java
index da11dad..f42aef1 100644
--- a/services/appwidget/java/com/android/server/appwidget/AppWidgetServiceImpl.java
+++ b/services/appwidget/java/com/android/server/appwidget/AppWidgetServiceImpl.java
@@ -674,7 +674,7 @@ class AppWidgetServiceImpl extends IAppWidgetService.Stub implements WidgetBacku
 
     @Override
     public IntentSender createAppWidgetConfigIntentSender(String callingPackage, int appWidgetId,
-            int intentFlags) {
+            final int intentFlags) {
         final int userId = UserHandle.getCallingUserId();
 
         if (DEBUG) {
@@ -701,18 +701,21 @@ class AppWidgetServiceImpl extends IAppWidgetService.Stub implements WidgetBacku
                 throw new IllegalArgumentException("Widget not bound " + appWidgetId);
             }
 
+            // Make sure only safe flags can be passed it.
+            final int secureFlags = intentFlags & ~Intent.IMMUTABLE_FLAGS;
+
             Intent intent = new Intent(AppWidgetManager.ACTION_APPWIDGET_CONFIGURE);
             intent.putExtra(AppWidgetManager.EXTRA_APPWIDGET_ID, appWidgetId);
             intent.setComponent(provider.info.configure);
-            intent.setFlags(intentFlags);
+            intent.setFlags(secureFlags);
 
             // All right, create the sender.
             final long identity = Binder.clearCallingIdentity();
             try {
                 return PendingIntent.getActivityAsUser(
                         mContext, 0, intent, PendingIntent.FLAG_ONE_SHOT
-                                | PendingIntent.FLAG_CANCEL_CURRENT, null,
-                                new UserHandle(provider.getUserId()))
+                                | PendingIntent.FLAG_IMMUTABLE | PendingIntent.FLAG_CANCEL_CURRENT,
+                                null, new UserHandle(provider.getUserId()))
                         .getIntentSender();
             } finally {
                 Binder.restoreCallingIdentity(identity);
author	Svetoslav <svetoslavganov@google.com>	2015-04-10 17:25:35 -0700
committer	Svetoslav <svetoslavganov@google.com>	2015-04-10 18:19:03 -0700
commit	b0a78390ed834724e9c6adf0feff9931d7f9ec10 (patch)
tree	95f0a64171ed82c9e7833f8d79d9492112a6db17 /services/appwidget
parent	682a433d0b8ff3e4e0ffc8d2cfedc8907ab1e83b (diff)
download	frameworks_base-b0a78390ed834724e9c6adf0feff9931d7f9ec10.zip frameworks_base-b0a78390ed834724e9c6adf0feff9931d7f9ec10.tar.gz frameworks_base-b0a78390ed834724e9c6adf0feff9931d7f9ec10.tar.bz2